164 lines
4.4 KiB
Go
164 lines
4.4 KiB
Go
package v1
|
|
|
|
import (
|
|
"git.kolaente.de/konrad/list/models"
|
|
"github.com/labstack/echo"
|
|
"net/http"
|
|
)
|
|
|
|
func AddList(c echo.Context) error {
|
|
// swagger:operation PUT /namespaces/{namespaceID}/lists lists addList
|
|
// ---
|
|
// summary: Creates a new list owned by the currently logged in user in that namespace
|
|
// consumes:
|
|
// - application/json
|
|
// produces:
|
|
// - application/json
|
|
// parameters:
|
|
// - name: namespaceID
|
|
// in: path
|
|
// description: ID of the namespace that list should belong to
|
|
// type: string
|
|
// required: true
|
|
// - name: body
|
|
// in: body
|
|
// required: true
|
|
// schema:
|
|
// "$ref": "#/definitions/List"
|
|
// responses:
|
|
// "200":
|
|
// "$ref": "#/responses/List"
|
|
// "400":
|
|
// "$ref": "#/responses/Message"
|
|
// "403":
|
|
// "$ref": "#/responses/Message"
|
|
// "500":
|
|
// "$ref": "#/responses/Message"
|
|
|
|
// Get the list
|
|
var list *models.List
|
|
|
|
if err := c.Bind(&list); err != nil {
|
|
return c.JSON(http.StatusBadRequest, models.Message{"No list model provided."})
|
|
}
|
|
|
|
// Get the namespace ID
|
|
var err error
|
|
list.NamespaceID, err = models.GetIntURLParam("nID", c)
|
|
if err != nil {
|
|
return c.JSON(http.StatusBadRequest, models.Message{"Invalid namespace ID."})
|
|
}
|
|
|
|
// Get the current user for later checks
|
|
user, err := models.GetCurrentUser(c)
|
|
if err != nil {
|
|
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
|
}
|
|
list.Owner = user
|
|
|
|
// Get the namespace
|
|
namespace, err := models.GetNamespaceByID(list.NamespaceID)
|
|
if err != nil {
|
|
if models.IsErrNamespaceDoesNotExist(err) {
|
|
return c.JSON(http.StatusNotFound, models.Message{"Namespace not found."})
|
|
}
|
|
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
|
}
|
|
|
|
// Check if the user has write acces to that namespace
|
|
err = user.HasNamespaceWriteAccess(&namespace)
|
|
if err != nil {
|
|
if models.IsErrUserDoesNotHaveAccessToNamespace(err) {
|
|
return c.JSON(http.StatusForbidden, models.Message{"You don't have access to this namespace."})
|
|
}
|
|
if models.IsErrUserDoesNotHaveWriteAccessToNamespace(err) {
|
|
return c.JSON(http.StatusForbidden, models.Message{"You don't have write access to this namespace."})
|
|
}
|
|
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
|
}
|
|
|
|
// Create the new list
|
|
err = models.CreateOrUpdateList(list)
|
|
if err != nil {
|
|
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
|
}
|
|
|
|
return c.JSON(http.StatusOK, list)
|
|
}
|
|
|
|
func UpdateList(c echo.Context) error {
|
|
// swagger:operation POST /lists/{listID} lists upadteList
|
|
// ---
|
|
// summary: Updates a list
|
|
// consumes:
|
|
// - application/json
|
|
// produces:
|
|
// - application/json
|
|
// parameters:
|
|
// - name: listID
|
|
// in: path
|
|
// description: ID of the list to update
|
|
// type: string
|
|
// required: true
|
|
// - name: body
|
|
// in: body
|
|
// schema:
|
|
// "$ref": "#/definitions/List"
|
|
// responses:
|
|
// "200":
|
|
// "$ref": "#/responses/List"
|
|
// "400":
|
|
// "$ref": "#/responses/Message"
|
|
// "403":
|
|
// "$ref": "#/responses/Message"
|
|
// "500":
|
|
// "$ref": "#/responses/Message"
|
|
|
|
// Get the list
|
|
var list *models.List
|
|
|
|
if err := c.Bind(&list); err != nil {
|
|
return c.JSON(http.StatusBadRequest, models.Message{"No list model provided."})
|
|
}
|
|
|
|
// Get the list ID
|
|
var err error
|
|
list.ID, err = models.GetIntURLParam("id", c)
|
|
if err != nil {
|
|
return c.JSON(http.StatusBadRequest, models.Message{"Invalid ID."})
|
|
}
|
|
|
|
// Check if the list exists
|
|
// ID = 0 means new list, no error
|
|
var oldList models.List
|
|
if list.ID != 0 {
|
|
oldList, err = models.GetListByID(list.ID)
|
|
if err != nil {
|
|
if models.IsErrListDoesNotExist(err) {
|
|
return c.JSON(http.StatusBadRequest, models.Message{"The list does not exist."})
|
|
}
|
|
return c.JSON(http.StatusInternalServerError, models.Message{"Could not check if the list exists."})
|
|
}
|
|
}
|
|
|
|
// Get the current user for later checks
|
|
user, err := models.GetCurrentUser(c)
|
|
if err != nil {
|
|
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
|
}
|
|
list.Owner = user
|
|
|
|
// Check if the user owns the list
|
|
// TODO use list function for that
|
|
if user.ID != oldList.Owner.ID {
|
|
return c.JSON(http.StatusForbidden, models.Message{"You cannot edit a list you don't own."})
|
|
}
|
|
|
|
// Update the list
|
|
err = models.CreateOrUpdateList(list)
|
|
if err != nil {
|
|
return c.JSON(http.StatusInternalServerError, models.Message{"An error occured."})
|
|
}
|
|
|
|
return c.JSON(http.StatusOK, list)
|
|
}
|