Added Tags to RSS feed as categories

cmd/data/articles.go

@@ -0,0 +1,198 @@
+package data
+
+import (
+	"encoding/gob"
+	"fmt"
+	"os"
+	"sync"
+	"time"
+
+	"github.com/google/uuid"
+)
+
+type Article struct {
+	Title    string
+	Author   string
+	Created  time.Time
+	Desc     string
+	Content  string
+	Tags     []string
+	UUID     uuid.UUID
+	AuthorID int64
+}
+
+// TODO: setCh
+type ArticleList struct {
+	addCh    chan *Article
+	delCh    chan uuid.UUID
+	getCh    chan []Article
+	retCh    chan *Article
+	articles []*Article
+	wg       sync.WaitGroup
+}
+
+// TODO: setCh
+type TagList struct {
+	addCh chan string
+	getCh chan []string
+	tags  []string
+	wg    sync.WaitGroup
+}
+
+func initArticleList() *ArticleList {
+	return &ArticleList{
+		addCh: make(chan *Article),
+		delCh: make(chan uuid.UUID),
+		getCh: make(chan []Article),
+		retCh: make(chan *Article),
+	}
+}
+
+func initTagList() *TagList {
+	return &TagList{
+		addCh: make(chan string),
+		getCh: make(chan []string),
+	}
+}
+
+func (al *ArticleList) start() {
+	al.wg.Done()
+	for {
+		select {
+		case article := <-al.addCh:
+			al.articles = append(al.articles, article)
+		case uuid := <-al.delCh:
+			for i, article := range al.articles {
+				if article.UUID == uuid {
+					al.articles = append(al.articles[:i], al.articles[i+1:]...)
+					al.retCh <- article
+				}
+			}
+		case al.getCh <- func() []Article {
+			var list []Article
+			for _, article := range al.articles {
+				list = append(list, *article)
+			}
+			return list
+		}():
+		}
+	}
+}
+
+func (tl *TagList) start() {
+	tl.wg.Done()
+	for {
+		select {
+		case tag := <-tl.addCh:
+			tl.tags = append(tl.tags, tag)
+		case tl.getCh <- tl.tags:
+		}
+	}
+}
+
+func NewArticleList() *ArticleList {
+	list := initArticleList()
+	list.articles = make([]*Article, 0)
+
+	list.wg.Add(1)
+	go list.start()
+	list.wg.Wait()
+
+	return list
+}
+
+func (al *ArticleList) Add(a *Article) {
+	al.addCh <- a
+}
+
+func (al *ArticleList) Release(uuid uuid.UUID) (*Article, bool) {
+	al.delCh <- uuid
+	article := <-al.retCh
+
+	if article == nil {
+		return nil, false
+	}
+	return article, true
+}
+
+func (al *ArticleList) Get() []Article {
+	return <-al.getCh
+}
+
+func (al *ArticleList) Save(filename string) error {
+	file, err := os.Create(filename)
+	if err != nil {
+		return fmt.Errorf("error creating key file: %v", err)
+	}
+	defer file.Close()
+
+	articles := al.Get()
+	if err = gob.NewEncoder(file).Encode(articles); err != nil {
+		return fmt.Errorf("error ecoding key: %v", err)
+	}
+
+	return nil
+}
+
+func LoadArticleList(filename string) (*ArticleList, error) {
+	file, err := os.Open(filename)
+	if err != nil {
+		return nil, fmt.Errorf("error opening key file: %v", err)
+	}
+
+	articleList := NewArticleList()
+	if err = gob.NewDecoder(file).Decode(&articleList.articles); err != nil {
+		return nil, fmt.Errorf("error decoding key: %v", err)
+	}
+
+	return articleList, nil
+}
+
+func NewTagList() *TagList {
+	list := initTagList()
+	list.tags = make([]string, 0)
+
+	list.wg.Add(1)
+	go list.start()
+	list.wg.Wait()
+
+	return list
+}
+
+func (tl *TagList) Add(tag string) {
+	tl.addCh <- tag
+}
+
+func (tl *TagList) Get() []string {
+	return <-tl.getCh
+}
+
+func (tl *TagList) Save(filename string) error {
+	file, err := os.Create(filename)
+	if err != nil {
+		return fmt.Errorf("error creating key file: %v", err)
+	}
+	defer file.Close()
+
+	tags := tl.Get()
+	if err = gob.NewEncoder(file).Encode(tags); err != nil {
+		return fmt.Errorf("error ecoding key: %v", err)
+	}
+
+	return nil
+}
+
+func LoadTagList(filename string) (*TagList, error) {
+	file, err := os.Open(filename)
+	if err != nil {
+		return nil, fmt.Errorf("error opening key file: %v", err)
+	}
+	defer file.Close()
+
+	tagList := NewTagList()
+	if err = gob.NewDecoder(file).Decode(&tagList.tags); err != nil {
+		return nil, fmt.Errorf("error decoding key: %v", err)
+	}
+
+	return tagList, nil
+}

