jason/cpolis
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases 58 Wiki Activity

Compare commits

base: jason:article_db
Branches Tags
jason:main jason:devel jason:firebase jason:tailwind jason:publish_issue jason:article_db jason:streifling.com/rss jason:new_rss jason:sessions
jason:v0.17.1 jason:v0.17.0 jason:v0.16.2 jason:v0.16.1 jason:v0.16.0 jason:v0.15.5 jason:v0.15.4 jason:v0.15.3 jason:v0.15.2 jason:v0.15.1 jason:v0.15.0 jason:v0.14.1 jason:v0.14.0 jason:v0.13.4 jason:v0.13.3 jason:v0.13.2 jason:v0.13.1 jason:v0.13.0 jason:v0.12.0 jason:v0.11.1 jason:v0.11.0 jason:v0.10.3 jason:v0.10.2 jason:v0.10.1 jason:v0.10.0 jason:v0.9.1 jason:v0.9.0 jason:v0.8.3 jason:v0.8.2 jason:v0.8.1 jason:v0.8.0 jason:v0.7.8 jason:v0.7.7 jason:v0.7.6 jason:v0.7.5 jason:v0.7.4 jason:v0.7.3 jason:v0.7.2 jason:v0.7.1 jason:v0.7.0 jason:v0.6.1 jason:v0.6.0 jason:v0.5.2 jason:v0.5.1 jason:v0.5.0 jason:v0.4.0 jason:v0.3.0 jason:v0.2.7 jason:v0.2.6 jason:v0.2.5 jason:v0.2.4 jason:v0.2.3 jason:cpolis-v0.2.2 jason:cpolis-v0.2.1 jason:cpolis-v0.2.0 jason:v0.1.2 jason:v0.1.1 jason:v0.1.0
..
compare: jason:f5c1a5e8d0f373ac4934c84c3ddba0a3d5a789cf
Branches Tags
jason:main jason:devel jason:firebase jason:tailwind jason:publish_issue jason:article_db jason:streifling.com/rss jason:new_rss jason:sessions
jason:v0.17.1 jason:v0.17.0 jason:v0.16.2 jason:v0.16.1 jason:v0.16.0 jason:v0.15.5 jason:v0.15.4 jason:v0.15.3 jason:v0.15.2 jason:v0.15.1 jason:v0.15.0 jason:v0.14.1 jason:v0.14.0 jason:v0.13.4 jason:v0.13.3 jason:v0.13.2 jason:v0.13.1 jason:v0.13.0 jason:v0.12.0 jason:v0.11.1 jason:v0.11.0 jason:v0.10.3 jason:v0.10.2 jason:v0.10.1 jason:v0.10.0 jason:v0.9.1 jason:v0.9.0 jason:v0.8.3 jason:v0.8.2 jason:v0.8.1 jason:v0.8.0 jason:v0.7.8 jason:v0.7.7 jason:v0.7.6 jason:v0.7.5 jason:v0.7.4 jason:v0.7.3 jason:v0.7.2 jason:v0.7.1 jason:v0.7.0 jason:v0.6.1 jason:v0.6.0 jason:v0.5.2 jason:v0.5.1 jason:v0.5.0 jason:v0.4.0 jason:v0.3.0 jason:v0.2.7 jason:v0.2.6 jason:v0.2.5 jason:v0.2.4 jason:v0.2.3 jason:cpolis-v0.2.2 jason:cpolis-v0.2.1 jason:cpolis-v0.2.0 jason:v0.1.2 jason:v0.1.1 jason:v0.1.0

54 Commits
article_db ... f5c1a5e8d0

Author SHA1 Message Date
Jason Streifling
f5c1a5e8d0 Added copyright 2024-03-17 15:29:12 +01:00
Jason Streifling
40d1104a66 Set pubDate to published time and date 2024-03-17 09:41:09 +01:00
Jason Streifling
736673c33f Now everyone only sees their own rejected articles 2024-03-17 09:15:37 +01:00
Jason Streifling
1a2e18359c Added ability to view tags when rejecting and change tags when reworking articles 2024-03-17 08:46:49 +01:00
Jason Streifling
d1d3a81565 Implemented retry logic on all transactions 2024-03-15 18:37:24 +01:00
Jason Streifling
bc2302d31f Implement retry logic for UpdateAttributes 2024-03-15 15:18:02 +01:00
Jason Streifling
1b02e3fad2 Added logout 2024-03-12 20:27:39 +01:00
Jason Streifling
dc06a6e9aa Fixed dumb routing mistake 2024-03-12 19:56:22 +01:00
Jason Streifling
63370ada01 Added ability to edit user info 2024-03-11 21:08:27 +01:00
Jason Streifling
5145e1cd94 Added ability to reject and rework article 2024-03-10 15:03:46 +01:00
Jason Streifling
28eb7e236a Split up db.go into multiple files 2024-03-09 11:06:03 +01:00
Jason Streifling
4a7883f886 Also missed rss.go 2024-03-09 10:27:55 +01:00
Jason Streifling
b69a0688ef Missed main when converting to MVC 2024-03-09 10:27:04 +01:00
Jason Streifling
0e18c7a7db Changed everything to MVC 2024-03-09 10:25:20 +01:00
Jason Streifling
3ab9a8fe10 Converted RSS feed to be DB based 2024-03-09 10:12:46 +01:00
Jason Streifling
6dfd49a5cd Reachieve basic functionality 2024-03-07 20:11:28 +01:00
Jason Streifling
5455bdb12b Articles and tags are now inserted into DB correctly 2024-03-07 15:31:00 +01:00
Jason Streifling
9eaafdc712 Converted articles and tags to DB base 2024-03-06 20:53:17 +01:00
Jason Streifling
d127be4c93 Handle rollbackError with log.Fatalf() 2024-03-06 16:58:41 +01:00
Jason Streifling
34832e397f Corrected transaction for ChangePassword() 2024-03-06 16:51:08 +01:00
Jason Streifling
2c0b4878f4 Use transaction when necessary 2024-03-06 15:37:59 +01:00
Jason Streifling
f0e078c011 Load *ArticleList, *Taglist and *Channel correctly 2024-03-06 15:37:42 +01:00
Jason Streifling
a8fc28af36 Moved main.go into cmd 2024-03-05 18:26:50 +01:00
Jason Streifling
e4f085f762 Added Tags to RSS feed as categories 2024-03-05 18:20:34 +01:00
Jason Streifling
6136f83dfc Converted RSS package to git.streifling.com/jason/rss 2024-03-05 17:13:59 +01:00
Jason Streifling
21170c9cc2 A bit of cleaning up 2024-03-05 16:38:18 +01:00
Jason Streifling
6502aa7ec1 Added partial support for tags 2024-03-03 13:56:49 +01:00
Jason Streifling
e5bdc235b6 Initial sessions implementation 2024-03-03 09:16:49 +01:00
Jason Streifling
655992c8b2 Just a bit of cleaning up 2024-03-02 09:09:55 +01:00
Jason Streifling
aa7fcd6075 Created func for minimum spec for rss and article structs, thereby crushing an annoying bug that was caused by not initializing channels but waiting for messages to go through them 2024-03-02 00:28:42 +01:00
Jason Streifling
f9cc90a948 Changed articles and rss to channels 2024-03-01 21:01:38 +01:00
Jason Streifling
7f2433c30b Implemented proper User struct 2024-03-01 12:25:53 +01:00
Jason Streifling
f34efc95dd Added ability to publish articles 2024-03-01 11:30:31 +01:00
Jason Streifling
935d0a1ca4 Added article list for written but non-published articles 2024-02-27 14:10:27 +01:00
Jason Streifling
48d4d482b2 Convert title and description to plain text 2024-02-27 09:03:21 +01:00
Jason Streifling
8dae3ca21e Implemented hub 2024-02-24 15:31:33 +01:00
Jason Streifling
6f02852212 Add ability to display feed 2024-02-24 14:49:29 +01:00
Jason Streifling
4cc2110c4b Added messages and field memory for adding user 2024-02-24 13:25:32 +01:00
Jason Streifling
04cbee097c Require all fields to be filled out when creating a new user 2024-02-24 12:10:34 +01:00
Jason Streifling
93423ae606 Implemented logging to file 2024-02-24 11:41:01 +01:00
Jason Streifling
41113b24a8 Check if user already exists and bug fix 2024-02-24 10:56:12 +01:00
Jason Streifling
2247f316a3 Added ability to add user 2024-02-24 10:28:12 +01:00
Jason Streifling
9beedf9b2b Added ability to login 2024-02-24 09:54:25 +01:00
Jason Streifling
7d6f96a185 Check user credentials before adding user 2024-02-22 20:12:09 +01:00
Jason Streifling
8d47146a7c Added ability to update Passwords 2024-02-22 19:27:41 +01:00
Jason Streifling
4853184ba1 Added ability to add user 2024-02-22 18:49:51 +01:00
Jason Streifling
50895249df Changed error messages 2024-02-22 15:23:29 +01:00
Jason Streifling
6e91253908 Added HTML sanitizer 2024-02-22 15:22:45 +01:00
Jason Streifling
9bb6010319 Added initial support for MySQL databases 2024-02-18 16:37:13 +01:00
Jason Streifling
75a0af055c Handle misssed errors for encoding and decoding feeds 2024-02-18 14:31:28 +01:00
Jason Streifling
171a0dd250 Added description and a way to save and restore the RSS feed. 2024-02-18 14:01:06 +01:00
Jason Streifling
372882a252 Create RSS from HTML 2024-02-18 12:41:49 +01:00
Jason Streifling
2d0b53a254 Show HTML on website 2024-02-18 10:48:37 +01:00
Jason Streifling
2447f50bac First implementation of web based editor to HTML pipeline 2024-02-18 10:07:49 +01:00
21 changed files with 953 additions and 453 deletions
Expand all files Collapse all files

