From 099d000119447708d7d0d0482758d352438fa7e5 Mon Sep 17 00:00:00 2001
From: Steve Manuel <nilslice@gmail.com>
Date: Tue, 25 Apr 2017 13:23:37 -0700
Subject: adding support for file upload type and API handler to fetch file
 info

---
 system/admin/upload/upload.go | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

(limited to 'system/admin')

diff --git a/system/admin/upload/upload.go b/system/admin/upload/upload.go
index dbcdc17..35fb8f9 100644
--- a/system/admin/upload/upload.go
+++ b/system/admin/upload/upload.go
@@ -5,12 +5,16 @@ package upload
 import (
 	"fmt"
 	"io"
+	"log"
+	"mime/multipart"
 	"net/http"
+	"net/url"
 	"os"
 	"path/filepath"
 	"strconv"
 	"time"
 
+	"github.com/ponzu-cms/ponzu/system/db"
 	"github.com/ponzu-cms/ponzu/system/item"
 )
 
@@ -86,16 +90,33 @@ func StoreFiles(req *http.Request) (map[string]string, error) {
 		}
 
 		// copy file from src to dst on disk
-		if _, err = io.Copy(dst, src); err != nil {
+		var size int64
+		if size, err = io.Copy(dst, src); err != nil {
 			err := fmt.Errorf("Failed to copy uploaded file to destination: %s", err)
 			return nil, err
 		}
 
 		// add name:urlPath to req.PostForm to be inserted into db
 		urlPath := fmt.Sprintf("/%s/%s/%d/%02d/%s", urlPathPrefix, uploadDirName, tm.Year(), tm.Month(), filename)
-
 		urlPaths[name] = urlPath
+
+		// add upload information to db
+		go storeFileInfo(size, filename, urlPath, fds)
 	}
 
 	return urlPaths, nil
 }
+
+func storeFileInfo(size int64, filename, urlPath string, fds []*multipart.FileHeader) {
+	data := url.Values{
+		"name":           []string{filename},
+		"path":           []string{urlPath},
+		"content_type":   []string{fds[0].Header.Get("Content-Type")},
+		"content_length": []string{fmt.Sprintf("%d", size)},
+	}
+
+	err := db.SetUpload(data)
+	if err != nil {
+		log.Println("Error saving file upload record to database:", err)
+	}
+}
-- 
cgit v1.2.3


From f869855ed484721e669bc2ae1acfa25471bae258 Mon Sep 17 00:00:00 2001
From: Steve Manuel <nilslice@gmail.com>
Date: Thu, 27 Apr 2017 08:19:06 -0700
Subject: fixing typo and removing ui classes where not needed

---
 system/admin/admin.go | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'system/admin')

diff --git a/system/admin/admin.go b/system/admin/admin.go
index 7761e71..09750f0 100644
--- a/system/admin/admin.go
+++ b/system/admin/admin.go
@@ -368,41 +368,41 @@ func UsersList(req *http.Request) ([]byte, error) {
     <div class="card user-management">
         <div class="card-title">Edit your account:</div>    
         <form class="row" enctype="multipart/form-data" action="/admin/configure/users/edit" method="post">
-            <div class="input-feild col s9">
+            <div class="col s9">
                 <label class="active">Email Address</label>
                 <input type="email" name="email" value="{{ .User.Email }}"/>
             </div>
 
-            <div class="input-feild col s9">
+            <div class="col s9">
                 <div>To approve changes, enter your password:</div>
                 
                 <label class="active">Current Password</label>
                 <input type="password" name="password"/>
             </div>
 
-            <div class="input-feild col s9">
+            <div class="col s9">
                 <label class="active">New Password: (leave blank if no password change needed)</label>
                 <input name="new_password" type="password"/>
             </div>
 
-            <div class="input-feild col s9">                        
+            <div class="col s9">                        
                 <button class="btn waves-effect waves-light green right" type="submit">Save</button>
             </div>
         </form>
 
         <div class="card-title">Add a new user:</div>        
         <form class="row" enctype="multipart/form-data" action="/admin/configure/users" method="post">
-            <div class="input-feild col s9">
+            <div class="col s9">
                 <label class="active">Email Address</label>
                 <input type="email" name="email" value=""/>
             </div>
 
-            <div class="input-feild col s9">
+            <div class="col s9">
                 <label class="active">Password</label>
                 <input type="password" name="password"/>
             </div>
 
-            <div class="input-feild col s9">            
+            <div class="col s9">            
                 <button class="btn waves-effect waves-light green right" type="submit">Add User</button>
             </div>   
         </form>        
-- 
cgit v1.2.3


From 7fffb0b422f8306f709f38b029cc0a03e583184c Mon Sep 17 00:00:00 2001
From: Steve Manuel <nilslice@gmail.com>
Date: Sat, 29 Apr 2017 11:21:14 -0700
Subject: adding view and links to admin/manager