cmd/data/db.go

@@ -34,7 +34,7 @@ func OpenDB(dbName string) (*DB, error) {
 	return &db, nil
 }
 
-func (db *DB) AddUser(user, pass, first, last string, writer, editor, admin bool) error {
+func (db *DB) AddUser(user *User, pass string) error {
 	hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost)
 	if err != nil {
 		return fmt.Errorf("error creating password hash: %v", err)
@@ -42,28 +42,25 @@ func (db *DB) AddUser(user, pass, first, last string, writer, editor, admin bool
 
 	query := `
     INSERT INTO users
-        (username, password, first_name, last_name, writer, editor, admin)
+        (username, password, first_name, last_name, role)
-    VALUES
+    VALUES (?, ?, ?, ?, ?)
-        (?, ?, ?, ?, ?, ?, ?)
     `
-	_, err = db.Exec(query, user, string(hashedPass), first, last, writer, editor, admin)
+	if _, err = db.Exec(query, user.UserName, string(hashedPass), user.FirstName, user.LastName, user.Role); err != nil {
-	if err != nil {
 		return fmt.Errorf("error inserting user into DB: %v", err)
 	}
 
 	return nil
 }
 
-func (db *DB) GetID(user string) (int64, error) {
+func (db *DB) GetID(userName string) (int64, error) {
 	var id int64
 
 	query := `
-    SELECT id FROM
+    SELECT id
-        users
+    FROM users
-    WHERE
+    WHERE username = ?
-        username = ?
     `
-	row := db.QueryRow(query, user)
+	row := db.QueryRow(query, userName)
 	if err := row.Scan(&id); err != nil {
 		return 0, fmt.Errorf("user not in DB: %v", err)
 	}
@@ -75,10 +72,9 @@ func (db *DB) CheckPassword(id int64, pass string) error {
 	var queriedPass string
 
 	query := `
-    SELECT password FROM
+    SELECT password
-        users
+    FROM users
-    WHERE
+    WHERE id = ?
-        id = ?
     `
 	row := db.QueryRow(query, id)
 	if err := row.Scan(&queriedPass); err != nil {
@@ -102,16 +98,43 @@ func (db *DB) ChangePassword(id int64, oldPass, newPass string) error {
 		return fmt.Errorf("error creating password hash: %v", err)
 	}
 
-	updateQuery := `
+	query := `
-    UPDATE users SET
+    UPDATE users
-        password = ?
+    SET password = ?
-    WHERE
+    WHERE id = ?
-        id = ?
     `
-	_, err = db.Exec(updateQuery, string(newHashedPass), id)
+	if _, err = db.Exec(query, string(newHashedPass), id); err != nil {
-	if err != nil {
 		return fmt.Errorf("error updating password in DB: %v", err)
 	}
 
 	return nil
 }
+
+func (db *DB) CountEntries() (int64, error) {
+	var count int64
+
+	query := `SELECT COUNT(*) FROM users`
+	row := db.QueryRow(query)
+	if err := row.Scan(&count); err != nil {
+		return 0, fmt.Errorf("error counting rows in user DB: %v", err)
+	}
+
+	return count, nil
+}
+
+// TODO: No need for ID field in general
+func (db *DB) GetUser(id int64) (*User, error) {
+	user := new(User)
+	query := `
+    SELECT id, username, first_name, last_name, role
+    FROM users
+    WHERE id = ?
+    `
+
+	row := db.QueryRow(query, id)
+	if err := row.Scan(&user.ID, &user.UserName, &user.FirstName, &user.LastName, &user.Role); err != nil {
+		return nil, fmt.Errorf("error reading user information: %v", err)
+	}
+
+	return user, nil
+}

cmd/data/markdown.go

@@ -20,3 +20,16 @@ func ConvertToHTML(md string) (string, error) {
 
 	return html, nil
 }
+
+func ConvertToPlain(md string) (string, error) {
+	var buf bytes.Buffer
+
+	if err := goldmark.Convert([]byte(md), &buf); err != nil {
+		return "", fmt.Errorf("error converting markdown to html: %v", err)
+	}
+
+	p := bluemonday.StrictPolicy()
+	plain := p.Sanitize(buf.String())
+
+	return plain, nil
+}