8
cmd/control/rss.go
View File

@ -8,15 +8,15 @@ import (
"streifling.com/jason/cpolis/cmd/model" "streifling.com/jason/cpolis/cmd/model"
) )
func GetChannel(db *model.DB, title, link, desc string) (*rss.Channel, error) { func GetChannel(db *model.DB, title, link, description string) (*rss.Channel, error) {
channel := &rss.Channel{ channel := &rss.Channel{
Title: title, Title: title,
Link: link, Link: link,
Description: desc, Description: description,
Items: make([]*rss.Item, 0), Items: make([]*rss.Item, 0),
} }
articles, err := db.GetCertainArticles(true) articles, err := db.GetCertainArticles(true, false)
if err != nil { if err != nil {
return nil, fmt.Errorf("error fetching published articles: %v", err) return nil, fmt.Errorf("error fetching published articles: %v", err)
} }
@ -40,7 +40,7 @@ func GetChannel(db *model.DB, title, link, desc string) (*rss.Channel, error) {
Title: article.Title, Title: article.Title,
Author: user.FirstName + user.LastName, Author: user.FirstName + user.LastName,
PubDate: article.Created.Format(time.RFC1123Z), PubDate: article.Created.Format(time.RFC1123Z),
Description: article.Desc, Description: article.Description,
Content: &rss.Content{Value: article.Content}, Content: &rss.Content{Value: article.Content},
Categories: tagNames, Categories: tagNames,
}) })

13
cmd/main.go
View File

@ -47,7 +47,10 @@ func main() {
mux.HandleFunc("GET /create-tag/", view.CreateTag) mux.HandleFunc("GET /create-tag/", view.CreateTag)
mux.HandleFunc("GET /create-user/", view.CreateUser) mux.HandleFunc("GET /create-user/", view.CreateUser)
mux.HandleFunc("GET /hub/", view.ShowHub(store)) mux.HandleFunc("GET /edit-user/", view.EditUser(db, store))
mux.HandleFunc("GET /hub/", view.ShowHub(db, store))
mux.HandleFunc("GET /logout/", view.Logout(store))
mux.HandleFunc("GET /rejected-articles/", view.ShowRejectedArticles(db, store))
mux.HandleFunc("GET /rss/", view.ShowRSS( mux.HandleFunc("GET /rss/", view.ShowRSS(
db, db,
"Freimaurer Distrikt Niedersachsen und Sachsen-Anhalt", "Freimaurer Distrikt Niedersachsen und Sachsen-Anhalt",
@ -59,10 +62,14 @@ func main() {
mux.HandleFunc("POST /add-tag/", view.AddTag(db, store)) mux.HandleFunc("POST /add-tag/", view.AddTag(db, store))
mux.HandleFunc("POST /add-user/", view.AddUser(db, store)) mux.HandleFunc("POST /add-user/", view.AddUser(db, store))
mux.HandleFunc("POST /finish-article/", view.FinishArticle(db, store))
mux.HandleFunc("POST /login/", view.Login(db, store)) mux.HandleFunc("POST /login/", view.Login(db, store))
mux.HandleFunc("POST /review-article/", view.ReviewArticle(db, store))
mux.HandleFunc("POST /publish-article/", view.PublishArticle(db, store)) mux.HandleFunc("POST /publish-article/", view.PublishArticle(db, store))
mux.HandleFunc("POST /reject-article/", view.RejectArticle(db, store))
mux.HandleFunc("POST /resubmit-article/", view.ResubmitArticle(db, store))
mux.HandleFunc("POST /review-rejected-article/", view.ReviewRejectedArticle(db, store))
mux.HandleFunc("POST /review-unpublished-article/", view.ReviewUnpublishedArticle(db, store))
mux.HandleFunc("POST /submit-article/", view.SubmitArticle(db, store))
mux.HandleFunc("POST /update-user/", view.UpdateUser(db, store))
log.Fatalln(http.ListenAndServe(":8080", mux)) log.Fatalln(http.ListenAndServe(":8080", mux))
} }

