|
|
|
@ -20,6 +20,7 @@ func (s *Server) registerMemoRoutes(g *echo.Group) {
|
|
|
|
if !ok {
|
|
|
|
if !ok {
|
|
|
|
return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
|
|
|
|
return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
memoCreate := &api.MemoCreate{
|
|
|
|
memoCreate := &api.MemoCreate{
|
|
|
|
CreatorID: userID,
|
|
|
|
CreatorID: userID,
|
|
|
|
// Private is the default memo visibility.
|
|
|
|
// Private is the default memo visibility.
|
|
|
|
@ -28,7 +29,6 @@ func (s *Server) registerMemoRoutes(g *echo.Group) {
|
|
|
|
if err := json.NewDecoder(c.Request().Body).Decode(memoCreate); err != nil {
|
|
|
|
if err := json.NewDecoder(c.Request().Body).Decode(memoCreate); err != nil {
|
|
|
|
return echo.NewHTTPError(http.StatusBadRequest, "Malformatted post memo request").SetInternal(err)
|
|
|
|
return echo.NewHTTPError(http.StatusBadRequest, "Malformatted post memo request").SetInternal(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if memoCreate.Content == "" {
|
|
|
|
if memoCreate.Content == "" {
|
|
|
|
return echo.NewHTTPError(http.StatusBadRequest, "Memo content shouldn't be empty")
|
|
|
|
return echo.NewHTTPError(http.StatusBadRequest, "Memo content shouldn't be empty")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@ -64,11 +64,24 @@ func (s *Server) registerMemoRoutes(g *echo.Group) {
|
|
|
|
|
|
|
|
|
|
|
|
g.PATCH("/memo/:memoId", func(c echo.Context) error {
|
|
|
|
g.PATCH("/memo/:memoId", func(c echo.Context) error {
|
|
|
|
ctx := c.Request().Context()
|
|
|
|
ctx := c.Request().Context()
|
|
|
|
|
|
|
|
userID, ok := c.Get(getUserIDContextKey()).(int)
|
|
|
|
|
|
|
|
if !ok {
|
|
|
|
|
|
|
|
return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
memoID, err := strconv.Atoi(c.Param("memoId"))
|
|
|
|
memoID, err := strconv.Atoi(c.Param("memoId"))
|
|
|
|
if err != nil {
|
|
|
|
if err != nil {
|
|
|
|
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("memoId"))).SetInternal(err)
|
|
|
|
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("memoId"))).SetInternal(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
memoFind := &api.MemoFind{
|
|
|
|
|
|
|
|
ID: &memoID,
|
|
|
|
|
|
|
|
CreatorID: &userID,
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if _, err := s.Store.FindMemo(ctx, memoFind); err != nil {
|
|
|
|
|
|
|
|
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find memo").SetInternal(err)
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
memoPatch := &api.MemoPatch{
|
|
|
|
memoPatch := &api.MemoPatch{
|
|
|
|
ID: memoID,
|
|
|
|
ID: memoID,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@ -91,7 +104,6 @@ func (s *Server) registerMemoRoutes(g *echo.Group) {
|
|
|
|
g.GET("/memo", func(c echo.Context) error {
|
|
|
|
g.GET("/memo", func(c echo.Context) error {
|
|
|
|
ctx := c.Request().Context()
|
|
|
|
ctx := c.Request().Context()
|
|
|
|
memoFind := &api.MemoFind{}
|
|
|
|
memoFind := &api.MemoFind{}
|
|
|
|
|
|
|
|
|
|
|
|
if userID, err := strconv.Atoi(c.QueryParam("creatorId")); err == nil {
|
|
|
|
if userID, err := strconv.Atoi(c.QueryParam("creatorId")); err == nil {
|
|
|
|
memoFind.CreatorID = &userID
|
|
|
|
memoFind.CreatorID = &userID
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@ -222,10 +234,12 @@ func (s *Server) registerMemoRoutes(g *echo.Group) {
|
|
|
|
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("Failed to find memo by ID: %v", memoID)).SetInternal(err)
|
|
|
|
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("Failed to find memo by ID: %v", memoID)).SetInternal(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
userID, ok := c.Get(getUserIDContextKey()).(int)
|
|
|
|
if memo.Visibility == api.Privite {
|
|
|
|
if memo.Visibility == api.Privite {
|
|
|
|
return echo.NewHTTPError(http.StatusForbidden, "this memo is private only")
|
|
|
|
if !ok || memo.CreatorID != userID {
|
|
|
|
|
|
|
|
return echo.NewHTTPError(http.StatusForbidden, "this memo is private only")
|
|
|
|
|
|
|
|
}
|
|
|
|
} else if memo.Visibility == api.Protected {
|
|
|
|
} else if memo.Visibility == api.Protected {
|
|
|
|
_, ok := c.Get(getUserIDContextKey()).(int)
|
|
|
|
|
|
|
|
if !ok {
|
|
|
|
if !ok {
|
|
|
|
return echo.NewHTTPError(http.StatusForbidden, "this memo is protected, missing user in session")
|
|
|
|
return echo.NewHTTPError(http.StatusForbidden, "this memo is protected, missing user in session")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@ -282,11 +296,24 @@ func (s *Server) registerMemoRoutes(g *echo.Group) {
|
|
|
|
|
|
|
|
|
|
|
|
g.DELETE("/memo/:memoId", func(c echo.Context) error {
|
|
|
|
g.DELETE("/memo/:memoId", func(c echo.Context) error {
|
|
|
|
ctx := c.Request().Context()
|
|
|
|
ctx := c.Request().Context()
|
|
|
|
|
|
|
|
userID, ok := c.Get(getUserIDContextKey()).(int)
|
|
|
|
|
|
|
|
if !ok {
|
|
|
|
|
|
|
|
return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
memoID, err := strconv.Atoi(c.Param("memoId"))
|
|
|
|
memoID, err := strconv.Atoi(c.Param("memoId"))
|
|
|
|
if err != nil {
|
|
|
|
if err != nil {
|
|
|
|
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("memoId"))).SetInternal(err)
|
|
|
|
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("memoId"))).SetInternal(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
memoFind := &api.MemoFind{
|
|
|
|
|
|
|
|
ID: &memoID,
|
|
|
|
|
|
|
|
CreatorID: &userID,
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
if _, err := s.Store.FindMemo(ctx, memoFind); err != nil {
|
|
|
|
|
|
|
|
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find memo").SetInternal(err)
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
memoDelete := &api.MemoDelete{
|
|
|
|
memoDelete := &api.MemoDelete{
|
|
|
|
ID: memoID,
|
|
|
|
ID: memoID,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
Steven
3 years ago