cmd/data/rss.go

@@ -0,0 +1,104 @@
+package data
+
+import (
+	"encoding/gob"
+	"fmt"
+	"os"
+	"sync"
+
+	"git.streifling.com/jason/rss"
+)
+
+type Channel struct {
+	addCh   chan *rss.Item
+	setCh   chan rss.Channel
+	getCh   chan rss.Channel
+	channel rss.Channel
+	wg      sync.WaitGroup
+}
+
+func initChannel() *Channel {
+	return &Channel{
+		addCh: make(chan *rss.Item),
+		setCh: make(chan rss.Channel),
+		getCh: make(chan rss.Channel),
+		channel: rss.Channel{
+			Items: make([]*rss.Item, 0),
+		},
+	}
+}
+
+func (c *Channel) start() {
+	c.wg.Done()
+	for {
+		select {
+		case item := <-c.addCh:
+			c.channel.Items = append(c.channel.Items, item)
+		case c.getCh <- c.channel:
+		case c.channel = <-c.setCh:
+		}
+	}
+}
+
+func NewChannel(title, link, desc string) *Channel {
+	channel := initChannel()
+	channel.channel = rss.Channel{
+		Title:       title,
+		Link:        link,
+		Description: desc,
+	}
+
+	channel.wg.Add(1)
+	go channel.start()
+	channel.wg.Wait()
+
+	return channel
+}
+
+func (c *Channel) Get() rss.Channel {
+	return <-c.getCh
+}
+
+func (f *Channel) Set(channel rss.Channel) {
+	f.setCh <- channel
+}
+
+func LoadChannel(filename string) (*Channel, error) {
+	file, err := os.Open(filename)
+	if err != nil {
+		return nil, fmt.Errorf("error opening file %v: %v", filename, err)
+	}
+	defer file.Close()
+
+	channel := initChannel()
+	channel.wg.Add(1)
+	go channel.start()
+	channel.wg.Wait()
+
+	tmpChannel := new(rss.Channel)
+	if err = gob.NewDecoder(file).Decode(tmpChannel); err != nil {
+		return nil, fmt.Errorf("error decoding channel from file %v: %v", filename, err)
+	}
+
+	channel.Set(*tmpChannel)
+	return channel, nil
+}
+
+func (c *Channel) Save(filename string) error {
+	file, err := os.Create(filename)
+	if err != nil {
+		return fmt.Errorf("error creating file %v: %v", filename, err)
+	}
+	defer file.Close()
+
+	channel := c.Get()
+	if err = gob.NewEncoder(file).Encode(channel); err != nil {
+		return fmt.Errorf("error encoding file %v: %v", filename, err)
+	}
+
+	return nil
+}
+
+func (c *Channel) Add(i *rss.Item) {
+	c.addCh <- i
+}

cmd/data/sessions.go

@@ -0,0 +1,61 @@
+package data
+
+import (
+	"crypto/rand"
+	"encoding/gob"
+	"fmt"
+	"io"
+	"os"
+
+	"github.com/gorilla/sessions"
+)
+
+type CookieStore struct {
+	sessions.CookieStore
+}
+
+func NewKey() ([]byte, error) {
+	key := make([]byte, 32)
+
+	if _, err := io.ReadFull(rand.Reader, key); err != nil {
+		return nil, fmt.Errorf("error generating key: %v", err)
+	}
+
+	return key, nil
+}
+
+func SaveKey(key []byte, filename string) error {
+	file, err := os.Create(filename)
+	if err != nil {
+		return fmt.Errorf("error creating key file: %v", err)
+	}
+	defer file.Close()
+	file.Chmod(0600)
+
+	if err = gob.NewEncoder(file).Encode(key); err != nil {
+		return fmt.Errorf("error ecoding key: %v", err)
+	}
+
+	return nil
+}
+
+func LoadKey(filename string) ([]byte, error) {
+	file, err := os.Open(filename)
+	if err != nil {
+		return nil, fmt.Errorf("error opening key file: %v", err)
+	}
+
+	key := make([]byte, 32)
+	if err = gob.NewDecoder(file).Decode(&key); err != nil {
+		return nil, fmt.Errorf("error decoding key: %v", err)
+	}
+
+	return key, nil
+}
+
+func NewCookieStore(key []byte) *CookieStore {
+	store := sessions.NewCookieStore(key)
+	store.Options.Secure = true
+	store.Options.HttpOnly = true
+	return &CookieStore{*store}
+}

cmd/data/user.go

@@ -0,0 +1,16 @@
+package data
+
+const (
+	Admin = iota
+	Editor
+	Writer
+)
+
+type User struct {
+	UserName         string
+	FirstName        string
+	LastName         string
+	RejectedArticles []*Article
+	ID               int64
+	Role             int
+}

cmd/feed/rss.go

@@ -1,75 +0,0 @@
-package feed
-
-import (
-	"encoding/gob"
-	"fmt"
-	"os"
-	"time"
-
-	"github.com/gorilla/feeds"
-)
-
-type Feed struct {
-	feeds.Feed
-}
-
-func NewFeed(title, link, desc string) *Feed {
-	return &Feed{
-		Feed: feeds.Feed{
-			Title:       title,
-			Link:        &feeds.Link{Href: link},
-			Description: desc,
-		},
-	}
-}
-
-func SaveFeed(feed *Feed, filename string) error {
-	file, err := os.Create(filename)
-	if err != nil {
-		return fmt.Errorf("error creating file %v: %v", filename, err)
-	}
-	defer file.Close()
-
-	encoder := gob.NewEncoder(file)
-	err = encoder.Encode(feed)
-	if err != nil {
-		return fmt.Errorf("error encoding file %v: %v", filename, err)
-	}
-
-	return nil
-}
-
-func OpenFeed(filename string) (*Feed, error) {
-	file, err := os.Open(filename)
-	if err != nil {
-		return nil, fmt.Errorf("error opening file %v: %v", filename, err)
-	}
-	defer file.Close()
-
-	feed := &Feed{}
-	decoder := gob.NewDecoder(file)
-	err = decoder.Decode(feed)
-	if err != nil {
-		return nil, fmt.Errorf("error decoding file %v: %v", filename, err)
-	}
-
-	return feed, nil
-}
-
-func AddToFeed(feed *Feed, title, desc, content string) error {
-	item := feeds.Item{
-		Title:       title,
-		Created:     time.Now(),
-		Description: desc,
-		Content:     content,
-	}
-	feed.Add(&item)
-
-	rss, err := feed.ToRss()
-	if err != nil {
-		return fmt.Errorf("error converting feed to RSS: %v", err)
-	}
-	fmt.Println(rss)
-
-	return nil
-}