97
cmd/model/articles.go Normal file
View File

@ -0,0 +1,97 @@
package model
import (
"fmt"
"time"
)
type Article struct {
Title string
Created time.Time
Description string
Content string
Published bool
Rejected bool
ID int64
AuthorID int64
}
func (db *DB) AddArticle(a *Article) (int64, error) {
query := `
INSERT INTO articles
(title, description, content, published, rejected, author_id)
VALUES (?, ?, ?, ?, ?, ?)
`
result, err := db.Exec(query, a.Title, a.Description, a.Content,
a.Published, a.Rejected, a.AuthorID)
if err != nil {
return 0, fmt.Errorf("error inserting article into DB: %v", err)
}
id, err := result.LastInsertId()
if err != nil {
return 0, fmt.Errorf("error retrieving last ID: %v", err)
}
return id, nil
}
func (db *DB) GetArticle(id int64) (*Article, error) {
query := `
SELECT title, created, description, content, published, author_id
FROM articles
WHERE id = ?
`
row := db.QueryRow(query, id)
article := new(Article)
var created []byte
var err error
if err := row.Scan(&article.Title, &created, &article.Description,
&article.Content, &article.Published, &article.AuthorID); err != nil {
return nil, fmt.Errorf("error scanning article row: %v", err)
}
article.ID = id
article.Created, err = time.Parse("2006-01-02 15:04:05", string(created))
if err != nil {
return nil, fmt.Errorf("error parsing created: %v", err)
}
return article, nil
}
func (db *DB) GetCertainArticles(published, rejected bool) ([]*Article, error) {
query := `
SELECT id, title, created, description, content, author_id
FROM articles
WHERE published = ?
AND rejected = ?
`
rows, err := db.Query(query, published, rejected)
if err != nil {
return nil, fmt.Errorf("error querying articles: %v", err)
}
articleList := make([]*Article, 0)
for rows.Next() {
article := new(Article)
var created []byte
if err = rows.Scan(&article.ID, &article.Title, &created, &article.Description,
&article.Content, &article.AuthorID); err != nil {
return nil, fmt.Errorf("error scanning article row: %v", err)
}
article.Published = false
article.Created, err = time.Parse("2006-01-02 15:04:05", string(created))
if err != nil {
return nil, fmt.Errorf("error parsing created: %v", err)
}
articleList = append(articleList, article)
}
return articleList, nil
}

72
cmd/model/articles_tags.go Normal file
View File

@ -0,0 +1,72 @@
package model
import (
"fmt"
"log"
"math"
"math/rand/v2"
"time"
)
func (db *DB) WriteArticleTags(articleID int64, tagIDs []int64) error {
for i := 0; i < TxMaxRetries; i++ {
err := func() error {
tx, err := db.Begin()
if err != nil {
return fmt.Errorf("error starting transaction: %v", err)
}
for _, tagID := range tagIDs {
query := `
INSERT INTO articles_tags (article_id, tag_id)
VALUES (?, ?)
`
if _, err := tx.Exec(query, articleID, tagID); err != nil {
if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
}
return fmt.Errorf("error inserting into articles_tags: %v", err)
}
}
if err = tx.Commit(); err != nil {
return fmt.Errorf("error committing transaction: %v", err)
}
return nil
}()
if err == nil {
return nil
}
log.Println(err)
waitTime := time.Duration(math.Pow(2, float64(i))) * time.Second
jitter := time.Duration(rand.IntN(1000)) * time.Millisecond
time.Sleep(waitTime + jitter)
}
return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
}
func (db *DB) GetArticleTags(articleID int64) ([]*Tag, error) {
query := `
SELECT t.id, t.name
FROM articles a
INNER JOIN articles_tags at ON a.id = at.article_id
INNER JOIN tags t ON at.tag_id = t.id
WHERE a.id = ?
`
rows, err := db.Query(query, articleID)
if err != nil {
return nil, fmt.Errorf("error querying articles_tags: %v", err)
}
tags := make([]*Tag, 0)
for rows.Next() {
tag := new(Tag)
if err = rows.Scan(&tag.ID, &tag.Name); err != nil {
return nil, fmt.Errorf("error scanning rows: %v", err)
}
tags = append(tags, tag)
}
return tags, nil
}

