diff options
author | r <r@freesoftwareextremist.com> | 2020-02-02 08:30:40 +0000 |
---|---|---|
committer | r <r@freesoftwareextremist.com> | 2020-02-02 08:30:40 +0000 |
commit | 5d58269132a27373ef8932ddcbbbf8b8637fa380 (patch) | |
tree | d1bb7dc2dc72a9fb4486d4214a570b3278133b48 | |
parent | 4d9e0af373b3a92d04498070c6fc8f6c197fc9c0 (diff) | |
download | bloat-5d58269132a27373ef8932ddcbbbf8b8637fa380.tar.gz bloat-5d58269132a27373ef8932ddcbbbf8b8637fa380.zip |
Add status deletion
-rw-r--r-- | model/session.go | 1 | ||||
-rw-r--r-- | renderer/model.go | 1 | ||||
-rw-r--r-- | service/auth.go | 17 | ||||
-rw-r--r-- | service/logging.go | 10 | ||||
-rw-r--r-- | service/service.go | 22 | ||||
-rw-r--r-- | service/transport.go | 19 | ||||
-rw-r--r-- | templates/status.tmpl | 6 |
7 files changed, 68 insertions, 8 deletions
diff --git a/model/session.go b/model/session.go index 10fca6f..c18225c 100644 --- a/model/session.go +++ b/model/session.go @@ -10,6 +10,7 @@ var ( type Session struct { ID string `json:"id"` + UserID string `json:"user_id"` InstanceDomain string `json:"instance_domain"` AccessToken string `json:"access_token"` CSRFToken string `json:"csrf_token"` diff --git a/renderer/model.go b/renderer/model.go index d4bf7d5..4ff73c3 100644 --- a/renderer/model.go +++ b/renderer/model.go @@ -11,6 +11,7 @@ type Context struct { ThreadInNewTab bool DarkMode bool CSRFToken string + UserID string } type HeaderData struct { diff --git a/service/auth.go b/service/auth.go index afb324a..dac0338 100644 --- a/service/auth.go +++ b/service/auth.go @@ -167,18 +167,19 @@ func (s *as) NewSession(ctx context.Context, instance string) (redirectUrl strin } func (s *as) Signin(ctx context.Context, c *model.Client, sessionID string, - code string) (token string, err error) { + code string) (token string, userID string, err error) { err = s.authenticateClient(ctx, c) if err != nil { return } - token, err = s.Service.Signin(ctx, c, c.Session.ID, code) + token, userID, err = s.Service.Signin(ctx, c, c.Session.ID, code) if err != nil { return } c.Session.AccessToken = token + c.Session.UserID = userID err = s.sessionRepo.Add(c.Session) if err != nil { return @@ -308,3 +309,15 @@ func (s *as) UnMuteConversation(ctx context.Context, c *model.Client, id string) } return s.Service.UnMuteConversation(ctx, c, id) } + +func (s *as) Delete(ctx context.Context, c *model.Client, id string) (err error) { + err = s.authenticateClient(ctx, c) + if err != nil { + return + } + err = checkCSRF(ctx, c) + if err != nil { + return + } + return s.Service.Delete(ctx, c, id) +} diff --git a/service/logging.go b/service/logging.go index f26abaf..86aa1cb 100644 --- a/service/logging.go +++ b/service/logging.go @@ -138,7 +138,7 @@ func (s *ls) NewSession(ctx context.Context, instance string) (redirectUrl strin } func (s *ls) Signin(ctx context.Context, c *model.Client, sessionID string, - code string) (token string, err error) { + code string) (token string, userID string, err error) { defer func(begin time.Time) { s.logger.Printf("method=%v, session_id=%v, took=%v, err=%v\n", "Signin", sessionID, time.Since(begin), err) @@ -228,3 +228,11 @@ func (s *ls) UnMuteConversation(ctx context.Context, c *model.Client, id string) }(time.Now()) return s.Service.UnMuteConversation(ctx, c, id) } + +func (s *ls) Delete(ctx context.Context, c *model.Client, id string) (err error) { + defer func(begin time.Time) { + s.logger.Printf("method=%v, id=%v, took=%v, err=%v\n", + "Delete", id, time.Since(begin), err) + }(time.Now()) + return s.Service.Delete(ctx, c, id) +} diff --git a/service/service.go b/service/service.go index 043191b..c9511f9 100644 --- a/service/service.go +++ b/service/service.go @@ -34,7 +34,8 @@ type Service interface { ServeUserSearchPage(ctx context.Context, c *model.Client, id string, q string, offset int) (err error) ServeSettingsPage(ctx context.Context, c *model.Client) (err error) NewSession(ctx context.Context, instance string) (redirectUrl string, sessionID string, err error) - Signin(ctx context.Context, c *model.Client, sessionID string, code string) (token string, err error) + Signin(ctx context.Context, c *model.Client, sessionID string, + code string) (token string, userID string, err error) Post(ctx context.Context, c *model.Client, content string, replyToID string, format string, visibility string, isNSFW bool, files []*multipart.FileHeader) (id string, err error) Like(ctx context.Context, c *model.Client, id string) (count int64, err error) @@ -46,6 +47,7 @@ type Service interface { SaveSettings(ctx context.Context, c *model.Client, settings *model.Settings) (err error) MuteConversation(ctx context.Context, c *model.Client, id string) (err error) UnMuteConversation(ctx context.Context, c *model.Client, id string) (err error) + Delete(ctx context.Context, c *model.Client, id string) (err error) } type service struct { @@ -95,6 +97,7 @@ func getRendererContext(c *model.Client) *renderer.Context { FluorideMode: settings.FluorideMode, DarkMode: settings.DarkMode, CSRFToken: session.CSRFToken, + UserID: session.UserID, } } @@ -741,7 +744,7 @@ func (svc *service) NewSession(ctx context.Context, instance string) ( } func (svc *service) Signin(ctx context.Context, c *model.Client, - sessionID string, code string) (token string, err error) { + sessionID string, code string) (token string, userID string, err error) { if len(code) < 1 { err = errInvalidArgument @@ -754,6 +757,12 @@ func (svc *service) Signin(ctx context.Context, c *model.Client, } token = c.GetAccessToken(ctx) + u, err := c.GetAccountCurrentUser(ctx) + if err != nil { + return + } + userID = u.ID + return } @@ -851,14 +860,19 @@ func (svc *service) SaveSettings(ctx context.Context, c *model.Client, return svc.sessionRepo.Add(session) } -func (svc *service) MuteConversation(ctx context.Context, c *model.Client, +func (svc *service) MuteConversation(ctx context.Context, c *model.Client, id string) (err error) { _, err = c.MuteConversation(ctx, id) return } -func (svc *service) UnMuteConversation(ctx context.Context, c *model.Client, +func (svc *service) UnMuteConversation(ctx context.Context, c *model.Client, id string) (err error) { _, err = c.UnmuteConversation(ctx, id) return } + +func (svc *service) Delete(ctx context.Context, c *model.Client, + id string) (err error) { + return c.DeleteStatus(ctx, id) +} diff --git a/service/transport.go b/service/transport.go index cc864e7..6316748 100644 --- a/service/transport.go +++ b/service/transport.go @@ -290,7 +290,7 @@ func NewHandler(s Service, staticDir string) http.Handler { ctx := newCtxWithSesion(req) token := req.URL.Query().Get("code") - _, err := s.Signin(ctx, c, "", token) + _, _, err := s.Signin(ctx, c, "", token) if err != nil { w.WriteHeader(http.StatusInternalServerError) s.ServeErrorPage(ctx, c, err) @@ -513,6 +513,22 @@ func NewHandler(s Service, staticDir string) http.Handler { w.WriteHeader(http.StatusFound) } + delete := func(w http.ResponseWriter, req *http.Request) { + c := newClient(w) + ctx := newCtxWithSesionCSRF(req, req.FormValue("csrf_token")) + id, _ := mux.Vars(req)["id"] + + err := s.Delete(ctx, c, id) + if err != nil { + w.WriteHeader(http.StatusInternalServerError) + s.ServeErrorPage(ctx, c, err) + return + } + + w.Header().Add("Location", req.Header.Get("Referer")) + w.WriteHeader(http.StatusFound) + } + signout := func(w http.ResponseWriter, req *http.Request) { // TODO remove session from database http.SetCookie(w, &http.Cookie{ @@ -622,6 +638,7 @@ func NewHandler(s Service, staticDir string) http.Handler { r.HandleFunc("/settings", settings).Methods(http.MethodPost) r.HandleFunc("/muteconv/{id}", muteConversation).Methods(http.MethodPost) r.HandleFunc("/unmuteconv/{id}", unMuteConversation).Methods(http.MethodPost) + r.HandleFunc("/delete/{id}", delete).Methods(http.MethodPost) r.HandleFunc("/signout", signout).Methods(http.MethodGet) r.HandleFunc("/fluoride/like/{id}", fLike).Methods(http.MethodPost) r.HandleFunc("/fluoride/unlike/{id}", fUnlike).Methods(http.MethodPost) diff --git a/templates/status.tmpl b/templates/status.tmpl index 1ea475e..75b399b 100644 --- a/templates/status.tmpl +++ b/templates/status.tmpl @@ -43,6 +43,12 @@ <input type="submit" value="mute" class="btn-link more-link" title="mute"> </form> {{end}} + {{if eq $.Ctx.UserID .Account.ID}} + <form action="/delete/{{.ID}}" method="post"> + <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="submit" value="delete" class="btn-link more-link" title="delete"> + </form> + {{end}} </div> </div> </div> |