cmd/ui/admin.go

@@ -0,0 +1,127 @@
+package ui
+
+import (
+	"fmt"
+	"html/template"
+	"log"
+	"net/http"
+	"strconv"
+
+	"streifling.com/jason/cpolis/cmd/data"
+)
+
+type AddUserData struct {
+	*data.User
+	Msg string
+}
+
+func inputsEmpty(user *data.User, pass, pass2 string) bool {
+	return len(user.UserName) == 0 ||
+		len(user.FirstName) == 0 ||
+		len(user.LastName) == 0 ||
+		len(pass) == 0 ||
+		len(pass2) == 0
+}
+
+func checkUserStrings(user *data.User) (string, int, bool) {
+	userLen := 15
+	nameLen := 50
+
+	if len(user.UserName) > userLen {
+		return "Benutzername", userLen, false
+	} else if len(user.FirstName) > nameLen {
+		return "Vorname", nameLen, false
+	} else if len(user.LastName) > nameLen {
+		return "Nachname", nameLen, false
+	} else {
+		return "", 0, true
+	}
+}
+
+func CreateUser(w http.ResponseWriter, r *http.Request) {
+	tmpl, err := template.ParseFiles("web/templates/add-user.html")
+	template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
+}
+
+func AddUser(db *data.DB, s *data.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		role, err := strconv.Atoi(r.PostFormValue("role"))
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		htmlData := AddUserData{
+			User: &data.User{
+				UserName:  r.PostFormValue("username"),
+				FirstName: r.PostFormValue("first-name"),
+				LastName:  r.PostFormValue("last-name"),
+				Role:      role,
+			},
+		}
+		pass := r.PostFormValue("password")
+		pass2 := r.PostFormValue("password2")
+
+		if inputsEmpty(htmlData.User, pass, pass2) {
+			htmlData.Msg = "Alle Felder müssen ausgefüllt werden."
+			tmpl, err := template.ParseFiles("web/templates/add-user.html")
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
+			return
+		}
+		userString, stringLen, ok := checkUserStrings(htmlData.User)
+		if !ok {
+			htmlData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
+				stringLen, " Zeichen erlaubt.")
+			tmpl, err := template.ParseFiles("web/templates/add-user.html")
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
+			return
+		}
+		id, _ := db.GetID(htmlData.UserName)
+		if id != 0 {
+			htmlData.Msg = fmt.Sprint(htmlData.UserName,
+				" ist bereits vergeben. Bitte anderen Benutzernamen wählen.")
+			tmpl, err := template.ParseFiles("web/templates/add-user.html")
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
+			return
+		}
+		if pass != pass2 {
+			htmlData.Msg = "Die Passwörter stimmen nicht überein."
+			tmpl, err := template.ParseFiles("web/templates/add-user.html")
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
+			return
+		}
+
+		num, err := db.CountEntries()
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		if num == 0 {
+			if htmlData.Role != data.Admin {
+				htmlData.Msg = "Der erste Benutzer muss ein Administrator sein."
+				htmlData.Role = data.Admin
+				tmpl, err := template.ParseFiles("web/templates/add-user.html")
+				tmpl = template.Must(tmpl, err)
+				tmpl.ExecuteTemplate(w, "page-content", htmlData)
+				return
+			}
+
+			if err := saveSession(w, r, s, htmlData.User); err != nil {
+				log.Println(err)
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+		}
+
+		if err := db.AddUser(htmlData.User, pass); err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", 0)
+	}
+}

cmd/ui/articles.go

@@ -0,0 +1,161 @@
+package ui
+
+import (
+	"html/template"
+	"log"
+	"net/http"
+	"time"
+
+	"git.streifling.com/jason/rss"
+	"github.com/google/uuid"
+	"streifling.com/jason/cpolis/cmd/data"
+)
+
+func ShowHub(s *data.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", session.Values["role"])
+	}
+}
+
+func WriteArticle(tl *data.TagList) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		tmpl, err := template.ParseFiles("web/templates/editor.html")
+		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", tl.Get())
+	}
+}
+
+func FinishArticle(al *data.ArticleList, s *data.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		article := new(data.Article)
+		var err error
+
+		article.Title, err = data.ConvertToPlain(r.PostFormValue("editor-title"))
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		article.Desc, err = data.ConvertToPlain(r.PostFormValue("editor-desc"))
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		article.Content, err = data.ConvertToHTML(r.PostFormValue("editor-text"))
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		r.ParseForm()
+		article.Tags = append(article.Tags, r.Form["tags"]...)
+
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+		}
+
+		article.UUID = uuid.New()
+		article.Author = session.Values["name"].(string)
+		article.Created = time.Now()
+		article.AuthorID = session.Values["id"].(int64)
+
+		al.Add(article)
+		al.Save("tmp/unpublished-articles.gob")
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
+	}
+}
+
+func ShowUnpublishedArticles(al *data.ArticleList) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		tmpl, err := template.ParseFiles("web/templates/unpublished-articles.html")
+		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", al.Get())
+	}
+}
+
+func ReviewArticle(al *data.ArticleList, s *data.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		uuid, err := uuid.Parse(r.PostFormValue("uuid"))
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		for _, article := range al.Get() {
+			if article.UUID == uuid {
+				tmpl, err := template.ParseFiles("web/templates/to-be-published.html")
+				template.Must(tmpl, err).ExecuteTemplate(w, "page-content", article)
+				return
+			}
+		}
+
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
+	}
+}
+
+func PublishArticle(c *data.Channel, al *data.ArticleList, s *data.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		uuid, err := uuid.Parse(r.PostFormValue("uuid"))
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		article, ok := al.Release(uuid)
+		if !ok {
+			// TODO: Warnung anzeigen
+			// msg = "Alle Felder müssen ausgefüllt werden."
+			// tmpl, err := template.ParseFiles("web/templates/add-user.html")
+			// template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+			return
+		}
+
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+		}
+
+		c.Add(&rss.Item{
+			Title:       article.Title,
+			Author:      session.Values["name"].(string),
+			PubDate:     article.Created.Format(time.RFC1123Z),
+			Description: article.Desc,
+			Content:     &rss.Content{Value: article.Content},
+			Categories:  article.Tags,
+		})
+		c.Save("tmp/rss.gob")
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
+	}
+}

