feat(handlers): Determine whether current user can edit a post

This commit is contained in:
Vincent Ambo 2018-04-15 12:38:12 +02:00
parent 02a466a28b
commit 9cee48f2da
3 changed files with 19 additions and 3 deletions

View file

@ -60,11 +60,18 @@ pub fn forum_index(state: State<AppState>) -> ConverseResponse {
}
/// This handler retrieves and displays a single forum thread.
pub fn forum_thread(state: State<AppState>, thread_id: Path<i32>) -> ConverseResponse {
pub fn forum_thread(state: State<AppState>,
mut req: HttpRequest<AppState>,
thread_id: Path<i32>) -> ConverseResponse {
let id = thread_id.into_inner();
let user = req.session().get(AUTHOR)
.unwrap_or_else(|_| None)
.map(|a: Author| a.email);
state.db.send(GetThread(id))
.flatten()
.and_then(move |res| state.renderer.send(ThreadPage {
current_user: user,
thread: res.0,
posts: res.1,
}).from_err())

View file

@ -152,7 +152,7 @@ fn main() {
.resource("/thread/new", |r| r.method(Method::GET).with(new_thread))
.resource("/thread/submit", |r| r.method(Method::POST).with3(submit_thread))
.resource("/thread/reply", |r| r.method(Method::POST).with3(reply_thread))
.resource("/thread/{id}", |r| r.method(Method::GET).with2(forum_thread))
.resource("/thread/{id}", |r| r.method(Method::GET).with3(forum_thread))
.resource("/search", |r| r.method(Method::GET).with2(search_forum))
.resource("/oidc/login", |r| r.method(Method::GET).with(login))
.resource("/oidc/callback", |r| r.method(Method::POST).with3(callback));

View file

@ -86,6 +86,7 @@ impl Handler<IndexPage> for Renderer {
/// Message used to render a thread.
pub struct ThreadPage {
pub current_user: Option<String>,
pub thread: Thread,
pub posts: Vec<Post>,
}
@ -102,6 +103,7 @@ struct RenderablePost {
posted: FormattedDate,
author_name: String,
author_gravatar: String,
editable: bool,
}
/// This structure represents the transformed thread data with
@ -119,14 +121,21 @@ fn md5_hex(input: &[u8]) -> String {
}
fn prepare_thread(comrak: &ComrakOptions, page: ThreadPage) -> RenderableThreadPage {
let user = page.current_user;
let posts = page.posts.into_iter().map(|post| {
let escaped_body = escape_html(&post.body);
let editable = user.clone()
.map(|c| post.author_email.eq(&c))
.unwrap_or_else(|| false);
RenderablePost {
id: post.id,
body: markdown_to_html(&escaped_body, comrak),
posted: post.posted.into(),
author_name: post.author_name,
author_name: post.author_name.clone(),
author_gravatar: md5_hex(post.author_email.as_bytes()),
editable,
}
}).collect();