feat(handlers): Implement post editing handler

Implements a handler that receives the edit form result and updates
the database accordingly if the user identity matches.
This commit is contained in:
Vincent Ambo 2018-04-15 23:30:22 +02:00
parent e130e15b79
commit 56d57edfd0
3 changed files with 31 additions and 2 deletions

View file

@ -90,8 +90,8 @@ impl Handler<GetPost> for DbExecutor {
/// Message used to update the content of a post. /// Message used to update the content of a post.
#[derive(Deserialize)] #[derive(Deserialize)]
pub struct UpdatePost { pub struct UpdatePost {
post_id: i32, pub post_id: i32,
post: String, pub post: String,
} }
message!(UpdatePost, Result<Post>); message!(UpdatePost, Result<Post>);

View file

@ -224,6 +224,34 @@ pub fn edit_form(state: State<AppState>,
.responder() .responder()
} }
/// This handler "executes" an edit to a post if the current user owns
/// the edited post.
pub fn edit_post(state: State<AppState>,
mut req: HttpRequest<AppState>,
update: Form<UpdatePost>) -> ConverseResponse {
let author: Option<Author> = req.session().get(AUTHOR)
.unwrap_or_else(|_| None);
state.db.send(GetPost { id: update.post_id })
.flatten()
.from_err()
.and_then(move |post| {
if let Some(author) = author {
if author.email.eq(&post.author_email) {
return Ok(());
}
}
Err(ConverseError::PostEditForbidden { id: post.id })
})
.and_then(move |_| state.db.send(update.0).from_err())
.flatten()
.map(|updated| HttpResponse::SeeOther()
.header("Location", format!("/thread/{}#post-{}",
updated.thread_id, updated.id))
.finish())
.responder()
}
/// This handler executes a full-text search on the forum database and /// This handler executes a full-text search on the forum database and
/// displays the results to the user. /// displays the results to the user.
pub fn search_forum(state: State<AppState>, pub fn search_forum(state: State<AppState>,

View file

@ -182,6 +182,7 @@ fn start_http_server(base_url: String,
.resource("/thread/reply", |r| r.method(Method::POST).with3(reply_thread)) .resource("/thread/reply", |r| r.method(Method::POST).with3(reply_thread))
.resource("/thread/{id}", |r| r.method(Method::GET).with3(forum_thread)) .resource("/thread/{id}", |r| r.method(Method::GET).with3(forum_thread))
.resource("/post/{id}/edit", |r| r.method(Method::GET).with3(edit_form)) .resource("/post/{id}/edit", |r| r.method(Method::GET).with3(edit_form))
.resource("/post/edit", |r| r.method(Method::POST).with3(edit_post))
.resource("/search", |r| r.method(Method::GET).with2(search_forum)) .resource("/search", |r| r.method(Method::GET).with2(search_forum))
.resource("/oidc/login", |r| r.method(Method::GET).with(login)) .resource("/oidc/login", |r| r.method(Method::GET).with(login))
.resource("/oidc/callback", |r| r.method(Method::POST).with3(callback)); .resource("/oidc/callback", |r| r.method(Method::POST).with3(callback));