Merge branch 'devel'

cmd/backend/articles.go

@@ -256,3 +256,21 @@ func (db *DB) AddArticleToCurrentIssue(id int64) error {
 
 	return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
 }
+
+func (db *DB) DeleteArticle(id int64) error {
+	articlesTagsQuery := "DELETE FROM articles_tags WHERE article_id = ?"
+
+	_, err := db.Exec(articlesTagsQuery, id)
+	if err != nil {
+		return fmt.Errorf("error deleting article %v from DB: %v", id, err)
+	}
+
+	articlesQuery := "DELETE FROM articles WHERE id = ?"
+
+	_, err = db.Exec(articlesQuery, id)
+	if err != nil {
+		return fmt.Errorf("error deleting article %v from DB: %v", id, err)
+	}
+
+	return nil
+}

cmd/backend/config.go

@@ -14,6 +14,7 @@ type Config struct {
 	DBName      string
 	Description string
 	Domain      string
+	FirebaseKey string
 	KeyFile     string
 	Link        string
 	LogFile     string
@@ -28,6 +29,7 @@ type Config struct {
 func newConfig() *Config {
 	return &Config{
 		DBName:      "cpolis",
+		FirebaseKey: "/var/www/cpolis/serviceAccountKey.json",
 		KeyFile:     "/var/www/cpolis/cpolis.key",
 		LogFile:     "/var/log/cpolis.log",
 		PDFDir:      "/var/www/cpolis/pdfs",
@@ -76,19 +78,25 @@ func (c *Config) handleCliArgs() error {
 	port := 8080
 
 	flag.StringVar(&c.DBName, "db", c.DBName, "DB name")
-	flag.StringVar(&c.Description, "desc", c.Description, "Channel description")
+	flag.StringVar(&c.Description, "desc", c.Description, "channel description")
 	flag.StringVar(&c.Domain, "domain", c.Domain, "domain name")
+	flag.StringVar(&c.FirebaseKey, "firebase", c.FirebaseKey, "Firebase service account key file")
 	flag.StringVar(&c.KeyFile, "key", c.KeyFile, "key file")
-	flag.StringVar(&c.Link, "link", c.Link, "Channel Link")
+	flag.StringVar(&c.Link, "link", c.Link, "channel Link")
 	flag.StringVar(&c.LogFile, "log", c.LogFile, "log file")
 	flag.StringVar(&c.PDFDir, "pdfs", c.PDFDir, "pdf directory")
 	flag.StringVar(&c.PicsDir, "pics", c.PicsDir, "pictures directory")
 	flag.StringVar(&c.RSSFile, "rss", c.RSSFile, "RSS file")
-	flag.StringVar(&c.Title, "title", c.Title, "Channel title")
+	flag.StringVar(&c.Title, "title", c.Title, "channel title")
 	flag.StringVar(&c.WebDir, "web", c.WebDir, "web directory")
 	flag.IntVar(&port, "port", port, "port")
 	flag.Parse()
 
+	c.FirebaseKey, err = filepath.Abs(c.FirebaseKey)
+	if err != nil {
+		return fmt.Errorf("error finding absolute path for Firebase service account key file: %v", err)
+	}
+
 	c.KeyFile, err = filepath.Abs(c.KeyFile)
 	if err != nil {
 		return fmt.Errorf("error finding absolute path for key file: %v", err)

cmd/backend/firebase.go

@@ -12,12 +12,12 @@ type Client struct {
 	*auth.Client
 }
 
-func NewClient() (*Client, error) {
+func NewClient(c *Config) (*Client, error) {
 	var err error
-	client := new(Client)
 
+	client := new(Client)
 	ctx := context.Background()
-	opt := option.WithCredentialsFile("path/to/serviceAccountKey.json")
+	opt := option.WithCredentialsFile(c.FirebaseKey)
 
 	app, err := firebase.NewApp(ctx, nil, opt)
 	if err != nil {

cmd/calls/pdf.go

@@ -12,7 +12,7 @@ import (
 
 func ServePDFList(c *b.Config) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		if tokenIsVerified(w, r) {
+		if tokenIsVerified(w, r, c) {
 			files, err := os.ReadDir(c.PDFDir)
 			if err != nil {
 				log.Println(err)
@@ -37,7 +37,7 @@ func ServePDFList(c *b.Config) http.HandlerFunc {
 
 func ServePDF(c *b.Config) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		if tokenIsVerified(w, r) {
+		if tokenIsVerified(w, r, c) {
 			http.ServeFile(w, r, fmt.Sprint(c.PDFDir, "/", r.PathValue("id")))
 		}
 	}

cmd/calls/rss.go

@@ -8,7 +8,7 @@ import (
 
 func ServeRSS(c *b.Config) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		if tokenIsVerified(w, r) {
+		if tokenIsVerified(w, r, c) {
 			http.ServeFile(w, r, c.RSSFile)
 		}
 	}

cmd/calls/verification.go

@@ -8,7 +8,7 @@ import (
 )
 