---
 system/admin/admin.go    |   1 +
 system/admin/handlers.go | 260 +++++++++++++++++++++++++++++++++++++++++++++++
 system/admin/server.go   |   2 +
 3 files changed, 263 insertions(+)

(limited to 'system/admin')

diff --git a/system/admin/admin.go b/system/admin/admin.go
index 09750f0..9e57678 100644
--- a/system/admin/admin.go
+++ b/system/admin/admin.go
@@ -66,6 +66,7 @@ var mainAdminHTML = `
                     <div class="row collection-item">
                         <li><a class="col s12" href="/admin/configure"><i class="tiny left material-icons">settings</i>Configuration</a></li>
                         <li><a class="col s12" href="/admin/configure/users"><i class="tiny left material-icons">supervisor_account</i>Admin Users</a></li>
+                        <li><a class="col s12" href="/admin/uploads"><i class="tiny left material-icons">present_to_all</i>Addons</a></li>
                         <li><a class="col s12" href="/admin/addons"><i class="tiny left material-icons">settings_input_svideo</i>Addons</a></li>
                     </div>
                 </ul>
diff --git a/system/admin/handlers.go b/system/admin/handlers.go
index 4734ba0..0433b76 100644
--- a/system/admin/handlers.go
+++ b/system/admin/handlers.go
@@ -827,6 +827,266 @@ func recoveryKeyHandler(res http.ResponseWriter, req *http.Request) {
 	}
 }
 
