finish csrf and gorilla mux port work
This commit is contained in:
parent
df5dca3a52
commit
42795c6cef
12
js/funcs.js
12
js/funcs.js
|
|
@ -28,17 +28,17 @@ $(document).ready( function () {
|
||||||
|
|
||||||
$('.cat-delete').confirm({
|
$('.cat-delete').confirm({
|
||||||
text: "Are you sure you want to delete this category?",
|
text: "Are you sure you want to delete this category?",
|
||||||
title: "Confirmation required",
|
title: "Delete confrimation",
|
||||||
confirmButton: "Yes",
|
confirm: function(form) {
|
||||||
cancelButton: "No",
|
console.log("fooo");
|
||||||
|
form.submit();
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
$(".confirm-news-delete").confirm({
|
$(".confirm-news-delete").confirm({
|
||||||
"text": "Delete news item?",
|
"text": "Delete news item?",
|
||||||
"title": "Delete confirmation",
|
"title": "Delete confirmation",
|
||||||
confirmButton: "Yes",
|
confirm: function(form) {
|
||||||
cancelButton: "No",
|
|
||||||
"confirm": function(form) {
|
|
||||||
form.submit();
|
form.submit();
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
|
||||||
|
|
@ -188,7 +188,7 @@ func editFormHandler(w http.ResponseWriter, r *http.Request, user *user.User, se
|
||||||
|
|
||||||
flashes := GetFlashes(session)
|
flashes := GetFlashes(session)
|
||||||
|
|
||||||
id, idErr := strconv.Atoi(r.FormValue("id"))
|
id, idErr := strconv.Atoi(mux.Vars(r)["id"])
|
||||||
if idErr != nil {
|
if idErr != nil {
|
||||||
session.AddFlash("Could not understand news id", flash_err)
|
session.AddFlash("Could not understand news id", flash_err)
|
||||||
session.Save(r, w)
|
session.Save(r, w)
|
||||||
|
|
@ -210,15 +210,15 @@ func editFormHandler(w http.ResponseWriter, r *http.Request, user *user.User, se
|
||||||
}
|
}
|
||||||
|
|
||||||
func editPostHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
|
func editPostHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
|
||||||
news_id, err := strconv.Atoi(r.FormValue("id"))
|
id, idErr := strconv.Atoi(mux.Vars(r)["id"])
|
||||||
if err != nil {
|
if idErr != nil {
|
||||||
session.AddFlash("Error trying to save news item", flash_err)
|
session.AddFlash("Error trying to save news item", flash_err)
|
||||||
session.Save(r, w)
|
session.Save(r, w)
|
||||||
http.Redirect(w, r, "/news", http.StatusFound)
|
http.Redirect(w, r, "/news", http.StatusFound)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
news, err := news.Get(db, news_id)
|
news, err := news.Get(db, id)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Println("Error trying to edit news item that doesn't exist")
|
fmt.Println("Error trying to edit news item that doesn't exist")
|
||||||
session.AddFlash("Error trying to save news item", flash_err)
|
session.AddFlash("Error trying to save news item", flash_err)
|
||||||
|
|
@ -335,7 +335,7 @@ func categoryFromReqArg(arg string) *categories.Category {
|
||||||
|
|
||||||
func categoryChangeParentHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
|
func categoryChangeParentHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
|
||||||
categories.LoadCategories(db)
|
categories.LoadCategories(db)
|
||||||
category := categoryFromReqArg(r.FormValue("cid"))
|
category := categoryFromReqArg(mux.Vars(r)["id"])
|
||||||
parent := categoryFromReqArg(r.FormValue("parent"))
|
parent := categoryFromReqArg(r.FormValue("parent"))
|
||||||
|
|
||||||
if category == nil {
|
if category == nil {
|
||||||
|
|
@ -378,7 +378,7 @@ func categoryAddHandler(w http.ResponseWriter, r *http.Request, user *user.User,
|
||||||
}
|
}
|
||||||
|
|
||||||
func categoryDeleteHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
|
func categoryDeleteHandler(w http.ResponseWriter, r *http.Request, user *user.User, session *sessions.Session) {
|
||||||
id, idErr := strconv.Atoi(r.FormValue("id"))
|
id, idErr := strconv.Atoi(mux.Vars(r)["id"])
|
||||||
|
|
||||||
if idErr != nil {
|
if idErr != nil {
|
||||||
session.AddFlash("Invalid category to delete", flash_err)
|
session.AddFlash("Invalid category to delete", flash_err)
|
||||||
|
|
@ -447,19 +447,16 @@ func init_route_handlers() *mux.Router {
|
||||||
|
|
||||||
rGet.HandleFunc("/news/added", userHandler(addedHandler))
|
rGet.HandleFunc("/news/added", userHandler(addedHandler))
|
||||||
|
|
||||||
// TODO to post and {id}
|
|
||||||
rPost.HandleFunc("/news/{id:[0-9]+}/delete", userHandler(deleteHandler))
|
rPost.HandleFunc("/news/{id:[0-9]+}/delete", userHandler(deleteHandler))
|
||||||
// TODO post {id} ?