cmd/ui/editor.go

@@ -0,0 +1,31 @@
+package ui
+
+import (
+	"html/template"
+	"net/http"
+
+	"streifling.com/jason/cpolis/cmd/data"
+)
+
+func CreateTag(w http.ResponseWriter, r *http.Request) {
+	tmpl, err := template.ParseFiles("web/templates/add-tag.html")
+	template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
+}
+
+func AddTag(tl *data.TagList, s *data.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		tl.Add(r.PostFormValue("tag"))
+		tl.Save("tmp/tags.gob")
+
+		session, err := s.Get(r, "cookie")
+		if err != nil {
+			tmpl, err := template.ParseFiles("web/templates/login.html")
+			msg := "Session nicht mehr gültig. Bitte erneut anmelden."
+			template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
+	}
+}

cmd/ui/helpers.go

@@ -1,16 +0,0 @@
-package ui
-
-func checkUserStrings(user, first, last string) (string, int, bool) {
-	userLen := 15
-	nameLen := 50
-
-	if len(user) > userLen {
-		return user, userLen, false
-	} else if len(first) > nameLen {
-		return first, nameLen, false
-	} else if len(last) > nameLen {
-		return last, nameLen, false
-	} else {
-		return "", 0, true
-	}
-}

cmd/ui/htmlStructs.go

@@ -1 +0,0 @@
-package ui

cmd/ui/rss.go

@@ -0,0 +1,28 @@
+package ui
+
+import (
+	"html/template"
+	"log"
+	"net/http"
+
+	"git.streifling.com/jason/rss"
+	"streifling.com/jason/cpolis/cmd/data"
+)
+
+func ShowRSS(c *data.Channel) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		channel := c.Get()
+		feed := rss.NewFeed()
+		feed.Channels = append(feed.Channels, &channel)
+		rss, err := feed.ToXML()
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		files := []string{"web/templates/index.html", "web/templates/feed.rss"}
+		tmpl, err := template.ParseFiles(files...)
+		template.Must(tmpl, err).Execute(w, rss)
+	}
+}

cmd/ui/sessions.go

@@ -0,0 +1,90 @@
+package ui
+
+import (
+	"fmt"
+	"html/template"
+	"log"
+	"net/http"
+
+	"streifling.com/jason/cpolis/cmd/data"
+)
+
+func saveSession(w http.ResponseWriter, r *http.Request, s *data.CookieStore, u *data.User) error {
+	session, err := s.Get(r, "cookie")
+	if err != nil {
+		return fmt.Errorf("error getting session: %v", err)
+	}
+
+	session.Values["authenticated"] = true
+	session.Values["id"] = u.ID
+	session.Values["name"] = u.FirstName + u.LastName
+	session.Values["role"] = u.Role
+	if err := session.Save(r, w); err != nil {
+		return fmt.Errorf("error saving session: %v", err)
+	}
+
+	return nil
+}
+
+func HomePage(db *data.DB, s *data.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		numRows, err := db.CountEntries()
+		if err != nil {
+			log.Fatalln(err)
+		}
+
+		files := []string{"web/templates/index.html"}
+		if numRows == 0 {
+			files = append(files, "web/templates/add-user.html")
+			tmpl, err := template.ParseFiles(files...)
+			template.Must(tmpl, err).Execute(w, nil)
+		} else {
+			session, _ := s.Get(r, "cookie")
+			if auth, ok := session.Values["authenticated"].(bool); auth && ok {
+				files = append(files, "web/templates/hub.html")
+				tmpl, err := template.ParseFiles(files...)
+				template.Must(tmpl, err).Execute(w, session.Values["role"])
+			} else {
+				files = append(files, "web/templates/login.html")
+				tmpl, err := template.ParseFiles(files...)
+				template.Must(tmpl, err).Execute(w, nil)
+			}
+		}
+	}
+}
+
+func Login(db *data.DB, s *data.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		userName := r.PostFormValue("username")
+		password := r.PostFormValue("password")
+
+		id, err := db.GetID(userName)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		if err := db.CheckPassword(id, password); err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		user, err := db.GetUser(id)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		if err := saveSession(w, r, s, user); err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles("web/templates/hub.html")
+		template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user.Role)
+	}
+}

cmd/ui/ui.go

@@ -1,98 +0,0 @@
-package ui
-
-import (
-	"html/template"
-	"log"
-	"net/http"
-
-	"streifling.com/jason/cpolis/cmd/data"
-	"streifling.com/jason/cpolis/cmd/feed"
-)
-
-func HandleLogin(db *data.DB) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		user := r.PostFormValue("username")
-		pass := r.PostFormValue("password")
-
-		id, err := db.GetID(user)
-		if err != nil {
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			// TODO: und nun?
-		}
-
-		if err := db.CheckPassword(id, pass); err != nil {
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-		} else {
-			template.Must(template.ParseFiles("web/templates/editor.html")).ExecuteTemplate(w, "page-content", nil)
-		}
-	}
-}
-
-func HandleFinishedEdit(f *feed.Feed) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		title := r.PostFormValue("editor-title")
-		desc := r.PostFormValue("editor-desc")
-		mdContent := r.PostFormValue("editor-text")
-
-		content, err := data.ConvertToHTML(mdContent)
-		if err != nil {
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			log.Panicln(err)
-		}
-
-		feed.AddToFeed(f, title, desc, content)
-		feed.SaveFeed(f, "tmp/rss.gob")
-		// template.Must(template.ParseFiles("web/templates/editor.html")).ExecuteTemplate(w, "html-result", rssItem)
-	}
-}
-
-func HandleAddUser(db *data.DB) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		var writer, editor, admin bool
-
-		user := r.PostFormValue("username")
-		pass := r.PostFormValue("password")
-		pass2 := r.PostFormValue("password2")
-		first := r.PostFormValue("first-name")
-		last := r.PostFormValue("last-name")
-		role := r.PostFormValue("role")
-
-		_, _, ok := checkUserStrings(user, first, last)
-		if !ok {
-			log.Println("checkUserStrings")
-			template.Must(template.ParseFiles("web/templates/add-user.html")).Execute(w, nil)
-		}
-		id, _ := db.GetID(user)
-		if id != 0 {
-			log.Println("GetID")
-			template.Must(template.ParseFiles("web/templates/add-user.html")).Execute(w, nil)
-		}
-		if pass != pass2 {
-			log.Println("pass")
-			template.Must(template.ParseFiles("web/templates/add-user.html")).Execute(w, nil)
-		}
-		switch role {
-		case "writer":
-			writer = true
-			editor = false
-			admin = false
-		case "editor":
-			writer = false
-			editor = true
-			admin = false
-		case "admin":
-			writer = false
-			editor = false
-			admin = true
-		default:
-			log.Println("switch")
-			template.Must(template.ParseFiles("web/templates/add-user.html")).Execute(w, nil)
-		}
-
-		if err := db.AddUser(user, pass, first, last, writer, editor, admin); err != nil {
-			log.Println(err)
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-		}
-		template.Must(template.ParseFiles("web/templates/editor.html")).Execute(w, nil)
-	}
-}

go.mod

@@ -3,8 +3,11 @@ module streifling.com/jason/cpolis
 go 1.22.0
 
 require (
+	git.streifling.com/jason/rss v0.0.0-20240305164907-524bf9676188
 	github.com/go-sql-driver/mysql v1.7.1
+	github.com/google/uuid v1.6.0
 	github.com/gorilla/feeds v1.1.2
+	github.com/gorilla/sessions v1.2.2
 	github.com/microcosm-cc/bluemonday v1.0.26
 	github.com/yuin/goldmark v1.7.0
 	golang.org/x/crypto v0.14.0
@@ -14,6 +17,7 @@ require (
 require (
 	github.com/aymerick/douceur v0.2.0 // indirect
 	github.com/gorilla/css v1.0.0 // indirect
+	github.com/gorilla/securecookie v1.1.2 // indirect
 	golang.org/x/net v0.17.0 // indirect
 	golang.org/x/sys v0.17.0 // indirect
 )