+func uploadContentsHandler(res http.ResponseWriter, req *http.Request) {
+	q := req.URL.Query()
+
+	order := strings.ToLower(q.Get("order"))
+	if order != "asc" {
+		order = "desc"
+	}
+
+	pt := interface{}(&item.FileUpload{})
+
+	p, ok := pt.(editor.Editable)
+	if !ok {
+		res.WriteHeader(http.StatusInternalServerError)
+		errView, err := Error500()
+		if err != nil {
+			return
+		}
+
+		res.Write(errView)
+		return
+	}
+
+	count, err := strconv.Atoi(q.Get("count")) // int: determines number of posts to return (10 default, -1 is all)
+	if err != nil {
+		if q.Get("count") == "" {
+			count = 10
+		} else {
+			res.WriteHeader(http.StatusInternalServerError)
+			errView, err := Error500()
+			if err != nil {
+				return
+			}
+
+			res.Write(errView)
+			return
+		}
+	}
+
+	offset, err := strconv.Atoi(q.Get("offset")) // int: multiplier of count for pagination (0 default)
+	if err != nil {
+		if q.Get("offset") == "" {
+			offset = 0
+		} else {
+			res.WriteHeader(http.StatusInternalServerError)
+			errView, err := Error500()
+			if err != nil {
+				return
+			}
+
+			res.Write(errView)
+			return
+		}
+	}
+
+	opts := db.QueryOptions{
+		Count:  count,
+		Offset: offset,
+		Order:  order,
+	}
+
+	b := &bytes.Buffer{}
+	var total int
+	var posts [][]byte
+
+	html := `<div class="col s9 card">		
+					<div class="card-content">
+					<div class="row">
+					<div class="col s8">
+						<div class="row">
+							<div class="card-title col s7">Uploaded Items</div>
+							<div class="col s5 input-field inline">
+								<select class="browser-default __ponzu sort-order">
+									<option value="DESC">New to Old</option>
+									<option value="ASC">Old to New</option>
+								</select>
+								<label class="active">Sort:</label>
+							</div>	
+							<script>
+								$(function() {
+									var sort = $('select.__ponzu.sort-order');
+
+									sort.on('change', function() {
+										var path = window.location.pathname;
+										var s = sort.val();
+
+										window.location.replace(path + '&order=' + s);
+									});
+
+									var order = getParam('order');
+									if (order !== '') {
+										sort.val(order);
+									}
+									
+								});
+							</script>
+						</div>
+					</div>
+					<form class="col s4" action="/admin/contents/search" method="get">
+						<div class="input-field post-search inline">
+							<label class="active">Search:</label>
+							<i class="right material-icons search-icon">search</i>
+							<input class="search" name="q" type="text" placeholder="Within all Upload fields" class="search"/>
+							<input type="hidden" name="type" value="__uploads" />
+						</div>
+                    </form>	
+					</div>`
+
+	t := "__uploads"
+	status := ""
+	total, posts = db.Query(t, opts)
+
+	for i := range posts {
+		err := json.Unmarshal(posts[i], &p)
+		if err != nil {
+			log.Println("Error unmarshal json into", t, err, string(posts[i]))
+
+			post := `<li class="col s12">Error decoding data. Possible file corruption.</li>`
+			_, err := b.Write([]byte(post))
+			if err != nil {
+				log.Println(err)
+
+				res.WriteHeader(http.StatusInternalServerError)
+				errView, err := Error500()
+				if err != nil {
+					log.Println(err)
+				}
+
+				res.Write(errView)
+				return
+			}
+			continue
+		}
+
+		post := adminPostListItem(p, t, status)
+		_, err = b.Write(post)
+		if err != nil {
+			log.Println(err)
+
+			res.WriteHeader(http.StatusInternalServerError)
+			errView, err := Error500()
+			if err != nil {
+				log.Println(err)
+			}
+
+			res.Write(errView)
+			return
+		}
+	}
+
+	html += `<ul class="posts row">`
+
+	_, err = b.Write([]byte(`</ul>`))
+	if err != nil {
+		log.Println(err)
+
+		res.WriteHeader(http.StatusInternalServerError)
+		errView, err := Error500()
+		if err != nil {
+			log.Println(err)
+		}
+
+		res.Write(errView)
+		return
+	}
+
+	statusDisabled := "disabled"
+	prevStatus := ""
+	nextStatus := ""
+	// total may be less than 10 (default count), so reset count to match total
+	if total < count {
+		count = total
+	}
+	// nothing previous to current list
+	if offset == 0 {
+		prevStatus = statusDisabled
+	}
+	// nothing after current list
+	if (offset+1)*count >= total {
+		nextStatus = statusDisabled
+	}
+
+	// set up pagination values
+	urlFmt := req.URL.Path + "?count=%d&offset=%d&&order=%s"
+	prevURL := fmt.Sprintf(urlFmt, count, offset-1, order)
+	nextURL := fmt.Sprintf(urlFmt, count, offset+1, order)
+	start := 1 + count*offset
+	end := start + count - 1
+
+	if total < end {
+		end = total
+	}
+
+	pagination := fmt.Sprintf(`
+	<ul class="pagination row">
+		<li class="col s2 waves-effect %s"><a href="%s"><i class="material-icons">chevron_left</i></a></li>
+		<li class="col s8">%d to %d of %d</li>
+		<li class="col s2 waves-effect %s"><a href="%s"><i class="material-icons">chevron_right</i></a></li>
+	</ul>
+	`, prevStatus, prevURL, start, end, total, nextStatus, nextURL)
+
+	// show indicator that a collection of items will be listed implicitly, but
+	// that none are created yet
+	if total < 1 {
+		pagination = `
+		<ul class="pagination row">
+			<li class="col s2 waves-effect disabled"><a href="#"><i class="material-icons">chevron_left</i></a></li>
+			<li class="col s8">0 to 0 of 0</li>
+			<li class="col s2 waves-effect disabled"><a href="#"><i class="material-icons">chevron_right</i></a></li>
+		</ul>
+		`
+	}
+
+	_, err = b.Write([]byte(pagination + `</div></div>`))
+	if err != nil {
+		log.Println(err)
+
+		res.WriteHeader(http.StatusInternalServerError)
+		errView, err := Error500()
+		if err != nil {
+			log.Println(err)
+		}
+
+		res.Write(errView)
+		return
+	}
+
+	script := `
+	<script>
+		$(function() {
+			var del = $('.quick-delete-post.__ponzu span');
+			del.on('click', function(e) {
+				if (confirm("[Ponzu] Please confirm:\n\nAre you sure you want to delete this post?\nThis cannot be undone.")) {
+					$(e.target).parent().submit();
+				}
+			});
+		});
+
+		// disable link from being clicked if parent is 'disabled'
+		$(function() {
+			$('ul.pagination li.disabled a').on('click', function(e) {
+				e.preventDefault();
+			});
+		});
+	</script>
+	`
+
+	btn := `<div class="col s3"><a href="/admin/upload" class="btn new-post waves-effect waves-light">New Upload</a></div></div>`
+	html = html + b.String() + script + btn
+
+	adminView, err := Admin([]byte(html))
+	if err != nil {
+		log.Println(err)
+		res.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	res.Header().Set("Content-Type", "text/html")
+	res.Write(adminView)
+}
+
 func contentsHandler(res http.ResponseWriter, req *http.Request) {
 	q := req.URL.Query()
 	t := q.Get("type")
diff --git a/system/admin/server.go b/system/admin/server.go
index df00c21..94aca78 100644
--- a/system/admin/server.go
+++ b/system/admin/server.go
@@ -32,6 +32,8 @@ func Run() {
 	http.HandleFunc("/admin/configure/users/edit", user.Auth(configUsersEditHandler))
 	http.HandleFunc("/admin/configure/users/delete", user.Auth(configUsersDeleteHandler))
 
+	http.HandleFunc("/admin/uploads", user.Auth(uploadContentsHandler))
+
 	http.HandleFunc("/admin/contents", user.Auth(contentsHandler))
 	http.HandleFunc("/admin/contents/search", user.Auth(searchHandler))
 
-- 
cgit v1.2.3


From 7ecfc3ac37f3a00522dd486f4b7e7e7c1850de47 Mon Sep 17 00:00:00 2001
From: Steve Manuel <nilslice@gmail.com>
Date: Sat, 29 Apr 2017 11:24:47 -0700
Subject: update nav url and icon