 // tokenIsVerified verifies that a request is authorized. It returns a bool.
-func tokenIsVerified(w http.ResponseWriter, r *http.Request) bool {
+func tokenIsVerified(w http.ResponseWriter, r *http.Request, c *b.Config) bool {
 	idToken := r.Header.Get("Authorization")
 	if idToken == "" {
 		log.Println("Authorization header missing")
@@ -16,7 +16,7 @@ func tokenIsVerified(w http.ResponseWriter, r *http.Request) bool {
 		return false
 	}
 
-	client, err := b.NewClient()
+	client, err := b.NewClient(c)
 	if err != nil {
 		log.Println(err)
 		http.Error(w, err.Error(), http.StatusInternalServerError)

cmd/frontend/articles.go

@@ -476,3 +476,126 @@ func UploadImage(c *b.Config, s *b.CookieStore) http.HandlerFunc {
 		json.NewEncoder(w).Encode(url)
 	}
 }
+
+func ShowPublishedArticles(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		if _, err := getSession(w, r, c, s); err != nil {
+			return
+		}
+
+		publishedArticles, err := db.GetCertainArticles(true, false)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles(c.WebDir + "/templates/published-articles.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", publishedArticles)
+	}
+}
+
+func ReviewArticleForDeletion(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		if _, err := getSession(w, r, c, s); err != nil {
+			return
+		}
+
+		type htmlData struct {
+			Title       string
+			Description string
+			Content     template.HTML
+			Tags        []*b.Tag
+			ID          int64
+		}
+
+		var err error
+		data := new(htmlData)
+
+		data.ID, err = strconv.ParseInt(r.PathValue("id"), 10, 64)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		article, err := db.GetArticle(data.ID)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		data.Title, err = b.ConvertToPlain(article.Title)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		data.Description, err = b.ConvertToPlain(article.Description)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		content, err := b.ConvertToHTML(article.Content)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		data.Content = template.HTML(content)
+
+		data.Tags, err = db.GetArticleTags(data.ID)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles(c.WebDir + "/templates/to-be-deleted.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", data)
+	}
+}
+
+func DeleteArticle(c *b.Config, db *b.DB, s *b.CookieStore) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		session, err := getSession(w, r, c, s)
+		if err != nil {
+			return
+		}
+
+		id, err := strconv.ParseInt(r.PathValue("id"), 10, 64)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		if err = db.DeleteArticle(id); err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		feed, err := b.GenerateRSS(db, c.Title, c.Link, c.Description)
+		if err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		if err = b.SaveRSS(c.RSSFile, feed); err != nil {
+			log.Println(err)
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		tmpl, err := template.ParseFiles(c.WebDir + "/templates/hub.html")
+		tmpl = template.Must(tmpl, err)
+		tmpl.ExecuteTemplate(w, "page-content", session.Values["role"].(int))
+	}
+}

cmd/main.go

@@ -51,9 +51,10 @@ func main() {
 
 	mux.HandleFunc("GET /create-tag", f.CreateTag(config, store))
 	mux.HandleFunc("GET /create-user", f.CreateUser(config, store))
+	mux.HandleFunc("GET /delete-article/{id}", f.DeleteArticle(config, db, store))
+	mux.HandleFunc("GET /delete-user/{id}", f.DeleteUser(config, db, store))
 	mux.HandleFunc("GET /edit-self", f.EditSelf(config, db, store))
 	mux.HandleFunc("GET /edit-user/{id}", f.EditUser(config, db, store))
-	mux.HandleFunc("GET /delete-user/{id}", f.DeleteUser(config, db, store))
 	mux.HandleFunc("GET /hub", f.ShowHub(config, db, store))
 	mux.HandleFunc("GET /logout", f.Logout(config, store))
 	mux.HandleFunc("GET /pdf/get-list", c.ServePDFList(config))
@@ -61,8 +62,10 @@ func main() {
 	mux.HandleFunc("GET /pics/{pic}", f.ServeImage(config, store))
 	mux.HandleFunc("GET /publish-article/{id}", f.PublishArticle(config, db, store))
 	mux.HandleFunc("GET /publish-issue", f.PublishLatestIssue(config, db, store))
+	mux.HandleFunc("GET /published-articles", f.ShowPublishedArticles(config, db, store))
 	mux.HandleFunc("GET /reject-article/{id}", f.RejectArticle(config, db, store))
 	mux.HandleFunc("GET /rejected-articles", f.ShowRejectedArticles(config, db, store))
+	mux.HandleFunc("GET /review-article-for-deletion/{id}", f.ReviewArticleForDeletion(config, db, store))
 	mux.HandleFunc("GET /review-rejected-article/{id}", f.ReviewRejectedArticle(config, db, store))
 	mux.HandleFunc("GET /review-unpublished-article/{id}", f.ReviewUnpublishedArticle(config, db, store))
 	mux.HandleFunc("GET /rss", c.ServeRSS(config))

cpolis.service

@@ -0,0 +1,9 @@
+[Unit]
+Description=cpolis
+
+[Service]
+ExecStart=/usr/local/bin/cpolis
+Restart=on-failure
+
+[Install]
+WantedBy=default.target