397
cmd/model/db.go
View File

@ -1,17 +1,73 @@
package model package model
import ( import (
"bufio"
"database/sql" "database/sql"
"fmt" "fmt"
"log" "log"
"math"
"math/rand/v2"
"os"
"strings"
"syscall"
"time" "time"
"github.com/go-sql-driver/mysql" "github.com/go-sql-driver/mysql"
"golang.org/x/crypto/bcrypt" "golang.org/x/term"
) )
type DB struct { var TxMaxRetries = 3
*sql.DB
type (
DB struct{ *sql.DB }
Tx struct{ *sql.Tx }
Attribute struct {
Value interface{}
Table string
AttName string
ID int64
}
)
func getUsername() (string, error) {
user := os.Getenv("DB_USER")
if user == "" {
var err error
fmt.Printf("DB Benutzer: ")
user, err = bufio.NewReader(os.Stdin).ReadString('\n')
if err != nil {
return "", fmt.Errorf("error reading username: %v", err)
}
}
return strings.TrimSpace(user), nil
}
func getPassword() (string, error) {
pass := os.Getenv("DB_PASS")
if pass == "" {
fmt.Printf("DB Passwort: ")
bytePass, err := term.ReadPassword(int(syscall.Stdin))
if err != nil {
return "", fmt.Errorf("error reading password: %v", err)
}
fmt.Println()
pass = strings.TrimSpace(string(bytePass))
}
return pass, nil
}
func getCredentials() (string, string, error) {
user, err := getUsername()
if err != nil {
return "", "", fmt.Errorf("error getting username: %v", err)
}
pass, err := getPassword()
if err != nil {
return "", "", fmt.Errorf("error getting password: %v", err)
}
return user, pass, nil
} }
func OpenDB(dbName string) (*DB, error) { func OpenDB(dbName string) (*DB, error) {
@ -36,130 +92,49 @@ func OpenDB(dbName string) (*DB, error) {
return &db, nil return &db, nil
} }
func (db *DB) UpdateAttribute(table string, id int64, attribute string, val interface{}) error { func (db *DB) UpdateAttributes(a ...*Attribute) error {
query := fmt.Sprintf(` for i := 0; i < TxMaxRetries; i++ {
UPDATE %s err := func() error {
SET %s = ? tx, err := db.Begin()
WHERE id = ? if err != nil {
`, table, attribute) return fmt.Errorf("error starting transaction: %v", err)
if _, err := db.Exec(query, val, id); err != nil { }
return fmt.Errorf("error updating article in DB: %v", err)
}
return nil
}
func (db *DB) AddUser(user *User, pass string) error { for _, attribute := range a {
hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost) query := fmt.Sprintf(`
if err != nil { UPDATE %s
return fmt.Errorf("error creating password hash: %v", err) SET %s = ?
} WHERE id = ?
`, attribute.Table, attribute.AttName)
if _, err := tx.Exec(query, attribute.Value, attribute.ID); err != nil {
if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
}
return fmt.Errorf("error updating %v in DB: %v", attribute.AttName, err)
}
}
query := ` if err = tx.Commit(); err != nil {
INSERT INTO users return fmt.Errorf("error committing transaction: %v", err)
(username, password, first_name, last_name, role) }
VALUES (?, ?, ?, ?, ?) return nil
` }()
if _, err = db.Exec(query, user.UserName, string(hashedPass), user.FirstName, user.LastName, user.Role); err != nil { if err == nil {
return fmt.Errorf("error inserting user into DB: %v", err) return nil
}
return nil
}
func (db *DB) GetID(userName string) (int64, error) {
var id int64
query := `
SELECT id
FROM users
WHERE username = ?
`
row := db.QueryRow(query, userName)
if err := row.Scan(&id); err != nil {
return 0, fmt.Errorf("user not in DB: %v", err)
}
return id, nil
}
func (db *DB) CheckPassword(id int64, pass string) error {
var queriedPass string
query := `
SELECT password
FROM users
WHERE id = ?
`
row := db.QueryRow(query, id)
if err := row.Scan(&queriedPass); err != nil {
return fmt.Errorf("error reading password from DB: %v", err)
}
if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(pass)); err != nil {
return fmt.Errorf("incorrect password: %v", err)
}
return nil
}
func (db *DB) ChangePassword(id int64, oldPass, newPass string) error {
tx, err := db.Begin()
if err != nil {
return fmt.Errorf("error starting transaction: %v", err)
}
var queriedPass string
getQuery := `
SELECT password
FROM users
WHERE id = ?
`
row := tx.QueryRow(getQuery, id)
if err := row.Scan(&queriedPass); err != nil {
if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error reading password from DB: %v", err)
}
if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(oldPass)); err != nil { log.Println(err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { waitTime := time.Duration(math.Pow(2, float64(i))) * time.Second
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr) jitter := time.Duration(rand.IntN(1000)) * time.Millisecond
} time.Sleep(waitTime + jitter)
return fmt.Errorf("incorrect password: %v", err)
} }
return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
newHashedPass, err := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost)
if err != nil {
if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
}
return fmt.Errorf("error creating password hash: %v", err)
}
setQuery := `
UPDATE users
SET password = ?
WHERE id = ?
`
if _, err = tx.Exec(setQuery, string(newHashedPass), id); err != nil {
if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
}
return fmt.Errorf("error updating password in DB: %v", err)
}
if err = tx.Commit(); err != nil {
return fmt.Errorf("error committing transaction: %v", err)
}
return nil
} }
func (db *DB) CountEntries() (int64, error) { func (db *DB) CountEntries(table string) (int64, error) {
var count int64 var count int64
query := `SELECT COUNT(*) FROM users` query := fmt.Sprintf("SELECT COUNT(*) FROM %s", table)
row := db.QueryRow(query) row := db.QueryRow(query)
if err := row.Scan(&count); err != nil { if err := row.Scan(&count); err != nil {
return 0, fmt.Errorf("error counting rows in user DB: %v", err) return 0, fmt.Errorf("error counting rows in user DB: %v", err)
@ -168,175 +143,45 @@ func (db *DB) CountEntries() (int64, error) {
return count, nil return count, nil
} }
// TODO: No need for ID field in general func (db *DB) StartTransaction() (*Tx, error) {
func (db *DB) GetUser(id int64) (*User, error) { tx := &Tx{Tx: new(sql.Tx)}
user := new(User)
query := `
SELECT id, username, first_name, last_name, role
FROM users
WHERE id = ?
`
row := db.QueryRow(query, id)
if err := row.Scan(&user.ID, &user.UserName, &user.FirstName, &user.LastName, &user.Role); err != nil {
return nil, fmt.Errorf("error reading user information: %v", err)
}
return user, nil
}
func (db *DB) AddTag(tagName string) error {
query := "INSERT INTO tags (name) VALUES (?)"
if _, err := db.Exec(query, tagName); err != nil {
return fmt.Errorf("error inserting tag into DB: %v", err)
}
return nil
}
func (db *DB) GetTagList() ([]*Tag, error) {
query := "SELECT id, name FROM tags"
rows, err := db.Query(query)
if err != nil {
return nil, fmt.Errorf("error querying tags: %v", err)
}
tagList := make([]*Tag, 0)
for rows.Next() {
tag := new(Tag)
if err = rows.Scan(&tag.ID, &tag.Name); err != nil {
return nil, fmt.Errorf("error scanning tag row: %v", err)
}
tagList = append(tagList, tag)
}
return tagList, nil
}
func (db *DB) AddArticle(a *Article) (int64, error) {
query := `
INSERT INTO articles
(title, description, content, published, author_id)
VALUES
(?, ?, ?, ?, ?)
`
result, err := db.Exec(query, a.Title, a.Desc, a.Content, a.Published, a.AuthorID)
if err != nil {
return 0, fmt.Errorf("error inserting article into DB: %v", err)
}
id, err := result.LastInsertId()
if err != nil {
return 0, fmt.Errorf("error retrieving last ID: %v", err)
}
return id, nil
}
func (db *DB) GetArticle(id int64) (*Article, error) {
query := `
SELECT title, created, description, content, published, author_id
FROM articles
WHERE id = ?
`
row := db.QueryRow(query, id)
article := new(Article)
var created []byte
var err error var err error
if err := row.Scan(&article.Title, &created, &article.Desc, tx.Tx, err = db.Begin()
&article.Content, &article.Published, &article.AuthorID); err != nil {
return nil, fmt.Errorf("error scanning article row: %v", err)
}
article.ID = id
article.Created, err = time.Parse("2006-01-02 15:04:05", string(created))
if err != nil { if err != nil {
return nil, fmt.Errorf("error parsing created: %v", err) return nil, fmt.Errorf("error starting transaction: %v", err)
} }
return article, nil return tx, nil
} }
func (db *DB) GetCertainArticles(published bool) ([]*Article, error) { func (tx *Tx) CommitTransaction() error {
query := ` if err := tx.Commit(); err != nil {
SELECT id, title, created, description, content, author_id
FROM articles
WHERE published = ?
`
rows, err := db.Query(query, published)
if err != nil {
return nil, fmt.Errorf("error querying articles: %v", err)
}
articleList := make([]*Article, 0)
for rows.Next() {
article := new(Article)
var created []byte
if err = rows.Scan(&article.ID, &article.Title, &created, &article.Desc,
&article.Content, &article.AuthorID); err != nil {
return nil, fmt.Errorf("error scanning article row: %v", err)
}
article.Published = false
article.Created, err = time.Parse("2006-01-02 15:04:05", string(created))
if err != nil {
return nil, fmt.Errorf("error parsing created: %v", err)
}
articleList = append(articleList, article)
}
return articleList, nil
}
func (db *DB) WriteArticleTags(articleID int64, tagIDs []int64) error {
tx, err := db.Begin()
if err != nil {
return fmt.Errorf("error starting transaction: %v", err)
}
for _, tagID := range tagIDs {
query := `
INSERT INTO articles_tags (article_id, tag_id)
VALUES (?, ?)
`
if _, err := tx.Exec(query, articleID, tagID); err != nil {
if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
}
return fmt.Errorf("error inserting into articles_tags: %v", err)
}
}
if err = tx.Commit(); err != nil {
return fmt.Errorf("error committing transaction: %v", err) return fmt.Errorf("error committing transaction: %v", err)
} }
return nil return nil
} }
func (db *DB) GetArticleTags(articleID int64) ([]*Tag, error) { func (tx *Tx) RollbackTransaction() {
query := ` if err := tx.Rollback(); err != nil {
SELECT t.id, t.name log.Fatalf("error rolling back transaction: %v", err)
FROM articles a
INNER JOIN articles_tags at ON a.id = at.article_id
INNER JOIN tags t ON at.tag_id = t.id
WHERE a.id = ?
`
rows, err := db.Query(query, articleID)
if err != nil {
return nil, fmt.Errorf("error querying articles_tags: %v", err)
} }
}
tags := make([]*Tag, 0)
for rows.Next() { func (tx *Tx) UpdateAttributes(a ...*Attribute) error {
tag := new(Tag) for _, attribute := range a {
if err = rows.Scan(&tag.ID, &tag.Name); err != nil { query := fmt.Sprintf(`
return nil, fmt.Errorf("error scanning rows: %v", err) UPDATE %s
} SET %s = ?
tags = append(tags, tag) WHERE id = ?
} `, attribute.Table, attribute.AttName)
if _, err := tx.Exec(query, attribute.Value, attribute.ID); err != nil {
return tags, nil if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
}
return fmt.Errorf("error updating %v in DB: %v", attribute.AttName, err)
}
}
return nil
} }

52
cmd/model/helpers.go
View File

@ -1,52 +0,0 @@
package model
import (
"bufio"
"fmt"
"os"
"strings"
"syscall"
"golang.org/x/term"
)
func getUsername() (string, error) {
user := os.Getenv("DB_USER")
if user == "" {
var err error
fmt.Printf("DB Benutzer: ")
user, err = bufio.NewReader(os.Stdin).ReadString('\n')
if err != nil {
return "", fmt.Errorf("error reading username: %v", err)
}
}
return strings.TrimSpace(user), nil
}
func getPassword() (string, error) {
pass := os.Getenv("DB_PASS")
if pass == "" {
fmt.Printf("DB Passwort: ")
bytePass, err := term.ReadPassword(int(syscall.Stdin))
if err != nil {
return "", fmt.Errorf("error reading password: %v", err)
}
fmt.Println()
pass = strings.TrimSpace(string(bytePass))
}
return pass, nil
}
func getCredentials() (string, string, error) {
user, err := getUsername()
if err != nil {
return "", "", fmt.Errorf("error getting username: %v", err)
}
pass, err := getPassword()
if err != nil {
return "", "", fmt.Errorf("error getting password: %v", err)
}
return user, pass, nil
}

35
cmd/model/structs.go
View File

@ -1,35 +0,0 @@
package model
import (
"time"
)
const (
Admin = iota
Editor
Writer
)
type User struct {
UserName string
FirstName string
LastName string
RejectedArticles []*Article
ID int64
Role int
}
type Tag struct {
Name string
ID int64
}
type Article struct {
Title string
Created time.Time
Desc string
Content string
Published bool
ID int64
AuthorID int64
}

35
cmd/model/tags.go Normal file
View File

@ -0,0 +1,35 @@
package model
import "fmt"
type Tag struct {
Name string
ID int64
}
func (db *DB) AddTag(tagName string) error {
query := "INSERT INTO tags (name) VALUES (?)"
if _, err := db.Exec(query, tagName); err != nil {
return fmt.Errorf("error inserting tag into DB: %v", err)
}
return nil
}
func (db *DB) GetTagList() ([]*Tag, error) {
query := "SELECT id, name FROM tags"
rows, err := db.Query(query)
if err != nil {
return nil, fmt.Errorf("error querying tags: %v", err)
}
tagList := make([]*Tag, 0)
for rows.Next() {
tag := new(Tag)
if err = rows.Scan(&tag.ID, &tag.Name); err != nil {
return nil, fmt.Errorf("error scanning tag row: %v", err)
}
tagList = append(tagList, tag)
}
return tagList, nil
}

198
cmd/model/users.go Normal file
View File

@ -0,0 +1,198 @@
package model
import (
"fmt"
"log"
"math"
"math/rand/v2"
"time"
"golang.org/x/crypto/bcrypt"
)
const (
Admin = iota
Editor
Writer
)
type User struct {
UserName string
FirstName string
LastName string
ID int64
Role int
}
func (db *DB) AddUser(user *User, pass string) error {
hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost)
if err != nil {
return fmt.Errorf("error creating password hash: %v", err)
}
query := `
INSERT INTO users (username, password, first_name, last_name, role)
VALUES (?, ?, ?, ?, ?)
`
if _, err = db.Exec(query, user.UserName, string(hashedPass), user.FirstName, user.LastName, user.Role); err != nil {
return fmt.Errorf("error inserting user into DB: %v", err)
}
return nil
}
func (db *DB) GetID(userName string) (int64, bool) {
var id int64
query := `
SELECT id
FROM users
WHERE username = ?
`
row := db.QueryRow(query, userName)
if err := row.Scan(&id); err != nil {
return 0, false
}
return id, true
}
func (db *DB) CheckPassword(id int64, pass string) error {
var queriedPass string
query := `
SELECT password
FROM users
WHERE id = ?
`
row := db.QueryRow(query, id)
if err := row.Scan(&queriedPass); err != nil {
return fmt.Errorf("error reading password from DB: %v", err)
}
if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(pass)); err != nil {
return fmt.Errorf("incorrect password: %v", err)
}
return nil
}
func (tx *Tx) ChangePassword(id int64, oldPass, newPass string) error {
var queriedPass string
getQuery := `
SELECT password
FROM users
WHERE id = ?
`
row := tx.QueryRow(getQuery, id)
if err := row.Scan(&queriedPass); err != nil {
if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
}
return fmt.Errorf("error reading password from DB: %v", err)
}
if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(oldPass)); err != nil {
if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
}
return fmt.Errorf("incorrect password: %v", err)
}
newHashedPass, err := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost)
if err != nil {
if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
}
return fmt.Errorf("error creating password hash: %v", err)
}
setQuery := `
UPDATE users
SET password = ?
WHERE id = ?
`
if _, err = tx.Exec(setQuery, string(newHashedPass), id); err != nil {
if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
}
return fmt.Errorf("error updating password in DB: %v", err)
}
return nil
}
// TODO: No need for ID field in general
func (db *DB) GetUser(id int64) (*User, error) {
user := new(User)
query := `
SELECT id, username, first_name, last_name, role
FROM users
WHERE id = ?
`
row := db.QueryRow(query, id)
if err := row.Scan(&user.ID, &user.UserName, &user.FirstName, &user.LastName, &user.Role); err != nil {
return nil, fmt.Errorf("error reading user information: %v", err)
}
return user, nil
}
func (db *DB) UpdateUserAttributes(id int64, user, first, last, oldPass, newPass, newPass2 string) error {
passwordEmpty := true
if len(newPass) > 0 || len(newPass2) > 0 {
if newPass != newPass2 {
return fmt.Errorf("error: passwords do not match")
}
passwordEmpty = false
}
tx := new(Tx)
var err error
for i := 0; i < TxMaxRetries; i++ {
err := func() error {
tx.Tx, err = db.Begin()
if err != nil {
return fmt.Errorf("error starting transaction: %v", err)
}
if !passwordEmpty {
if err = tx.ChangePassword(id, oldPass, newPass); err != nil {
if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
}
return fmt.Errorf("error changing password: %v", err)
}
}
if err = tx.UpdateAttributes(
&Attribute{Table: "users", ID: id, AttName: "username", Value: user},
&Attribute{Table: "users", ID: id, AttName: "first_name", Value: first},
&Attribute{Table: "users", ID: id, AttName: "last_name", Value: last},
); err != nil {
if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("error: transaction error: %v, rollback error: %v", err, rollbackErr)
}
return fmt.Errorf("error updating attributes in DB: %v", err)
}
if err = tx.Commit(); err != nil {
return fmt.Errorf("error committing transaction: %v", err)
}
return nil
}()
if err == nil {
return nil
}
log.Println(err)
waitTime := time.Duration(math.Pow(2, float64(i))) * time.Second
jitter := time.Duration(rand.IntN(1000)) * time.Millisecond
time.Sleep(waitTime + jitter)
}
return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
}

238
cmd/view/articles.go
View File

@ -5,12 +5,13 @@ import (
"log" "log"
"net/http" "net/http"
"strconv" "strconv"
"time"
"streifling.com/jason/cpolis/cmd/control" "streifling.com/jason/cpolis/cmd/control"
"streifling.com/jason/cpolis/cmd/model" "streifling.com/jason/cpolis/cmd/model"
) )
func ShowHub(s *control.CookieStore) http.HandlerFunc { func ShowHub(db *model.DB, s *control.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
session, err := s.Get(r, "cookie") session, err := s.Get(r, "cookie")
if err != nil { if err != nil {
@ -20,7 +21,7 @@ func ShowHub(s *control.CookieStore) http.HandlerFunc {
} }
tmpl, err := template.ParseFiles("web/templates/hub.html") tmpl, err := template.ParseFiles("web/templates/hub.html")
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", session.Values["role"]) template.Must(tmpl, err).ExecuteTemplate(w, "page-content", session.Values["role"].(int))
} }
} }
@ -38,32 +39,8 @@ func WriteArticle(db *model.DB) http.HandlerFunc {
} }
} }
func FinishArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc { func SubmitArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
article := new(model.Article)
var err error
article.Title, err = control.ConvertToPlain(r.PostFormValue("editor-title"))
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
article.Desc, err = control.ConvertToPlain(r.PostFormValue("editor-desc"))
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
article.Content, err = control.ConvertToHTML(r.PostFormValue("editor-text"))
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
session, err := s.Get(r, "cookie") session, err := s.Get(r, "cookie")
if err != nil { if err != nil {
tmpl, err := template.ParseFiles("web/templates/login.html") tmpl, err := template.ParseFiles("web/templates/login.html")
@ -71,7 +48,15 @@ func FinishArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg) template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
} }
article.AuthorID = session.Values["id"].(int64) article := &model.Article{
Title: r.PostFormValue("article-title"),
Description: r.PostFormValue("article-description"),
Content: r.PostFormValue("article-content"),
Published: false,
Rejected: false,
AuthorID: session.Values["id"].(int64),
}
article.ID, err = db.AddArticle(article) article.ID, err = db.AddArticle(article)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
@ -102,21 +87,101 @@ func FinishArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
} }
} }
func ShowUnpublishedArticles(db *model.DB) http.HandlerFunc { func ResubmitArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
articles, err := db.GetCertainArticles(false) id, err := strconv.ParseInt(r.PostFormValue("article-id"), 10, 64)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)
return return
} }
tmpl, err := template.ParseFiles("web/templates/unpublished-articles.html")
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", articles) title := r.PostFormValue("article-title")
description := r.PostFormValue("article-description")
content := r.PostFormValue("article-content")
if err := db.UpdateAttributes(
&model.Attribute{Table: "articles", ID: id, AttName: "title", Value: title},
&model.Attribute{Table: "articles", ID: id, AttName: "description", Value: description},
&model.Attribute{Table: "articles", ID: id, AttName: "content", Value: content},
&model.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: false},
); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
session, err := s.Get(r, "cookie")
if err != nil {
tmpl, err := template.ParseFiles("web/templates/login.html")
msg := "Session nicht mehr gültig. Bitte erneut anmelden."
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
}
tmpl, err := template.ParseFiles("web/templates/hub.html")
tmpl = template.Must(tmpl, err)
tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
} }
} }
func ReviewArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc { func ShowUnpublishedArticles(db *model.DB) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
unpublishedArticles, err := db.GetCertainArticles(false, false)
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
tmpl, err := template.ParseFiles("web/templates/unpublished-articles.html")
tmpl = template.Must(tmpl, err)
tmpl.ExecuteTemplate(w, "page-content", unpublishedArticles)
}
}
func ShowRejectedArticles(db *model.DB, s *control.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
type htmlData struct {
MyIDs map[int64]bool
RejectedArticles []*model.Article
}
data := new(htmlData)
session, err := s.Get(r, "cookie")
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
data.RejectedArticles, err = db.GetCertainArticles(false, true)
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
data.MyIDs = make(map[int64]bool)
for _, article := range data.RejectedArticles {
if article.AuthorID == session.Values["id"].(int64) {
data.MyIDs[article.ID] = true
}
}
tmpl, err := template.ParseFiles("web/templates/rejected-articles.html")
tmpl = template.Must(tmpl, err)
tmpl.ExecuteTemplate(w, "page-content", data)
}
}
func ReviewUnpublishedArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
type htmlData struct {
Article *model.Article
Tags []*model.Tag
}
data := new(htmlData)
id, err := strconv.ParseInt(r.PostFormValue("id"), 10, 64) id, err := strconv.ParseInt(r.PostFormValue("id"), 10, 64)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
@ -124,23 +189,70 @@ func ReviewArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
return return
} }
article, err := db.GetArticle(id) data.Article, err = db.GetArticle(id)
if err != nil { if err != nil {
tmpl, err := template.ParseFiles("web/templates/to-be-published.html") log.Println(err)
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", article) http.Error(w, err.Error(), http.StatusInternalServerError)
return return
} }
// session, err := s.Get(r, "cookie") data.Tags, err = db.GetArticleTags(id)
// if err != nil { if err != nil {
// tmpl, err := template.ParseFiles("web/templates/login.html") log.Println(err)
// msg := "Session nicht mehr gültig. Bitte erneut anmelden." http.Error(w, err.Error(), http.StatusInternalServerError)
// template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg) return
// } }
tmpl, err := template.ParseFiles("web/templates/to-be-published.html") tmpl, err := template.ParseFiles("web/templates/to-be-published.html")
tmpl = template.Must(tmpl, err) tmpl = template.Must(tmpl, err)
tmpl.ExecuteTemplate(w, "page-content", article) tmpl.ExecuteTemplate(w, "page-content", data)
}
}
func ReviewRejectedArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
type htmlData struct {
Selected map[int64]bool
Article *model.Article
Tags []*model.Tag
}
data := new(htmlData)
id, err := strconv.ParseInt(r.PostFormValue("id"), 10, 64)
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
data.Article, err = db.GetArticle(id)
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
data.Tags, err = db.GetTagList()
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
selectedTags, err := db.GetArticleTags(id)
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
data.Selected = make(map[int64]bool)
for _, tag := range selectedTags {
data.Selected[tag.ID] = true
}
tmpl, err := template.ParseFiles("web/templates/rework-article.html")
tmpl = template.Must(tmpl, err)
tmpl.ExecuteTemplate(w, "page-content", data)
} }
} }
@ -160,7 +272,45 @@ func PublishArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg) template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
} }
db.UpdateAttribute("articles", id, "published", true) if err = db.UpdateAttributes(
&model.Attribute{Table: "articles", ID: id, AttName: "published", Value: true},
&model.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: false},
&model.Attribute{Table: "articles", ID: id, AttName: "created", Value: time.Now().Format("2006-01-02 15:04:05")},
); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
tmpl, err := template.ParseFiles("web/templates/hub.html")
tmpl = template.Must(tmpl, err)
tmpl.ExecuteTemplate(w, "page-content", session.Values["role"])
}
}
func RejectArticle(db *model.DB, s *control.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
id, err := strconv.ParseInt(r.PostFormValue("id"), 10, 64)
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
session, err := s.Get(r, "cookie")
if err != nil {
tmpl, err := template.ParseFiles("web/templates/login.html")
msg := "Session nicht mehr gültig. Bitte erneut anmelden."
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
}
if err = db.UpdateAttributes(
&model.Attribute{Table: "articles", ID: id, AttName: "rejected", Value: true},
); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
tmpl, err := template.ParseFiles("web/templates/hub.html") tmpl, err := template.ParseFiles("web/templates/hub.html")
tmpl = template.Must(tmpl, err) tmpl = template.Must(tmpl, err)