---
 system/admin/admin.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/admin')

diff --git a/system/admin/admin.go b/system/admin/admin.go
index 9e57678..ab3fda6 100644
--- a/system/admin/admin.go
+++ b/system/admin/admin.go
@@ -66,7 +66,7 @@ var mainAdminHTML = `
                     <div class="row collection-item">
                         <li><a class="col s12" href="/admin/configure"><i class="tiny left material-icons">settings</i>Configuration</a></li>
                         <li><a class="col s12" href="/admin/configure/users"><i class="tiny left material-icons">supervisor_account</i>Admin Users</a></li>
-                        <li><a class="col s12" href="/admin/uploads"><i class="tiny left material-icons">present_to_all</i>Addons</a></li>
+                        <li><a class="col s12" href="/admin/uploads"><i class="tiny left material-icons">swap_vert</i>Uploads</a></li>
                         <li><a class="col s12" href="/admin/addons"><i class="tiny left material-icons">settings_input_svideo</i>Addons</a></li>
                     </div>
                 </ul>
-- 
cgit v1.2.3


From a48ed8dc7f7ddb3ddbc8ea54ad0b0d2feb7c87f0 Mon Sep 17 00:00:00 2001
From: Steve Manuel <nilslice@gmail.com>
Date: Sat, 29 Apr 2017 14:39:35 -0700
Subject: fmt bytes to readable and update setupload logic to allow edits

---
 system/admin/handlers.go      | 245 ++++++++++++++++++++++++++++++++++++++++++
 system/admin/server.go        |   1 +
 system/admin/upload/upload.go |   2 +-
 3 files changed, 247 insertions(+), 1 deletion(-)

(limited to 'system/admin')

diff --git a/system/admin/handlers.go b/system/admin/handlers.go
index 0433b76..7780151 100644
--- a/system/admin/handlers.go
+++ b/system/admin/handlers.go
@@ -2056,6 +2056,250 @@ func deleteHandler(res http.ResponseWriter, req *http.Request) {
 	http.Redirect(res, req, redir, http.StatusFound)
 }
 
+func editUploadHandler(res http.ResponseWriter, req *http.Request) {
+	switch req.Method {
+	case http.MethodGet:
+		q := req.URL.Query()
+		i := q.Get("id")
+		t := "__uploads"
+
+		post := &item.FileUpload{}
+
+		if i != "" {
+			data, err := db.Upload(t + ":" + i)
+			if err != nil {
+				log.Println(err)
+				res.WriteHeader(http.StatusInternalServerError)
+				errView, err := Error500()
+				if err != nil {
+					return
+				}
+
+				res.Write(errView)
+				return
+			}
+
+			if len(data) < 1 || data == nil {
+				res.WriteHeader(http.StatusNotFound)
+				errView, err := Error404()
+				if err != nil {
+					return
+				}
+
+				res.Write(errView)
+				return
+			}
+
+			err = json.Unmarshal(data, post)
+			if err != nil {
+				log.Println(err)
+				res.WriteHeader(http.StatusInternalServerError)
+				errView, err := Error500()
+				if err != nil {
+					return
+				}
+
+				res.Write(errView)
+				return
+			}
+		} else {
+			it, ok := interface{}(post).(item.Identifiable)
+			if !ok {
+				log.Println("Content type", t, "doesn't implement item.Identifiable")
+				return
+			}
+
+			it.SetItemID(-1)
+		}
+
+		m, err := manager.Manage(interface{}(post).(editor.Editable), t)
+		if err != nil {
+			log.Println(err)
+			res.WriteHeader(http.StatusInternalServerError)
+			errView, err := Error500()
+			if err != nil {
+				return
+			}
+
+			res.Write(errView)
+			return
+		}
+
+		adminView, err := Admin(m)
+		if err != nil {
+			log.Println(err)
+			res.WriteHeader(http.StatusInternalServerError)
+			return
+		}
+
+		res.Header().Set("Content-Type", "text/html")
+		res.Write(adminView)
+
+	case http.MethodPost:
+		err := req.ParseMultipartForm(1024 * 1024 * 4) // maxMemory 4MB
+		if err != nil {
+			log.Println(err)
+			res.WriteHeader(http.StatusInternalServerError)
+			errView, err := Error500()
+			if err != nil {
+				return
+			}
+
+			res.Write(errView)
+			return
+		}
+
+		cid := req.FormValue("id")
+		t := req.FormValue("type")
+		pt := "__uploads"
+		ts := req.FormValue("timestamp")
+		up := req.FormValue("updated")
+
+		// create a timestamp if one was not set
+		if ts == "" {
+			ts = fmt.Sprintf("%d", int64(time.Nanosecond)*time.Now().UTC().UnixNano()/int64(time.Millisecond))
+			req.PostForm.Set("timestamp", ts)
+		}
+
+		if up == "" {
+			req.PostForm.Set("updated", ts)
+		}
+
+		urlPaths, err := upload.StoreFiles(req)
+		if err != nil {
+			log.Println(err)
+			res.WriteHeader(http.StatusInternalServerError)
+			errView, err := Error500()
+			if err != nil {
+				return
+			}
+
+			res.Write(errView)
+			return
+		}
+
+		for name, urlPath := range urlPaths {
+			req.PostForm.Set(name, urlPath)
+		}
+
+		// check for any multi-value fields (ex. checkbox fields)
+		// and correctly format for db storage. Essentially, we need
+		// fieldX.0: value1, fieldX.1: value2 => fieldX: []string{value1, value2}
+		fieldOrderValue := make(map[string]map[string][]string)
+		ordVal := make(map[string][]string)
+		for k, v := range req.PostForm {
+			if strings.Contains(k, ".") {
+				fo := strings.Split(k, ".")
+
+				// put the order and the field value into map
+				field := string(fo[0])
+				order := string(fo[1])
+				fieldOrderValue[field] = ordVal
+
+				// orderValue is 0:[?type=Thing&id=1]
+				orderValue := fieldOrderValue[field]
+				orderValue[order] = v
+				fieldOrderValue[field] = orderValue
+
+				// discard the post form value with name.N
+				req.PostForm.Del(k)
+			}
+
+		}
+
+		// add/set the key & value to the post form in order
+		for f, ov := range fieldOrderValue {
+			for i := 0; i < len(ov); i++ {
+				position := fmt.Sprintf("%d", i)
+				fieldValue := ov[position]
+
+				if req.PostForm.Get(f) == "" {
+					for i, fv := range fieldValue {
+						if i == 0 {
+							req.PostForm.Set(f, fv)
+						} else {
+							req.PostForm.Add(f, fv)
+						}
+					}
+				} else {
+					for _, fv := range fieldValue {
+						req.PostForm.Add(f, fv)
+					}
+				}
+			}
+		}
+
+		post := interface{}(&item.FileUpload{})
+		hook, ok := post.(item.Hookable)
+		if !ok {
+			log.Println("Type", pt, "does not implement item.Hookable or embed item.Item.")
+			res.WriteHeader(http.StatusBadRequest)
+			errView, err := Error400()
+			if err != nil {
+				return
+			}
+
+			res.Write(errView)
+			return
+		}
+
+		err = hook.BeforeSave(res, req)
+		if err != nil {
+			log.Println("Error running BeforeSave method in editHandler for:", t, err)
+			return
+		}
+
+		id, err := db.SetUpload(t+":"+cid, req.PostForm)
+		if err != nil {
+			log.Println(err)
+			res.WriteHeader(http.StatusInternalServerError)
+			errView, err := Error500()
+			if err != nil {
+				return
+			}
+
+			res.Write(errView)
+			return
+		}
+
+		// set the target in the context so user can get saved value from db in hook
+		ctx := context.WithValue(req.Context(), "target", fmt.Sprintf("%s:%d", t, id))
+		req = req.WithContext(ctx)
+
+		err = hook.AfterSave(res, req)
+		if err != nil {
+			log.Println("Error running AfterSave method in editHandler for:", t, err)
+			return
+		}
+
+		scheme := req.URL.Scheme
+		host := req.URL.Host
+		path := req.URL.Path
+		sid := fmt.Sprintf("%d", id)
+		redir := scheme + host + path + "?type=" + pt + "&id=" + sid
+
+		if req.URL.Query().Get("status") == "pending" {
+			redir += "&status=pending"
+		}
+
+		http.Redirect(res, req, redir, http.StatusFound)
+	case http.MethodPut:
+		urlPaths, err := upload.StoreFiles(req)
+		if err != nil {
+			log.Println("Couldn't store file uploads.", err)
+			res.WriteHeader(http.StatusInternalServerError)
+			return
+		}
+
+		res.Header().Set("Content-Type", "application/json")
+		res.Write([]byte(`{"data": [{"url": "` + urlPaths["file"] + `"}]}`))
+	default:
+		res.WriteHeader(http.StatusMethodNotAllowed)
+		return
+	}
+}
+
+/*
 func editUploadHandler(res http.ResponseWriter, req *http.Request) {
 	if req.Method != http.MethodPost {
 		res.WriteHeader(http.StatusMethodNotAllowed)
@@ -2072,6 +2316,7 @@ func editUploadHandler(res http.ResponseWriter, req *http.Request) {
 	res.Header().Set("Content-Type", "application/json")
 	res.Write([]byte(`{"data": [{"url": "` + urlPaths["file"] + `"}]}`))
 }
+*/
 
 func searchHandler(res http.ResponseWriter, req *http.Request) {
 	q := req.URL.Query()
diff --git a/system/admin/server.go b/system/admin/server.go
index 94aca78..3ee44f9 100644
--- a/system/admin/server.go
+++ b/system/admin/server.go
@@ -33,6 +33,7 @@ func Run() {
 	http.HandleFunc("/admin/configure/users/delete", user.Auth(configUsersDeleteHandler))
 