update.sh

@@ -0,0 +1,56 @@
+#! /bin/sh -
+
+CPOLIS_REPO_URL="https://git.streifling.com/api/v1/repos/jason/cpolis/releases"
+EXTRACTION_DIR=$HOME
+CPOLIS_DIR=$EXTRACTION_DIR/cpolis
+TAILWINDCSS_REPO_URL=https://api.github.com/repos/tailwindlabs/tailwindcss/releases/latest
+TMP_DIR=/tmp
+BIN_DIR=/usr/local/bin
+SYSTEMD_DIR=/etc/systemd/system
+
+check_dependency() {
+    if ! which $1 >/dev/null 2>&1; then
+        echo "$1 needs to be installed" >&2
+        exit 1
+    fi
+}
+
+if ! groups | grep -E 'root|wheel|sudo' >/dev/null; then
+    echo "You need administrative privileges for this script" >&2
+    exit 1
+fi
+
+check_dependency curl
+check_dependency go
+check_dependency jq
+check_dependency tar
+check_dependency xargs
+
+echo '\nDownloading cpolis...' >&2
+rm -fr $CPOLIS_DIR/*
+latest_release=$(curl -s $CPOLIS_REPO_URL | jq -r '.[0].tag_name')
+curl -Lo $TMP_DIR/cpolis.tar.gz https://git.streifling.com/jason/cpolis/archive/$latest_release.tar.gz
+tar -xzf $TMP_DIR/cpolis.tar.gz -C $EXTRACTION_DIR
+rm $TMP_DIR/cpolis.tar.gz
+
+echo '\nDownloading TailwindCSS...' >&2
+curl -s $TAILWINDCSS_REPO_URL |
+    grep -F browser_download_url |
+    grep -F linux-x64 |
+    cut -d'"' -f4 |
+    xargs -r curl -Lo $CPOLIS_DIR/tailwindcss
+chmod +x $CPOLIS_DIR/tailwindcss
+$CPOLIS_DIR/tailwindcss -i $CPOLIS_DIR/web/static/css/input.css -o $CPOLIS_DIR/web/static/css/style.css
+
+echo '\nBuilding cpolis...' >&2
+go build -o $TMP_DIR/cpolis $CPOLIS_DIR/cmd/main.go
+
+echo '\nSetting system files up...' >&2
+sudo mv $TMP_DIR/cpolis $BIN_DIR/cpolis
+sudo chown root:root $BIN_DIR/cpolis
+chmod +x $BIN_DIR/cpolis
+
+sudo mv $CPOLIS_DIR/cpolis.service $SYSTEMD_DIR
+sudo chown root:root $SYSTEMD_DIR/cpolis.service
+sudo systemctl daemon-reload
+sudo systemctl is-active --quiet cpolis.service && sudo systemctl restart cpolis.service

web/templates/hub.html

@@ -31,6 +31,7 @@
         <h2>Herausgeber</h2>
         <div class="grid grid-cols-2 gap-4">
             <button class="btn" hx-get="/this-issue" hx-target="#page-content">Diese Ausgabe</button>
+            <button class="btn" hx-get="/published-articles" hx-target="#page-content">Artikel löschen</button>
         </div>
     </div>
     {{end}}

web/templates/published-articles.html

@@ -0,0 +1,13 @@
+{{define "page-content"}}
+<h2>Artikel löschen</h2>
+
+<div class="flex flex-col gap-4">
+    {{range .}}
+    <button class="btn" hx-get="/review-article-for-deletion/{{.ID}}" hx-target="#page-content">
+        <h1 class="font-bold text-2xl">{{.Title}}</h1>
+        <p>{{.Description}}</p>
+    </button>
+    {{end}}
+    <button class="action-btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
+</div>
+{{end}}

web/templates/to-be-deleted.html

@@ -0,0 +1,36 @@
+{{define "page-content"}}
+<h2>Artikel löschen</h2>
+
+<div>
+    <span>Titel</span>
+    <div class="bg-white border mb-3 px-2 py-2 rounded-md w-full">
+        {{.Title}}
+    </div>
+
+    <span>Beschreibung</span>
+    <div class="bg-white border mb-3 px-2 py-2 rounded-md w-full">
+        {{.Description}}
+    </div>
+
+    <span>Artikel</span>
+    <div class="bg-white border mb-3 px-2 py-2 rounded-md w-full">
+        <div class="prose">
+            {{.Content}}
+        </div>
+    </div>
+
+    <span>Tags</span>
+    <div class="bg-white border mb-3 px-2 py-2 rounded-md w-full">
+        {{range .Tags}}
+        {{.Name}}
+        <br>
+        {{end}}
+    </div>
+
+    <div class="btn-area">
+        <input class="action-btn" type="submit" value="Löschen" hx-get="/delete-article/{{.ID}}"
+            hx-target="#page-content" />
+        <button class="btn" hx-get="/hub" hx-target="#page-content">Zurück</button>
+    </div>
+</div>
+{{end}}