30
cmd/view/rss.go
View File

@ -7,6 +7,7 @@ import (
"time" "time"
"git.streifling.com/jason/rss" "git.streifling.com/jason/rss"
"streifling.com/jason/cpolis/cmd/control"
"streifling.com/jason/cpolis/cmd/model" "streifling.com/jason/cpolis/cmd/model"
) )
@ -19,7 +20,7 @@ func ShowRSS(db *model.DB, title, link, desc string) http.HandlerFunc {
Items: make([]*rss.Item, 0), Items: make([]*rss.Item, 0),
} }
articles, err := db.GetCertainArticles(true) articles, err := db.GetCertainArticles(true, false)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)
@ -45,12 +46,33 @@ func ShowRSS(db *model.DB, title, link, desc string) http.HandlerFunc {
return return
} }
articleTitle, err := control.ConvertToPlain(article.Title)
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
articleDescription, err := control.ConvertToPlain(article.Description)
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
articleContent, err := control.ConvertToHTML(article.Content)
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
channel.Items = append(channel.Items, &rss.Item{ channel.Items = append(channel.Items, &rss.Item{
Title: article.Title, Title: articleTitle,
Author: user.FirstName + user.LastName, Author: user.FirstName + user.LastName,
PubDate: article.Created.Format(time.RFC1123Z), PubDate: article.Created.Format(time.RFC1123Z),
Description: article.Desc, Description: articleDescription,
Content: &rss.Content{Value: article.Content}, Content: &rss.Content{Value: articleContent},
Categories: tagNames, Categories: tagNames,
}) })
} }

31
cmd/view/sessions.go
View File

@ -29,7 +29,7 @@ func saveSession(w http.ResponseWriter, r *http.Request, s *control.CookieStore,
func HomePage(db *model.DB, s *control.CookieStore) http.HandlerFunc { func HomePage(db *model.DB, s *control.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
numRows, err := db.CountEntries() numRows, err := db.CountEntries("users")
if err != nil { if err != nil {
log.Fatalln(err) log.Fatalln(err)
} }
@ -59,10 +59,9 @@ func Login(db *model.DB, s *control.CookieStore) http.HandlerFunc {
userName := r.PostFormValue("username") userName := r.PostFormValue("username")
password := r.PostFormValue("password") password := r.PostFormValue("password")
id, err := db.GetID(userName) id, ok := db.GetID(userName)
if err != nil { if !ok {
log.Println(err) http.Error(w, fmt.Sprintf("no such user: %v", userName), http.StatusInternalServerError)
http.Error(w, err.Error(), http.StatusInternalServerError)
return return
} }
@ -89,3 +88,25 @@ func Login(db *model.DB, s *control.CookieStore) http.HandlerFunc {
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user.Role) template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user.Role)
} }
} }
func Logout(s *control.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := s.Get(r, "cookie")
if err != nil {
tmpl, err := template.ParseFiles("web/templates/login.html")
msg := "Session nicht mehr gültig. Bitte erneut anmelden."
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
}
session.Options.MaxAge = -1
if err = session.Save(r, w); err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
tmpl, err := template.ParseFiles("web/templates/login.html")
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", nil)
}
}

108
cmd/view/admin.go → cmd/view/users.go
View File

@ -11,19 +11,11 @@ import (
"streifling.com/jason/cpolis/cmd/model" "streifling.com/jason/cpolis/cmd/model"
) )
type AddUserData struct { type UserData struct {
*model.User *model.User
Msg string Msg string
} }
func inputsEmpty(user *model.User, pass, pass2 string) bool {
return len(user.UserName) == 0 ||
len(user.FirstName) == 0 ||
len(user.LastName) == 0 ||
len(pass) == 0 ||
len(pass2) == 0
}
func checkUserStrings(user *model.User) (string, int, bool) { func checkUserStrings(user *model.User) (string, int, bool) {
userLen := 15 userLen := 15
nameLen := 50 nameLen := 50
@ -53,7 +45,7 @@ func AddUser(db *model.DB, s *control.CookieStore) http.HandlerFunc {
return return
} }
htmlData := AddUserData{ htmlData := UserData{
User: &model.User{ User: &model.User{
UserName: r.PostFormValue("username"), UserName: r.PostFormValue("username"),
FirstName: r.PostFormValue("first-name"), FirstName: r.PostFormValue("first-name"),
@ -64,7 +56,8 @@ func AddUser(db *model.DB, s *control.CookieStore) http.HandlerFunc {
pass := r.PostFormValue("password") pass := r.PostFormValue("password")
pass2 := r.PostFormValue("password2") pass2 := r.PostFormValue("password2")
if inputsEmpty(htmlData.User, pass, pass2) { if len(htmlData.UserName) == 0 || len(htmlData.FirstName) == 0 ||
len(htmlData.LastName) == 0 || len(pass) == 0 || len(pass2) == 0 {
htmlData.Msg = "Alle Felder müssen ausgefüllt werden." htmlData.Msg = "Alle Felder müssen ausgefüllt werden."
tmpl, err := template.ParseFiles("web/templates/add-user.html") tmpl, err := template.ParseFiles("web/templates/add-user.html")
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData) template.Must(tmpl, err).ExecuteTemplate(w, "page-content", htmlData)
@ -93,7 +86,7 @@ func AddUser(db *model.DB, s *control.CookieStore) http.HandlerFunc {
return return
} }
num, err := db.CountEntries() num, err := db.CountEntries("users")
if err != nil { if err != nil {
log.Println(err) log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)
@ -126,3 +119,94 @@ func AddUser(db *model.DB, s *control.CookieStore) http.HandlerFunc {
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", 0) template.Must(tmpl, err).ExecuteTemplate(w, "page-content", 0)
} }
} }
func EditUser(db *model.DB, s *control.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := s.Get(r, "cookie")
if err != nil {
tmpl, err := template.ParseFiles("web/templates/login.html")
msg := "Session nicht mehr gültig. Bitte erneut anmelden."
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
}
user, err := db.GetUser(session.Values["id"].(int64))
if err != nil {
log.Println(err)
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
tmpl, err := template.ParseFiles("web/templates/edit-user.html")
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", user)
}
}
func UpdateUser(db *model.DB, s *control.CookieStore) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
session, err := s.Get(r, "cookie")
if err != nil {
tmpl, err := template.ParseFiles("web/templates/login.html")
msg := "Session nicht mehr gültig. Bitte erneut anmelden."
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", msg)
}
userData := UserData{
User: &model.User{
ID: session.Values["id"].(int64),
UserName: r.PostFormValue("username"),
FirstName: r.PostFormValue("first-name"),
LastName: r.PostFormValue("last-name"),
},
}
oldPass := r.PostFormValue("old-password")
newPass := r.PostFormValue("password")
newPass2 := r.PostFormValue("password2")
if len(userData.UserName) == 0 || len(userData.FirstName) == 0 ||
len(userData.LastName) == 0 {
userData.Msg = "Alle Felder mit * müssen ausgefüllt sein."
tmpl, err := template.ParseFiles("web/templates/edit-user.html")
tmpl = template.Must(tmpl, err)
tmpl.ExecuteTemplate(w, "page-content", userData.Msg)
return
}
userString, stringLen, ok := checkUserStrings(userData.User)
if !ok {
userData.Msg = fmt.Sprint(userString, " ist zu lang. Maximal ",
stringLen, " Zeichen erlaubt.")
tmpl, err := template.ParseFiles("web/templates/edit-user.html")
tmpl = template.Must(tmpl, err)
tmpl.ExecuteTemplate(w, "page-content", userData)
return
}
if id, ok := db.GetID(userData.UserName); ok {
if id != userData.ID {
userData.Msg = "Benutzername bereits vergeben."
userData.UserName = ""
tmpl, err := template.ParseFiles("web/templates/edit-user.html")
tmpl = template.Must(tmpl, err)
tmpl.ExecuteTemplate(w, "page-content", userData)
return
}
}
if err = db.UpdateUserAttributes(
userData.ID,
userData.UserName,
userData.FirstName,
userData.LastName,
oldPass,
newPass,
newPass2); err != nil {
userData.Msg = "Aktualisierung der Benutzerdaten fehlgeschlagen."
tmpl, err := template.ParseFiles("web/templates/edit-user.html")
template.Must(tmpl, err).ExecuteTemplate(w, "page-content", userData)
}
tmpl, err := template.ParseFiles("web/templates/hub.html")
tmpl = template.Must(tmpl, err)
tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
}
}