 	http.HandleFunc("/admin/uploads", user.Auth(uploadContentsHandler))
+	// http.HandleFunc("/admin/uploads/search", user.Auth(uploadSearchHandler))
 
 	http.HandleFunc("/admin/contents", user.Auth(contentsHandler))
 	http.HandleFunc("/admin/contents/search", user.Auth(searchHandler))
diff --git a/system/admin/upload/upload.go b/system/admin/upload/upload.go
index 35fb8f9..a0568e4 100644
--- a/system/admin/upload/upload.go
+++ b/system/admin/upload/upload.go
@@ -115,7 +115,7 @@ func storeFileInfo(size int64, filename, urlPath string, fds []*multipart.FileHe
 		"content_length": []string{fmt.Sprintf("%d", size)},
 	}
 
-	err := db.SetUpload(data)
+	_, err := db.SetUpload("__uploads:-1", data)
 	if err != nil {
 		log.Println("Error saving file upload record to database:", err)
 	}
-- 
cgit v1.2.3


From 3c8c848606b996e2c7a06331401e622f888b84c5 Mon Sep 17 00:00:00 2001
From: Steve Manuel <nilslice@gmail.com>
Date: Sat, 29 Apr 2017 22:43:44 -0500
Subject: adding search, edit/new, and list view for uploads

---
 system/admin/handlers.go | 185 ++++++++++++++++++++++++++++++++++-------------
 system/admin/server.go   |   2 +-
 2 files changed, 136 insertions(+), 51 deletions(-)

(limited to 'system/admin')

diff --git a/system/admin/handlers.go b/system/admin/handlers.go
index 7780151..ac18020 100644
--- a/system/admin/handlers.go
+++ b/system/admin/handlers.go
@@ -912,7 +912,7 @@ func uploadContentsHandler(res http.ResponseWriter, req *http.Request) {
 										var path = window.location.pathname;
 										var s = sort.val();
 
-										window.location.replace(path + '&order=' + s);
+										window.location.replace(path + '?order=' + s);
 									});
 
 									var order = getParam('order');
@@ -924,7 +924,7 @@ func uploadContentsHandler(res http.ResponseWriter, req *http.Request) {
 							</script>
 						</div>
 					</div>
-					<form class="col s4" action="/admin/contents/search" method="get">
+					<form class="col s4" action="/admin/uploads/search" method="get">
 						<div class="input-field post-search inline">
 							<label class="active">Search:</label>
 							<i class="right material-icons search-icon">search</i>
@@ -1073,7 +1073,7 @@ func uploadContentsHandler(res http.ResponseWriter, req *http.Request) {
 	</script>
 	`
 
-	btn := `<div class="col s3"><a href="/admin/upload" class="btn new-post waves-effect waves-light">New Upload</a></div></div>`
+	btn := `<div class="col s3"><a href="/admin/edit/upload" class="btn new-post waves-effect waves-light">New Upload</a></div></div>`
 	html = html + b.String() + script + btn
 
 	adminView, err := Admin([]byte(html))
@@ -1539,9 +1539,14 @@ func adminPostListItem(e editor.Editable, typeName, status string) []byte {
 		status = "__" + status
 	}
 
+	link := `<a href="/admin/edit?type=` + typeName + `&status=` + strings.TrimPrefix(status, "__") + `&id=` + cid + `">` + i.String() + `</a>`
+	if strings.HasPrefix(typeName, "__") {
+		link = `<a href="/admin/edit/upload?id=` + cid + `">` + i.String() + `</a>`
+	}
+
 	post := `
 			<li class="col s12">
-				<a href="/admin/edit?type=` + typeName + `&status=` + strings.TrimPrefix(status, "__") + `&id=` + cid + `">` + i.String() + `</a>
+				` + link + `
 				<span class="post-detail">Updated: ` + updatedTime + `</span>
 				<span class="publish-date right">` + publishTime + `</span>
 
@@ -2149,7 +2154,6 @@ func editUploadHandler(res http.ResponseWriter, req *http.Request) {
 			return
 		}
 
-		cid := req.FormValue("id")
 		t := req.FormValue("type")
 		pt := "__uploads"
 		ts := req.FormValue("timestamp")
@@ -2165,6 +2169,27 @@ func editUploadHandler(res http.ResponseWriter, req *http.Request) {
 			req.PostForm.Set("updated", ts)
 		}
 
+		post := interface{}(&item.FileUpload{})
+		hook, ok := post.(item.Hookable)
+		if !ok {
+			log.Println("Type", pt, "does not implement item.Hookable or embed item.Item.")
+			res.WriteHeader(http.StatusBadRequest)
+			errView, err := Error400()
+			if err != nil {
+				return
+			}
+
+			res.Write(errView)
+			return
+		}
+
+		err = hook.BeforeSave(res, req)
+		if err != nil {
+			log.Println("Error running BeforeSave method in editHandler for:", t, err)
+			return
+		}
+
+		// StoreFiles has the SetUpload call (which is equivalent of SetContent in other handlers)
 		urlPaths, err := upload.StoreFiles(req)
 		if err != nil {
 			log.Println(err)
@@ -2229,43 +2254,6 @@ func editUploadHandler(res http.ResponseWriter, req *http.Request) {
 			}
 		}
 
