1 files changed, 14 insertions, 14 deletions

diff --git a/system/api/update.go b/system/api/update.go
index a669a9a..00933fb 100644
--- a/system/api/update.go
+++ b/system/api/update.go
@@ -3,6 +3,7 @@ package api
 import (
 	"context"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"log"
 	"net/http"
@@ -10,15 +11,17 @@ import (
 	"time"
 
 	"github.com/ponzu-cms/ponzu/system/admin/upload"
-	"github.com/ponzu-cms/ponzu/system/admin/user"
 	"github.com/ponzu-cms/ponzu/system/db"
 	"github.com/ponzu-cms/ponzu/system/item"
 )
 
+var ErrNoAuth = errors.New("Auth failed for update request.")
+
 // Updateable accepts or rejects update POST requests to endpoints such as:
 // /api/content/update?type=Review&id=1
 type Updateable interface {
 	// AcceptUpdate allows external content update submissions of a specific type
+	// user.IsValid(req) may be checked in AcceptUpdate to validate the request
 	AcceptUpdate(http.ResponseWriter, *http.Request) error
 }
 
@@ -55,12 +58,6 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) {
 		return
 	}
 
-	if user.IsValid(req) == false {
-		log.Println("[Update] invalid user.")
-		res.WriteHeader(http.StatusBadRequest)
-		return
-	}
-
 	post := p()
 
 	ext, ok := post.(Updateable)
@@ -139,15 +136,18 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) {
 		return
 	}
 
-	err = hook.BeforeAccept(res, req)
+	err = hook.BeforeAcceptUpdate(res, req)
 	if err != nil {
-		log.Println("[Update] error calling BeforeAccept:", err)
+		log.Println("[Update] error calling BeforeAcceptUpdate:", err)
 		return
 	}
 
 	err = ext.AcceptUpdate(res, req)
 	if err != nil {
-		log.Println("[Update] error calling Accept:", err)
+		log.Println("[Update] error calling AcceptUpdate:", err)
+		if err == ErrNoAuth {
+			res.WriteHeader(http.StatusUnauthorized)
+		}
 		return
 	}
 
@@ -160,9 +160,9 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) {
 	// set specifier for db bucket in case content is/isn't Trustable
 	var spec string
 
-	_, err = db.SetContent(t+spec+":"+id, req.PostForm)
+	_, err = db.UpdateContent(t+spec+":"+id, req.PostForm)
 	if err != nil {
-		log.Println("[Update] error calling SetContent:", err)
+		log.Println("[Update] error calling UpdateContent:", err)
 		res.WriteHeader(http.StatusInternalServerError)
 		return
 	}
@@ -177,9 +177,9 @@ func updateContentHandler(res http.ResponseWriter, req *http.Request) {
 		return
 	}
 
-	err = hook.AfterAccept(res, req)
+	err = hook.AfterAcceptUpdate(res, req)
 	if err != nil {
-		log.Println("[Update] error calling AfterAccept:", err)
+		log.Println("[Update] error calling AfterAcceptUpdate:", err)
 		return
 	}