13
web/templates/edit-user.html Normal file
View File

@ -0,0 +1,13 @@
{{define "page-content"}}
<form>
<input name="username" type="text" value="{{.UserName}}" />
<input name="first-name" type="text" value="{{.FirstName}}" />
<input name="last-name" type="text" value="{{.LastName}}" />
<input name="old-password" placeholder="Altes Passwort" type="password" />
<input name="password" placeholder="Neues Passwort" type="password" />
<input name="password2" placeholder="Wiederholen" type="password" />
<input type="submit" value="Aktualisieren" hx-post="/update-user/" hx-target="#page-content" />
</form>
{{end}}

12
web/templates/editor.html
View File

@ -1,17 +1,13 @@
{{define "page-content"}} {{define "page-content"}}
<h2>Editor</h2> <h2>Editor</h2>
<form> <form>
<input name="editor-title" placeholder="Titel" type="text" /> <input name="article-title" placeholder="Titel" type="text" />
<textarea name="editor-desc" placeholder="Beschreibung"></textarea> <textarea name="article-description" placeholder="Beschreibung"></textarea>
<textarea name="editor-text" placeholder="Artikel"></textarea> <textarea name="article-content" placeholder="Artikel"></textarea>
{{range .}} {{range .}}
<input id="{{.Name}}" name="tags" type="checkbox" value="{{.ID}}" /> <input id="{{.Name}}" name="tags" type="checkbox" value="{{.ID}}" />
<label for="{{.Name}}">{{.Name}}</label> <label for="{{.Name}}">{{.Name}}</label>
{{end}} {{end}}
<input type="submit" value="Senden" hx-post="/finish-article/" hx-target="#page-content" /> <input type="submit" value="Senden" hx-post="/submit-article/" hx-target="#page-content" />
</form> </form>
{{end}} {{end}}
{{define "html-result"}}
{{.}}
{{end}}

2
web/templates/hub.html
View File

@ -1,7 +1,9 @@
{{define "page-content"}} {{define "page-content"}}
<h2>Hub</h2> <h2>Hub</h2>
<button hx-get="/write-article/" hx-target="#page-content">Artikel schreiben</button> <button hx-get="/write-article/" hx-target="#page-content">Artikel schreiben</button>
<button hx-get="/rejected-articles/" hx-target="#page-content">Abgelehnte Artikel</button>
<button hx-get="/rss/" hx-target="#page-content">RSS Feed</button> <button hx-get="/rss/" hx-target="#page-content">RSS Feed</button>
<button hx-get="/edit-user/" hx-target="#page-content">Benutzer bearbeiten</button>
{{if lt . 2}} {{if lt . 2}}
<button hx-get="/unpublished-articles/" hx-target="#page-content">Unveröffentlichte Artikel</button> <button hx-get="/unpublished-articles/" hx-target="#page-content">Unveröffentlichte Artikel</button>
<button hx-get="/create-tag/" hx-target="#page-content">Neuer Tag</button> <button hx-get="/create-tag/" hx-target="#page-content">Neuer Tag</button>

19
web/templates/index.html
View File

@ -9,13 +9,22 @@
</head> </head>
<body> <body>
<h1>Orient Editor</h1> <header>
<h1>Orient Editor</h1>
<button hx-get="logout" hx-target="#page-content">Abmelden</button>
</header>
<div id="page-content"> <main>
{{template "page-content" .}} <div id="page-content">
</div> {{template "page-content" .}}
</div>
<script src="web/static/js/htmx.min.js"></script> <script src="web/static/js/htmx.min.js"></script>
</main>
<footer>
<p>&copy; 2024 Jason Streifling. Alle Rechte vorbehalten.</p>
</footer>
</body> </body>
</html> </html>

12
web/templates/rejected-articles.html Normal file
View File

@ -0,0 +1,12 @@
{{define "page-content"}}
<form>
{{range .RejectedArticles}}
{{if index $.MyIDs .ID}}
<input required id="{{.ID}}" name="id" type="radio" value="{{.ID}}" />
<label for="{{.ID}}">{{.Title}}</label>
{{end}}
{{end}}
<input type="submit" value="Auswählen" hx-post="/review-rejected-article/" hx-target="#page-content" />
</form>
<button hx-get="/hub/" hx-target="#page-content">Zurück</button>
{{end}}

16
web/templates/rework-article.html Normal file
View File

@ -0,0 +1,16 @@
{{define "page-content"}}
<h2>Editor</h2>
<form>
<input name="article-title" placeholder="Titel" type="text" value="{{.Article.Title}}" />
<textarea name="article-description" placeholder="Beschreibung">{{.Article.Description}}</textarea>
<textarea name="article-content" placeholder="Artikel">{{.Article.Content}}</textarea>
<input name="article-id" type="hidden" value="{{.Article.ID}}" />
{{range .Tags}}
<input id="tag-{{.Name}}" name="tags" type="checkbox" value="{{.ID}}" {{if index $.Selected .ID}}checked{{end}} />
<label for="tag-{{.Name}}">{{.Name}}</label>
{{end}}
<input type="submit" value="Senden" hx-post="/resubmit-article/" hx-target="#page-content" />
</form>
{{end}}

16
web/templates/to-be-published.html
View File

@ -1,11 +1,19 @@
{{define "page-content"}} {{define "page-content"}}
<form> <form>
<h2>{{.Title}}</h2> <h2>{{.Article.Title}}</h2>
<p>{{.Desc}}</p> <p>{{.Article.Description}}</p>
<span>{{.Content}}</span> {{.Article.Content}}
<input name="id" type="hidden" value="{{.ID}}" />
<p>
{{range .Tags}}
{{.Name}}
{{end}}
</p>
<input name="id" type="hidden" value="{{.Article.ID}}" />
<input type="submit" value="Veröffentlichen" hx-post="/publish-article/" hx-target="#page-content" /> <input type="submit" value="Veröffentlichen" hx-post="/publish-article/" hx-target="#page-content" />
<input type="submit" value="Ablehnen" hx-post="/reject-article/" hx-target="#page-content" /> <input type="submit" value="Ablehnen" hx-post="/reject-article/" hx-target="#page-content" />
</form> </form>
<button hx-get="/hub/" hx-target="#page-content">Zurück</button> <button hx-get="/hub/" hx-target="#page-content">Zurück</button>
{{end}} {{end}}

2
web/templates/unpublished-articles.html
View File

@ -4,7 +4,7 @@
<input required id="{{.ID}}" name="id" type="radio" value="{{.ID}}" /> <input required id="{{.ID}}" name="id" type="radio" value="{{.ID}}" />
<label for="{{.ID}}">{{.Title}}</label> <label for="{{.ID}}">{{.Title}}</label>
{{end}} {{end}}
<input type="submit" value="Auswählen" hx-post="/review-article/" hx-target="#page-content" /> <input type="submit" value="Auswählen" hx-post="/review-unpublished-article/" hx-target="#page-content" />
</form> </form>
<button hx-get="/hub/" hx-target="#page-content">Zurück</button> <button hx-get="/hub/" hx-target="#page-content">Zurück</button>
{{end}} {{end}}