go.sum

@@ -1,11 +1,27 @@
+git.streifling.com/jason/rss v0.0.0-20240305152729-9d8cc6464565 h1:/eO9NTksh+9yLz3HiYNR7BJo/iMTxxW5/d9h8I6vR6E=
+git.streifling.com/jason/rss v0.0.0-20240305152729-9d8cc6464565/go.mod h1:gpZF0nZbQSstMpyHD9DTAvlQEG7v4pjO5c7aIMWM4Jg=
+git.streifling.com/jason/rss v0.0.0-20240305160544-c8551159fe32 h1:G25NZzsD73rOkGYgV2vPUDviB0JXk5qi+dXOwB6J56U=
+git.streifling.com/jason/rss v0.0.0-20240305160544-c8551159fe32/go.mod h1:gpZF0nZbQSstMpyHD9DTAvlQEG7v4pjO5c7aIMWM4Jg=
+git.streifling.com/jason/rss v0.0.0-20240305160829-6cd08bb65d2a h1:TWQ9gwe7eWjaLUrZ0CJSc+sUUOw3VoGHlR3F8mH6vqs=
+git.streifling.com/jason/rss v0.0.0-20240305160829-6cd08bb65d2a/go.mod h1:gpZF0nZbQSstMpyHD9DTAvlQEG7v4pjO5c7aIMWM4Jg=
+git.streifling.com/jason/rss v0.0.0-20240305164907-524bf9676188 h1:C8M/j3f+cl5Y7YfGpU/ynb/SC/4tTYMDsyGFt3rswM8=
+git.streifling.com/jason/rss v0.0.0-20240305164907-524bf9676188/go.mod h1:gpZF0nZbQSstMpyHD9DTAvlQEG7v4pjO5c7aIMWM4Jg=
 github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=
 github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4=
 github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
 github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
+github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
+github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gorilla/css v1.0.0 h1:BQqNyPTi50JCFMTw/b67hByjMVXZRwGha6wxVGkeihY=
 github.com/gorilla/css v1.0.0/go.mod h1:Dn721qIggHpt4+EFCcTLTU/vk5ySda2ReITrtgBl60c=
 github.com/gorilla/feeds v1.1.2 h1:pxzZ5PD3RJdhFH2FsJJ4x6PqMqbgFk1+Vez4XWBW8Iw=
 github.com/gorilla/feeds v1.1.2/go.mod h1:WMib8uJP3BbY+X8Szd1rA5Pzhdfh+HCCAYT2z7Fza6Y=
+github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
+github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
+github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY=
+github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=

main.go

@@ -1,39 +1,79 @@
 package main
 
 import (
-	"html/template"
+	"encoding/gob"
 	"log"
 	"net/http"
+	"os"
 
 	"streifling.com/jason/cpolis/cmd/data"
-	"streifling.com/jason/cpolis/cmd/feed"
 	"streifling.com/jason/cpolis/cmd/ui"
 )
 
+func init() {
+	gob.Register(data.User{})
+}
+
 func main() {
+	logFile, err := os.OpenFile("tmp/cpolis.log",
+		os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0644)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	defer logFile.Close()
+	log.SetOutput(logFile)
+
 	db, err := data.OpenDB("cpolis")
 	if err != nil {
 		log.Fatalln(err)
 	}
 	defer db.Close()
 
-	rss, err := feed.OpenFeed("tmp/rss.gob")
+	feed, err := data.LoadChannel("tmp/rss.gob")
 	if err != nil {
 		log.Println(err)
-		rss = feed.NewFeed("Freimaurer Distrikt Niedersachsen und Sachsen-Anhalt",
+		feed = data.NewChannel("Freimaurer Distrikt Niedersachsen und Sachsen-Anhalt",
 			"https://distrikt-ni-st.de",
 			"Freiheit, Gleichheit, Brüderlichkeit, Toleranz und Humanität")
 	}
 
+	key, err := data.LoadKey("tmp/key.gob")
+	if err != nil {
+		key, err = data.NewKey()
+		if err != nil {
+			log.Fatalln(err)
+		}
+		data.SaveKey(key, "tmp/key.gob")
+	}
+	store := data.NewCookieStore(key)
+
+	articleList, err := data.LoadArticleList("tmp/unpublished-articles.gob")
+	if err != nil {
+		articleList = data.NewArticleList()
+	}
+
+	tagList, err := data.LoadTagList("tmp/tags.gob")
+	if err != nil {
+		tagList = data.NewTagList()
+	}
+
 	mux := http.NewServeMux()
 	mux.Handle("/web/static/", http.StripPrefix("/web/static/", http.FileServer(http.Dir("web/static/"))))
-	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+	mux.HandleFunc("/", ui.HomePage(db, store))
-		template.Must(template.ParseFiles("web/templates/index.html", "web/templates/login.html")).Execute(w, nil)
-	})
 
-	mux.HandleFunc("POST /add-user/", ui.HandleAddUser(db))
+	mux.HandleFunc("GET /create-tag/", ui.CreateTag)
-	mux.HandleFunc("POST /finished-edit/", ui.HandleFinishedEdit(rss))
+	mux.HandleFunc("GET /create-user/", ui.CreateUser)
-	mux.HandleFunc("POST /login/", ui.HandleLogin(db))
+	mux.HandleFunc("GET /hub/", ui.ShowHub(store))
+	mux.HandleFunc("GET /rss/", ui.ShowRSS(feed))
+	mux.HandleFunc("GET /unpublished-articles/", ui.ShowUnpublishedArticles(articleList))
+	mux.HandleFunc("GET /write-article/", ui.WriteArticle(tagList))
+
+	mux.HandleFunc("POST /add-tag/", ui.AddTag(tagList, store))
+	mux.HandleFunc("POST /add-user/", ui.AddUser(db, store))
+	mux.HandleFunc("POST /finish-article/", ui.FinishArticle(articleList, store))
+	mux.HandleFunc("POST /login/", ui.Login(db, store))
+	mux.HandleFunc("POST /review-article/", ui.ReviewArticle(articleList, store))
+	mux.HandleFunc("POST /publish-article/", ui.PublishArticle(feed, articleList, store))
 
