github.com/saadullahsaeed/fragmenta-cms@v1.5.4/src/pages/actions/update.go

github.com/saadullahsaeed/fragmenta-cms@v1.5.4/src/pages/actions/update.go (about)

     1  package pageactions
     2  
     3  import (
     4  	"net/http"
     5  
     6  	"github.com/fragmenta/auth/can"
     7  	"github.com/fragmenta/mux"
     8  	"github.com/fragmenta/server"
     9  	"github.com/fragmenta/view"
    10  
    11  	"github.com/fragmenta/fragmenta-cms/src/lib/session"
    12  	"github.com/fragmenta/fragmenta-cms/src/pages"
    13  	"github.com/fragmenta/fragmenta-cms/src/users"
    14  )
    15  
    16  // HandleUpdateShow renders the form to update a page.
    17  func HandleUpdateShow(w http.ResponseWriter, r *http.Request) error {
    18  
    19  	// Fetch the  params
    20  	params, err := mux.Params(r)
    21  	if err != nil {
    22  		return server.InternalError(err)
    23  	}
    24  
    25  	// Find the page
    26  	page, err := pages.Find(params.GetInt(pages.KeyName))
    27  	if err != nil {
    28  		return server.NotFoundError(err)
    29  	}
    30  
    31  	// Authorise update page
    32  	user := session.CurrentUser(w, r)
    33  	err = can.Update(page, user)
    34  	if err != nil {
    35  		return server.NotAuthorizedError(err)
    36  	}
    37  
    38  	// Fetch the users
    39  	authors, err := users.FindAll(users.Where("role=?", users.Admin))
    40  	if err != nil {
    41  		return server.InternalError(err)
    42  	}
    43  
    44  	// Render the template
    45  	view := view.NewRenderer(w, r)
    46  	view.AddKey("page", page)
    47  	view.AddKey("authors", authors)
    48  	view.AddKey("currentUser", user)
    49  	return view.Render()
    50  }
    51  
    52  // HandleUpdate handles the POST of the form to update a page
    53  func HandleUpdate(w http.ResponseWriter, r *http.Request) error {
    54  
    55  	// Fetch the  params
    56  	params, err := mux.Params(r)
    57  	if err != nil {
    58  		return server.InternalError(err)
    59  	}
    60  
    61  	// Find the page
    62  	page, err := pages.Find(params.GetInt(pages.KeyName))
    63  	if err != nil {
    64  		return server.NotFoundError(err)
    65  	}
    66  
    67  	// Check the authenticity token
    68  	err = session.CheckAuthenticity(w, r)
    69  	if err != nil {
    70  		return err
    71  	}
    72  
    73  	// Authorise update page
    74  	user := session.CurrentUser(w, r)
    75  	err = can.Update(page, user)
    76  	if err != nil {
    77  		return server.NotAuthorizedError(err)
    78  	}
    79  
    80  	// Validate the params, removing any we don't accept
    81  	pageParams := page.ValidateParams(params.Map(), pages.AllowedParams())
    82  
    83  	err = page.Update(pageParams)
    84  	if err != nil {
    85  		return server.InternalError(err)
    86  	}
    87  
    88  	// Redirect to page
    89  	return server.Redirect(w, r, page.ShowURL())
    90  }