From 96cefc49318c9d358f0f9586c56727234a49b991 Mon Sep 17 00:00:00 2001 From: Jordan Date: Sun, 1 Jun 2014 23:38:21 -0500 Subject: [PATCH] Cleaned up possible (very unlikely?) permission issue Better logging in controllers module DRY changes to API Added Data attribute to models.Response struct Added GetTemplateByName (will be used in filling out campaign) Changed modal to be 800px on large screens for better previews --- controllers/api.go | 55 +++++++++++------------------- controllers/route.go | 17 +++++---- middleware/middleware.go | 3 +- models/campaign.go | 2 +- models/models.go | 5 +-- models/template.go | 18 +++++++++- static/bootstrap/css/bootstrap.css | 2 +- 7 files changed, 53 insertions(+), 49 deletions(-) diff --git a/controllers/api.go b/controllers/api.go index 8e8e7245..71b59473 100644 --- a/controllers/api.go +++ b/controllers/api.go @@ -45,7 +45,7 @@ func API_Reset(w http.ResponseWriter, r *http.Request) { if err != nil { http.Error(w, "Error setting API Key", http.StatusInternalServerError) } else { - writeJSON(w, []byte(u.ApiKey)) + writeJSON(w, models.Response{Success: true, Message: "API Key Successfully Reset", Data: u.ApiKey}) } } } @@ -91,24 +91,19 @@ func API_Campaigns(w http.ResponseWriter, r *http.Request) { func API_Campaigns_Id(w http.ResponseWriter, r *http.Request) { vars := mux.Vars(r) id, _ := strconv.ParseInt(vars["id"], 0, 64) + c, err := models.GetCampaign(id, ctx.Get(r, "user_id").(int64)) + if checkError(err, w, "Campaign not found", http.StatusNotFound) { + return + } switch { case r.Method == "GET": - c := models.Campaign{} - c, err := models.GetCampaign(id, ctx.Get(r, "user_id").(int64)) - if checkError(err, w, "No campaign found", http.StatusNotFound) { - return - } writeJSON(w, c) case r.Method == "DELETE": - _, err := models.GetCampaign(id, ctx.Get(r, "user_id").(int64)) - if checkError(err, w, "No campaign found", http.StatusNotFound) { - return - } err = models.DeleteCampaign(id) if checkError(err, w, "Error deleting campaign", http.StatusInternalServerError) { return } - writeJSON(w, []byte("{\"success\" : \"true\"}")) + writeJSON(w, models.Response{Success: true, Message: "Campaign Deleted Successfully!"}) } } @@ -171,29 +166,21 @@ func API_Groups(w http.ResponseWriter, r *http.Request) { func API_Groups_Id(w http.ResponseWriter, r *http.Request) { vars := mux.Vars(r) id, _ := strconv.ParseInt(vars["id"], 0, 64) + g, err := models.GetGroup(id, ctx.Get(r, "user_id").(int64)) + if checkError(err, w, "Group not found", http.StatusNotFound) { + return + } switch { case r.Method == "GET": - g, err := models.GetGroup(id, ctx.Get(r, "user_id").(int64)) - if checkError(err, w, "No group found", http.StatusNotFound) { - return - } writeJSON(w, g) case r.Method == "DELETE": - g, err := models.GetGroup(id, ctx.Get(r, "user_id").(int64)) - if checkError(err, w, "No group found", http.StatusNotFound) { - return - } err = models.DeleteGroup(&g) if checkError(err, w, "Error deleting group", http.StatusInternalServerError) { return } - writeJSON(w, []byte("{\"success\" : \"true\"}")) + writeJSON(w, models.Response{Success: true, Message: "Group Deleted Successfully"}) case r.Method == "PUT": - _, err := models.GetGroup(id, ctx.Get(r, "user_id").(int64)) - if checkError(err, w, "No group found", http.StatusNotFound) { - return - } - g := models.Group{} + g = models.Group{} err = json.NewDecoder(r.Body).Decode(&g) if g.Id != id { http.Error(w, "Error: /:id and group_id mismatch", http.StatusBadRequest) @@ -243,25 +230,21 @@ func API_Templates(w http.ResponseWriter, r *http.Request) { func API_Templates_Id(w http.ResponseWriter, r *http.Request) { vars := mux.Vars(r) id, _ := strconv.ParseInt(vars["id"], 0, 64) + t, err := models.GetTemplate(id, ctx.Get(r, "user_id").(int64)) + if checkError(err, w, "Template not found", http.StatusNotFound) { + return + } switch { case r.Method == "GET": - t, err := models.GetTemplate(id, ctx.Get(r, "user_id").(int64)) - if checkError(err, w, "No template found", http.StatusNotFound) { - return - } writeJSON(w, t) case r.Method == "DELETE": - err := models.DeleteTemplate(id, ctx.Get(r, "user_id").(int64)) - if checkError(err, w, "Error deleting group", http.StatusInternalServerError) { + err = models.DeleteTemplate(id, ctx.Get(r, "user_id").(int64)) + if checkError(err, w, "Error deleting template", http.StatusInternalServerError) { return } writeJSON(w, models.Response{Success: true, Message: "Template Deleted Successfully"}) case r.Method == "PUT": - _, err := models.GetTemplate(id, ctx.Get(r, "user_id").