 	log.Fatalln(http.ListenAndServe(":8080", mux))
 }

web/templates/add-tag.html

@@ -0,0 +1,8 @@
+{{define "page-content"}}
+<h2>Neuer Benutzer</h2>
+<form>
+    <input required name="tag" placeholder="Tag" type="text" />
+    <input type="submit" value="Anlegen" hx-post="/add-tag/" hx-target="#page-content" />
+</form>
+<button hx-get="/hub/" hx-target="#page-content">Abbrechen</button>
+{{end}}

web/templates/add-user.html

@@ -1,20 +1,28 @@
 {{define "page-content"}}
 <h2>Neuer Benutzer</h2>
 <form>
-    <input name="username" placeholder="Benutzername" type="text" />
+    <input required name="username" placeholder="Benutzername" type="text" value="{{.UserName}}" />
-    <input name="password" placeholder="Passwort" type="password" />
+    <input required name="password" placeholder="Passwort" type="password" />
-    <input name="password2" placeholder="Passwort wiederholen" type="password" />
+    <input required name="password2" placeholder="Passwort wiederholen" type="password" />
 
-    <input name="first-name" placeholder="Vorname" type="text" />
+    <input required name="first-name" placeholder="Vorname" type="text" value="{{.FirstName}}" />
-    <input name="last-name" placeholder="Nachname" type="text" />
+    <input required name="last-name" placeholder="Nachname" type="text" value="{{.LastName}}" />
 
+    <input required id="writer" name="role" type="radio" value="2" {{if eq .Role 2 }}checked{{end}} />
     <label for="writer">Schreiber</label>
-    <input id="writer" name="role" type="radio" value="writer" />
+    <input required id="editor" name="role" type="radio" value="1" {{if eq .Role 1 }}checked{{end}} />
     <label for="editor">Redakteur</label>
-    <input id="editor" name="role" type="radio" value="editor" />
+    <input required id="admin" name="role" type="radio" value="0" {{if eq .Role 0 }}checked{{end}} />
     <label for="admin">Admin</label>
-    <input id="admin" name="role" type="radio" value="admin" />
 
     <input type="submit" value="Anlegen" hx-post="/add-user/" hx-target="#page-content" />
 </form>
+<button hx-get="/hub/" hx-target="#page-content">Abbrechen</button>
+
+<script>
+    var msg = "{{.Msg}}";
+    if (msg != "") {
+        alert(msg);
+    }
+</script>
 {{end}}

web/templates/editor.html

@@ -4,7 +4,11 @@
     <input name="editor-title" placeholder="Titel" type="text" />
     <textarea name="editor-desc" placeholder="Beschreibung"></textarea>
     <textarea name="editor-text" placeholder="Artikel"></textarea>
-    <input type="submit" value="Senden" hx-post="/finished-edit/" hx-target="#page-content" />
+    {{range .}}
+    <input id="{{.}}" name="tags" type="checkbox" value="{{.}}" />
+    <label for="{{.}}">{{.}}</label>
+    {{end}}
+    <input type="submit" value="Senden" hx-post="/finish-article/" hx-target="#page-content" />
 </form>
 {{end}}
 

web/templates/feed.rss

@@ -0,0 +1,3 @@
+{{define "page-content"}}
+{{.}}
+{{end}}

web/templates/hub.html

@@ -0,0 +1,12 @@
+{{define "page-content"}}
+<h2>Hub</h2>
+<button hx-get="/write-article/" hx-target="#page-content">Artikel schreiben</button>
+<button hx-get="/rss/" hx-target="#page-content">RSS Feed</button>
+{{if lt . 2}}
+<button hx-get="/unpublished-articles/" hx-target="#page-content">Unveröffentlichte Artikel</button>
+<button hx-get="/create-tag/" hx-target="#page-content">Neuer Tag</button>
+{{end}}
+{{if eq . 0}}
+<button hx-get="/create-user/" hx-target="#page-content">Benutzer hinzufügen</button>
+{{end}}
+{{end}}

web/templates/to-be-published.html

@@ -0,0 +1,11 @@
+{{define "page-content"}}
+<form>
+    <input name="editor-title" type="text" value="{{.Title}}" />
+    <textarea name="editor-desc">{{.Desc}}</textarea>
+    <textarea name="editor-text">{{.Content}}</textarea>
+    <input name="uuid" type="hidden" value="{{.UUID}}" />
+    <input type="submit" value="Veröffentlichen" hx-post="/publish-article/" hx-target="#page-content" />
+    <input type="submit" value="Ablehnen" hx-post="/reject-article/" hx-target="#page-content" />
+</form>
+<button hx-get="/hub/" hx-target="#page-content">Zurück</button>
+{{end}}

web/templates/unpublished-articles.html

@@ -0,0 +1,10 @@
+{{define "page-content"}}
+<form>
+    {{range .}}
+    <input required id="{{.UUID}}" name="uuid" type="radio" value="{{.UUID}}" />
+    <label for="{{.UUID}}">{{.Title}}</label>
+    {{end}}
+    <input type="submit" value="Auswählen" hx-post="/review-article/" hx-target="#page-content" />
+</form>
+<button hx-get="/hub/" hx-target="#page-content">Zurück</button>
+{{end}}