(app *App, w http.ResponseWriter, r *http.Request)
| 77 | } |
| 78 | |
| 79 | func handleCreateEmailSubscription(app *App, w http.ResponseWriter, r *http.Request) error { |
| 80 | reqJSON := IsJSON(r) |
| 81 | vars := mux.Vars(r) |
| 82 | var err error |
| 83 | |
| 84 | ss := SubmittedSubscription{ |
| 85 | CollAlias: vars["alias"], |
| 86 | } |
| 87 | u := getUserSession(app, r) |
| 88 | if u != nil { |
| 89 | ss.UserID = u.ID |
| 90 | } |
| 91 | if reqJSON { |
| 92 | // Decode JSON request |
| 93 | decoder := json.NewDecoder(r.Body) |
| 94 | err = decoder.Decode(&ss) |
| 95 | if err != nil { |
| 96 | log.Error("Couldn't parse new subscription JSON request: %v\n", err) |
| 97 | return ErrBadJSON |
| 98 | } |
| 99 | } else { |
| 100 | err = r.ParseForm() |
| 101 | if err != nil { |
| 102 | log.Error("Couldn't parse new subscription form request: %v\n", err) |
| 103 | return ErrBadFormData |
| 104 | } |
| 105 | |
| 106 | err = app.formDecoder.Decode(&ss, r.PostForm) |
| 107 | if err != nil { |
| 108 | log.Error("Continuing, but error decoding new subscription form request: %v\n", err) |
| 109 | //return ErrBadFormData |
| 110 | } |
| 111 | } |
| 112 | |
| 113 | c, err := app.db.GetCollection(ss.CollAlias) |
| 114 | if err != nil { |
| 115 | log.Error("getCollection: %s", err) |
| 116 | return err |
| 117 | } |
| 118 | c.hostName = app.cfg.App.Host |
| 119 | |
| 120 | from := c.CanonicalURL() |
| 121 | isAuthorBanned, err := app.db.IsUserSilenced(c.OwnerID) |
| 122 | if isAuthorBanned { |
| 123 | log.Info("Author is silenced, so subscription is blocked.") |
| 124 | return impart.HTTPError{http.StatusFound, from} |
| 125 | } |
| 126 | |
| 127 | if ss.Web { |
| 128 | if u != nil && u.ID == c.OwnerID { |
| 129 | from = "/" + c.Alias + "/" |
| 130 | } |
| 131 | from += ss.Slug |
| 132 | } |
| 133 | |
| 134 | if r.FormValue(spam.HoneypotFieldName()) != "" || r.FormValue("fake_password") != "" { |
| 135 | log.Info("Honeypot field was filled out! Not subscribing.") |
| 136 | return impart.HTTPError{http.StatusFound, from} |
nothing calls this directly
no test coverage detected