-		post := interface{}(&item.FileUpload{})
-		hook, ok := post.(item.Hookable)
-		if !ok {
-			log.Println("Type", pt, "does not implement item.Hookable or embed item.Item.")
-			res.WriteHeader(http.StatusBadRequest)
-			errView, err := Error400()
-			if err != nil {
-				return
-			}
-
-			res.Write(errView)
-			return
-		}
-
-		err = hook.BeforeSave(res, req)
-		if err != nil {
-			log.Println("Error running BeforeSave method in editHandler for:", t, err)
-			return
-		}
-
-		id, err := db.SetUpload(t+":"+cid, req.PostForm)
-		if err != nil {
-			log.Println(err)
-			res.WriteHeader(http.StatusInternalServerError)
-			errView, err := Error500()
-			if err != nil {
-				return
-			}
-
-			res.Write(errView)
-			return
-		}
-
-		// set the target in the context so user can get saved value from db in hook
-		ctx := context.WithValue(req.Context(), "target", fmt.Sprintf("%s:%d", t, id))
-		req = req.WithContext(ctx)
-
 		err = hook.AfterSave(res, req)
 		if err != nil {
 			log.Println("Error running AfterSave method in editHandler for:", t, err)
@@ -2274,15 +2262,9 @@ func editUploadHandler(res http.ResponseWriter, req *http.Request) {
 
 		scheme := req.URL.Scheme
 		host := req.URL.Host
-		path := req.URL.Path
-		sid := fmt.Sprintf("%d", id)
-		redir := scheme + host + path + "?type=" + pt + "&id=" + sid
-
-		if req.URL.Query().Get("status") == "pending" {
-			redir += "&status=pending"
-		}
-
+		redir := scheme + host + "/admin/uploads"
 		http.Redirect(res, req, redir, http.StatusFound)
+
 	case http.MethodPut:
 		urlPaths, err := upload.StoreFiles(req)
 		if err != nil {
@@ -2427,6 +2409,109 @@ func searchHandler(res http.ResponseWriter, req *http.Request) {
 	res.Write(adminView)
 }
 
+func uploadSearchHandler(res http.ResponseWriter, req *http.Request) {
+	q := req.URL.Query()
+	t := "__uploads"
+	search := q.Get("q")
+	status := q.Get("status")
+
+	if t == "" || search == "" {
+		http.Redirect(res, req, req.URL.Scheme+req.URL.Host+"/admin", http.StatusFound)
+		return
+	}
+
+	posts := db.UploadAll()
+	b := &bytes.Buffer{}
+	p := interface{}(&item.FileUpload{}).(editor.Editable)
+
+	html := `<div class="col s9 card">		
+					<div class="card-content">
+					<div class="row">
+					<div class="card-title col s7">Uploads Results</div>	
+					<form class="col s4" action="/admin/uploads/search" method="get">
+						<div class="input-field post-search inline">
+							<label class="active">Search:</label>
+							<i class="right material-icons search-icon">search</i>
+							<input class="search" name="q" type="text" placeholder="Within all Upload fields" class="search"/>
+							<input type="hidden" name="type" value="` + t + `" />
+						</div>
+                    </form>	
+					</div>
+					<ul class="posts row">`
+
+	for i := range posts {
+		// skip posts that don't have any matching search criteria
+		match := strings.ToLower(search)
+		all := strings.ToLower(string(posts[i]))
+		if !strings.Contains(all, match) {
+			continue
+		}
+
+		err := json.Unmarshal(posts[i], &p)
+		if err != nil {
+			log.Println("Error unmarshal search result json into", t, err, posts[i])
+
+			post := `<li class="col s12">Error decoding data. Possible file corruption.</li>`
+			_, err = b.Write([]byte(post))
+			if err != nil {
+				log.Println(err)
+
+				res.WriteHeader(http.StatusInternalServerError)
+				errView, err := Error500()
+				if err != nil {
+					log.Println(err)
+				}
+
+				res.Write(errView)
+				return
+			}
+			continue
+		}
+
+		post := adminPostListItem(p, t, status)
+		_, err = b.Write([]byte(post))
+		if err != nil {
+			log.Println(err)
+
+			res.WriteHeader(http.StatusInternalServerError)
+			errView, err := Error500()
+			if err != nil {
+				log.Println(err)
+			}
+
+			res.Write(errView)
+			return
+		}
+	}
+
+	_, err := b.WriteString(`</ul></div></div>`)
+	if err != nil {
+		log.Println(err)
+
+		res.WriteHeader(http.StatusInternalServerError)
+		errView, err := Error500()
+		if err != nil {
+			log.Println(err)
+		}
+
+		res.Write(errView)
+		return
+	}
+
+	btn := `<div class="col s3"><a href="/admin/edit/upload" class="btn new-post waves-effect waves-light">New Upload</a></div></div>`
+	html = html + b.String() + btn
+
+	adminView, err := Admin([]byte(html))
+	if err != nil {
+		log.Println(err)
+		res.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	res.Header().Set("Content-Type", "text/html")
+	res.Write(adminView)
+}
+
 func addonsHandler(res http.ResponseWriter, req *http.Request) {
 	switch req.Method {
 	case http.MethodGet:
diff --git a/system/admin/server.go b/system/admin/server.go
index 3ee44f9..b029be4 100644
--- a/system/admin/server.go
+++ b/system/admin/server.go
@@ -33,7 +33,7 @@ func Run() {
 	http.HandleFunc("/admin/configure/users/delete", user.Auth(configUsersDeleteHandler))
 
