pinPost pins a post to a blog
(app *App, w http.ResponseWriter, r *http.Request)
| 1057 | |
| 1058 | // pinPost pins a post to a blog |
| 1059 | func pinPost(app *App, w http.ResponseWriter, r *http.Request) error { |
| 1060 | var userID int64 |
| 1061 | |
| 1062 | // Authenticate user |
| 1063 | at := r.Header.Get("Authorization") |
| 1064 | if at != "" { |
| 1065 | userID = app.db.GetUserID(at) |
| 1066 | if userID == -1 { |
| 1067 | return ErrBadAccessToken |
| 1068 | } |
| 1069 | } else { |
| 1070 | u := getUserSession(app, r) |
| 1071 | if u == nil { |
| 1072 | return ErrNotLoggedIn |
| 1073 | } |
| 1074 | userID = u.ID |
| 1075 | } |
| 1076 | |
| 1077 | silenced, err := app.db.IsUserSilenced(userID) |
| 1078 | if err != nil { |
| 1079 | log.Error("pin post: %v", err) |
| 1080 | } |
| 1081 | if silenced { |
| 1082 | return ErrUserSilenced |
| 1083 | } |
| 1084 | |
| 1085 | // Parse request |
| 1086 | var posts []struct { |
| 1087 | ID string `json:"id"` |
| 1088 | Position int64 `json:"position"` |
| 1089 | } |
| 1090 | decoder := json.NewDecoder(r.Body) |
| 1091 | err = decoder.Decode(&posts) |
| 1092 | if err != nil { |
| 1093 | return ErrBadJSONArray |
| 1094 | } |
| 1095 | |
| 1096 | // Validate data |
| 1097 | vars := mux.Vars(r) |
| 1098 | collAlias := vars["alias"] |
| 1099 | |
| 1100 | coll, err := app.db.GetCollection(collAlias) |
| 1101 | if err != nil { |
| 1102 | return err |
| 1103 | } |
| 1104 | if coll.OwnerID != userID { |
| 1105 | return ErrForbiddenCollection |
| 1106 | } |
| 1107 | |
| 1108 | // Do (un)pinning |
| 1109 | isPinning := r.URL.Path[strings.LastIndex(r.URL.Path, "/"):] == "/pin" |
| 1110 | res := []PinPostResult{} |
| 1111 | for _, p := range posts { |
| 1112 | err = app.db.UpdatePostPinState(isPinning, p.ID, coll.ID, userID, p.Position) |
| 1113 | ppr := PinPostResult{ID: p.ID} |
| 1114 | if err != nil { |
| 1115 | ppr.Code = http.StatusInternalServerError |
| 1116 | // TODO: set error message |
nothing calls this directly
no test coverage detected