(int64)) - if checkError(err, w, "No group found", http.StatusNotFound) { - return - } - t := models.Template{} + t = models.Template{} err = json.NewDecoder(r.Body).Decode(&t) if t.Id != id { http.Error(w, "Error: /:id and template_id mismatch", http.StatusBadRequest) diff --git a/controllers/route.go b/controllers/route.go index 0993be3a..62eacf52 100644 --- a/controllers/route.go +++ b/controllers/route.go @@ -1,9 +1,10 @@ package controllers import ( - "fmt" "html/template" + "log" "net/http" + "os" ctx "github.com/gorilla/context" "github.com/gorilla/mux" @@ -15,6 +16,7 @@ import ( ) var templateDelims = []string{"{{%", "%}}"} +var Logger = log.New(os.Stdout, " ", log.Ldate|log.Ltime|log.Lshortfile) func CreateRouter() *nosurf.CSRFHandler { router := mux.NewRouter() @@ -92,7 +94,7 @@ func Register(w http.ResponseWriter, r *http.Request) { m = "Username already taken" } else { m = "Unknown error - please try again" - fmt.Println(err) + Logger.Println(err) } session.AddFlash(models.Flash{ Type: "danger", @@ -157,14 +159,14 @@ func Login(w http.ResponseWriter, r *http.Request) { templates.Delims(templateDelims[0], templateDelims[1]) _, err := templates.ParseFiles("templates/login.html", "templates/flashes.html") if err != nil { - fmt.Println(err) + Logger.Println(err) } template.Must(templates, err).ExecuteTemplate(w, "base", params) case r.Method == "POST": //Attempt to login succ, err := auth.Login(r) if err != nil { - fmt.Println(err) + Logger.Println(err) } //If we've logged in, save the session and redirect to the dashboard if succ { @@ -182,15 +184,16 @@ func getTemplate(w http.ResponseWriter, tmpl string) *template.Template { templates.Delims(templateDelims[0], templateDelims[1]) _, err := templates.ParseFiles("templates/base.html", "templates/"+tmpl+".html", "templates/flashes.html") if err != nil { - fmt.Println(err) + Logger.Println(err) } return template.Must(templates, err) } func checkError(e error, w http.ResponseWriter, m string, c int) bool { if e != nil { - fmt.Println(e) - http.Error(w, "Error: "+m, c) + Logger.Println(e) + w.WriteHeader(c) + writeJSON(w, models.Response{Success: false, Message: m}) return true } return false diff --git a/middleware/middleware.go b/middleware/middleware.go index d07e7672..457571fa 100644 --- a/middleware/middleware.go +++ b/middleware/middleware.go @@ -29,8 +29,9 @@ func GetContext(handler http.Handler) http.HandlerFunc { u, err := models.GetUser(id.(int64)) if err != nil { ctx.Set(r, "user", nil) + } else { + ctx.Set(r, "user", u) } - ctx.Set(r, "user", u) } else { ctx.Set(r, "user", nil) } diff --git a/models/campaign.go b/models/campaign.go index 3c04ec51..a4181126 100644 --- a/models/campaign.go +++ b/models/campaign.go @@ -90,7 +90,7 @@ func PostCampaign(c *Campaign, uid int64) error { func UpdateCampaignStatus(c *Campaign, s string) error { // This could be made simpler, but I think there's a bug in gorm - return db.Debug().Table("campaigns").Where("id=?", c.Id).Update("status", s).Error + return db.Table("campaigns").Where("id=?", c.Id).Update("status", s).Error } //DeleteCampaign deletes the specified campaign diff --git a/models/models.go b/models/models.go index 9d23b2ba..00a3898b 100644 --- a/models/models.go +++ b/models/models.go @@ -31,8 +31,9 @@ type Flash struct { } type Response struct { - Message string `json:"message"` - Success bool `json:"success"` + Message string `json:"message"` + Success bool `json:"success"` + Data interface{} `json:"data"` } // Setup initializes the Conn object diff --git a/models/template.go b/models/template.go index 48ebf928..474d7acf 100644 --- a/models/template.go +++ b/models/template.go @@ -38,6 +38,17 @@ func GetTemplate(id int64, uid int64) (Template, error) { return t, err } +// GetTemplateByName returns the template, if it exists, specified by the given name and user_id. +func GetTemplateByName(n string, uid int64) (Template, error) { + t := Template{} + err := db.Where("user_id=? and name=?", uid, n).Find(&t).Error + if err != nil { + Logger.Println(err) + return t, err + } + return t, nil +} + // PostTemplate creates a new template in the database. func PostTemplate(t *Template) error { // Insert into the DB @@ -49,12 +60,17 @@ func PostTemplate(t *Template) error { return nil } +// PutTemplate edits an existing template in the database. +// Per the PUT Method RFC, it presumes all data for a template is provided. func PutTemplate(t *Template, uid int64) error { return nil + //err := } +// DeleteTemplate deletes an existing template in the database. +// An error is returned if a template with the given user id and template id is not found. func DeleteTemplate(id int64, uid int64) error { - err := db.Debug().Where("user_id=?", uid).Delete(Template{Id: id}).Error + err := db.Where("user_id=?", uid).Delete(Template{Id: id}).Error if err != nil { Logger.Println(err) return err diff --git a/static/bootstrap/css/bootstrap.css b/static/bootstrap/css/bootstrap.css index a71f5271..bdd409a3 100644 --- a/static/bootstrap/css/bootstrap.css +++ b/static/bootstrap/css/bootstrap.css @@ -5186,7 +5186,7 @@ button.close { } @media (min-width: 768px) { .modal-dialog { - width: 600px; + width: 800px; margin: 30px auto; } .modal-content {