 	http.HandleFunc("/admin/uploads", user.Auth(uploadContentsHandler))
-	// http.HandleFunc("/admin/uploads/search", user.Auth(uploadSearchHandler))
+	http.HandleFunc("/admin/uploads/search", user.Auth(uploadSearchHandler))
 
 	http.HandleFunc("/admin/contents", user.Auth(contentsHandler))
 	http.HandleFunc("/admin/contents/search", user.Auth(searchHandler))
-- 
cgit v1.2.3


From 8a1d091a0c6d55dbd6c713b2240bee8550541e7b Mon Sep 17 00:00:00 2001
From: Steve Manuel <nilslice@gmail.com>
Date: Sat, 29 Apr 2017 23:01:51 -0500
Subject: add delete procedure and implementation for uploads

---
 system/admin/handlers.go | 64 ++++++++++++++++++++++++++++++++++++++++++++++++
 system/admin/server.go   |  1 +
 2 files changed, 65 insertions(+)

(limited to 'system/admin')

diff --git a/system/admin/handlers.go b/system/admin/handlers.go
index ac18020..bb36e39 100644
--- a/system/admin/handlers.go
+++ b/system/admin/handlers.go
@@ -2061,6 +2061,70 @@ func deleteHandler(res http.ResponseWriter, req *http.Request) {
 	http.Redirect(res, req, redir, http.StatusFound)
 }
 
+func deleteUploadHandler(res http.ResponseWriter, req *http.Request) {
+	if req.Method != http.MethodPost {
+		res.WriteHeader(http.StatusMethodNotAllowed)
+		return
+	}
+
+	err := req.ParseMultipartForm(1024 * 1024 * 4) // maxMemory 4MB
+	if err != nil {
+		log.Println(err)
+		res.WriteHeader(http.StatusInternalServerError)
+		errView, err := Error500()
+		if err != nil {
+			return
+		}
+
+		res.Write(errView)
+		return
+	}
+
+	id := req.FormValue("id")
+	t := "__uploads"
+
+	if id == "" || t == "" {
+		res.WriteHeader(http.StatusBadRequest)
+		return
+	}
+
+	post := interface{}(&item.FileUpload{})
+	hook, ok := post.(item.Hookable)
+	if !ok {
+		log.Println("Type", t, "does not implement item.Hookable or embed item.Item.")
+		res.WriteHeader(http.StatusBadRequest)
+		errView, err := Error400()
+		if err != nil {
+			return
+		}
+
+		res.Write(errView)
+		return
+	}
+
+	err = hook.BeforeDelete(res, req)
+	if err != nil {
+		log.Println("Error running BeforeDelete method in deleteHandler for:", t, err)
+		return
+	}
+
+	err = db.DeleteUpload(t + ":" + id)
+	if err != nil {
+		log.Println(err)
+		res.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	err = hook.AfterDelete(res, req)
+	if err != nil {
+		log.Println("Error running AfterDelete method in deleteHandler for:", t, err)
+		return
+	}
+
+	redir := "/admin/uploads"
+	http.Redirect(res, req, redir, http.StatusFound)
+}
+
 func editUploadHandler(res http.ResponseWriter, req *http.Request) {
 	switch req.Method {
 	case http.MethodGet:
diff --git a/system/admin/server.go b/system/admin/server.go
index b029be4..2180441 100644
--- a/system/admin/server.go
+++ b/system/admin/server.go
@@ -42,6 +42,7 @@ func Run() {
 	http.HandleFunc("/admin/edit/delete", user.Auth(deleteHandler))
 	http.HandleFunc("/admin/edit/approve", user.Auth(approveContentHandler))
 	http.HandleFunc("/admin/edit/upload", user.Auth(editUploadHandler))
+	http.HandleFunc("/admin/edit/upload/delete", user.Auth(deleteUploadHandler))
 
 	pwd, err := os.Getwd()
 	if err != nil {
-- 
cgit v1.2.3