diff options
Diffstat (limited to 'system/api')
| -rw-r--r-- | system/api/handlers.go | 42 |
1 files changed, 38 insertions, 4 deletions
diff --git a/system/api/handlers.go b/system/api/handlers.go index 40a4a1d..ae21500 100644 --- a/system/api/handlers.go +++ b/system/api/handlers.go @@ -36,11 +36,16 @@ func contentsHandler(res http.ResponseWriter, req *http.Request) { return } - if _, ok := item.Types[t]; !ok { + it, ok := item.Types[t] + if !ok { res.WriteHeader(http.StatusNotFound) return } + if hide(it(), res) { + return + } + count, err := strconv.Atoi(q.Get("count")) // int: determines number of posts to return (10 default, -1 is all) if err != nil { if q.Get("count") == "" { @@ -98,14 +103,18 @@ func contentHandler(res http.ResponseWriter, req *http.Request) { return } + if t == "" || id == "" { + res.WriteHeader(http.StatusBadRequest) + return + } + pt, ok := item.Types[t] if !ok { res.WriteHeader(http.StatusNotFound) return } - if t == "" || id == "" { - res.WriteHeader(http.StatusBadRequest) + if hide(pt(), res) { return } @@ -129,14 +138,29 @@ func contentHandler(res http.ResponseWriter, req *http.Request) { func contentHandlerBySlug(res http.ResponseWriter, req *http.Request) { slug := req.URL.Query().Get("slug") + if slug == "" { + res.WriteHeader(http.StatusBadRequest) + return + } + // lookup type:id by slug key in __contentIndex - post, err := db.ContentBySlug(slug) + t, post, err := db.ContentBySlug(slug) if err != nil { log.Println("Error finding content by slug:", slug, err) res.WriteHeader(http.StatusInternalServerError) return } + it, ok := item.Types[t] + if !ok { + res.WriteHeader(http.StatusBadRequest) + return + } + + if hide(it(), res) { + return + } + j, err := fmtJSON(json.RawMessage(post)) if err != nil { res.WriteHeader(http.StatusInternalServerError) @@ -146,6 +170,16 @@ func contentHandlerBySlug(res http.ResponseWriter, req *http.Request) { sendData(res, j, http.StatusOK) } +func hide(it interface{}, res http.ResponseWriter) bool { + // check if should be hidden + if _, ok := it.(item.Hideable); ok { + res.WriteHeader(http.StatusNotFound) + return true + } + + return false +} + func fmtJSON(data ...json.RawMessage) ([]byte, error) { var msg = []json.RawMessage{} for _, d := range data { |