|
|
||||||
rGet.HandleFunc("/news/{id:[0-9]+}/edit", userHandler(editFormHandler))
|
rGet.HandleFunc("/news/{id:[0-9]+}/edit", userHandler(editFormHandler))
|
||||||
rPost.HandleFunc("/news/{id:[0-9]+}/edit", userHandler(editPostHandler))
|
rPost.HandleFunc("/news/{id:[0-9]+}/edit", userHandler(editPostHandler))
|
||||||
|
|
||||||
rGet.HandleFunc("/categories", userHandler(categoriesFormHandler))
|
rGet.HandleFunc("/categories", userHandler(categoriesFormHandler))
|
||||||
rPost.HandleFunc("/caegories", userHandler(categoriesPostHandler))
|
rPost.HandleFunc("/caegories", userHandler(categoriesPostHandler))
|
||||||
|
|
||||||
// TODO post, add {id}
|
rPost.HandleFunc("/categories/{id:[0-9]+}/change-parent", userHandler(categoryChangeParentHandler))
|
||||||
rPost.HandleFunc("/categories/change-parent", userHandler(categoryChangeParentHandler))
|
|
||||||
rPost.HandleFunc("/categories/add", userHandler(categoryAddHandler))
|
rPost.HandleFunc("/categories/add", userHandler(categoryAddHandler))
|
||||||
rPost.HandleFunc("/categories/delete", userHandler(categoryDeleteHandler))
|
rPost.HandleFunc("/categories/{id:[0-9]+}/delete", userHandler(categoryDeleteHandler))
|
||||||
|
|
||||||
return r
|
return r
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
<h2 class="form-categories-heading">Categories</h2>
|
<h2 class="form-categories-heading">Categories</h2>
|
||||||
{{template "flashes" .}}
|
{{template "flashes" .}}
|
||||||
{{range $category := .categories}}
|
{{range $category := .categories}}
|
||||||
{{template "row-category" dict "category" $category "categories" $.categories}}
|
{{template "row-category" dict "category" $category "categories" $.categories "csrfField" $.csrfField}}
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
||||||
<div class="row">
|
<div class="row">
|
||||||
|
|
@ -34,10 +34,12 @@ new category select
|
||||||
{{.category.Name}}
|
{{.category.Name}}
|
||||||
</div>
|
</div>
|
||||||
<div class="col-xs-1">
|
<div class="col-xs-1">
|
||||||
<a href="/categories/delete?id={{.category.Id}}" class="cat-delete">delete</a>
|
<form method="POST" action="/categories/{{.category.Id}}/delete" class="cat-delete">{{ $.csrfField }}
|
||||||
|
<input type="submit" class="btn btn-sm btn-block" value="Delete" />
|
||||||
|
</form>
|
||||||
</div>
|
</div>
|
||||||
<div class="col-xs-3">
|
<div class="col-xs-3">
|
||||||
<form action="/categories/change-parent?cid={{.category.Id}}" method="POST">
|
<form action="/categories/{{.category.Id}}/change-parent" method="POST">
|
||||||
{{ .csrfField }}
|
{{ .csrfField }}
|
||||||
{{if $.category.Parent.Valid }}
|
{{if $.category.Parent.Valid }}
|
||||||
{{template "select-category" dict "categories" .categories "id" $.category.Parent.Value}}
|
{{template "select-category" dict "categories" .categories "id" $.category.Parent.Value}}
|
||||||
|
|
@ -49,7 +51,7 @@ new category select
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
{{range $child := .category.Children}}
|
{{range $child := .category.Children}}
|
||||||
{{template "row-category" dict "category" $child "categories" $.categories}}
|
{{template "row-category" dict "category" $child "categories" $.categories "csrfField" $.csrfField}}
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,7 @@
|
||||||
</div>
|
</div>
|
||||||
<div class="news-posts">
|
<div class="news-posts">
|
||||||
{{range $news_post := .news}}
|
{{range $news_post := .news}}
|
||||||
{{template "row-news" dict "post" $news_post "categories" $.categories}}
|
{{template "row-news" dict "post" $news_post "categories" $.categories "csrfField" $.csrfField}}
|
||||||
{{end}}
|
{{end}}
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
@ -39,12 +39,16 @@
|
||||||
<div class="col-xs-8 post-url">
|
<div class="col-xs-8 post-url">
|
||||||
<a href="{{.post.Url}}">{{truncate .post.Url 100}}</a>
|
<a href="{{.post.Url}}">{{truncate .post.Url 100}}</a>
|
||||||
</div>
|
</div>
|
||||||
<div class="col-xs-2 post-edit"><a href="/edit?id={{.post.Id}}">Edit</a></div>
|
<div class="col-xs-2 post-edit"><a href="/news/{{.post.Id}}/edit" class="btn btn-sm btn-block">Edit</a></div>
|
||||||
</div>
|
</div>
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-xs-2"> </div>
|
<div class="col-xs-2"> </div>
|
||||||
<div class="col-xs-8 post-preview">{{truncate .post.Notes 500}}</div>
|
<div class="col-xs-8 post-preview">{{truncate .post.Notes 500}}</div>
|
||||||
<div class="col-xs-2 post-delete"><form method="POST" action="/news/{{.post.Id}}/delete" class="confirm-news-delete">{{ .csrfField }}<input type="submit" class="btn btn-primary btn-block" value="Delete" /></form></div>
|
<div class="col-xs-2 post-delete">
|
||||||
|
<form method="POST" action="/news/{{.post.Id}}/delete" class="confirm-news-delete">{{ .csrfField }}
|
||||||
|
<input type="submit" class="btn btn-sm btn-block" value="Delete" />
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue