Controller::API::User: implement post handler

diff --git a/src/newslash_web/lib/Newslash/Web/Controller/API/User.pm b/src/newslash_web/lib/Newslash/Web/Controller/API/User.pm
index 7b717ca..84339db 100644 (file)
--- a/src/newslash_web/lib/Newslash/Web/Controller/API/User.pm
+++ b/src/newslash_web/lib/Newslash/Web/Controller/API/User.pm
@@ -29,106 +29,41 @@ sub get {
 
 sub post {
     my $c = shift;
-    my $params = {};
-    my $extra_params = {};
-    my $opts = {};
-
     my $user = $c->stash('user');
-
-    my $journals = $c->model('journals');
     my $users = $c->model('users');
-    my $util = $c->model('util');
-
-    my $allowed_tags = <<'EOT';
-{
-  "a": ["href"],
-  "blockquote": [],
-  "i": [],
-  "strong": []
-}
-EOT
-    #my $allowed = decode_json($allowed_tags);
-    my $allowed = {
-                   'b' => [],
-                   'i' => [],
-                   'p' => [],
-                   'br' => [],
-                   'a' => ['href',],
-                   'ol' => ['start',],
-                   'ul' => [],
-                   'li' => [],
-                   'dl' => [],
-                   'dt' => [],
-                   'dd' => [],
-                   'em' => [],
-                   'strong' => [],
-                   'tt' => [],
-                   'blockquote' => ['title', 'cite',],
-                   'div' => [],
-                   'ecode' => [],
-                   'del' => [],
-                   'ins' => [],
-                   'sub' => [],
-                   'sup' => [],
-                   'quote' => [],
-                   'strike' => [],
-                  };
 
     my $data = $c->req->json;
     my $message = "";
 
-    $params->{description} = $util->escape_html({}, $data->{title});
-    $message = "no title!" if !$params->{description};
-
-    # check user is valid
-    if (!defined $user || !$user->{login}) {
-        $message = "invalid author";
-    }
-    $params->{uid} = $user->{uid};
-    $params->{article} = $data->{introtext};
-    $params->{commentstatus} = $data->{commentstatus};
-    $params->{action} = $data->{action} || 'preview';
-    $params->{posttype} = $data->{posttype};
-    $params->{tid} = $data->{tid};
-
-    if ($data->{submissioncopy}) {
-        $params->{promotetype} = "publicize";
-    }
-    else {
-        $params->{promotetype} = "public";
-    }
-
-    # TODO: can select topics
-    #$params->{topics_chosen} = { 49 => 10, }; # tid => weight
-
-    #$extra_params->{createheaders} = $c->req->headers->to_string;
-
-    if (length($message) > 0) {
-        $c->render(json => { err => 1, message => $message });
+    if (!$user->{login}) {
+        $c->render(json => { error => 1, message => "you are not a login user." });
         $c->rendered(400);
         return;
     }
 
-    if ($data->{action} eq 'preview') {
-        $data->{journal} = $util->clean_html($allowed, $params->{article});
-        $data->{title} = $params->{description};
-        $c->render(json => $data);
+    if ($data->{type} eq "config") {
+        my $new_cfg = $users->update(target => 'config', uid => $user->{uid}, config => $data->{config});
+        if ($new_cfg) {
+            # update session cache
+            $user->{config} = $new_cfg;
+            $user->{configJSON} = encode_json($new_cfg);
+            my $session = $c->session('session');
+            $c->kvs->hset('sessions', $session->{token}, $user);
+
+            $c->render(json => {config => $new_cfg, message => ""});
+            return;
+        }
+        $c->render(json => { error => 1, message => $users->last_error });
+        $c->rendered(500);
         return;
     }
-    elsif ($params->{action} eq 'post') {
-        my $journal_id = $journals->create($params, $user, $extra_params, $opts);
-        if ($journal_id) {
-            $c->render(json => {type => "journal", id => $journal_id});
-        }
-        else {
-            if ($journals->last_errorno && $journals->last_errorno == 1062) { #ER_DUP_ENTRY
-                $c->rendered(409);
-                return;
-            }
-            $c->render(json => { err => 1, message => $journals->last_error });
-            $c->rendered(500);
-        }
+    $message = "invalid request";
+    if (length($message) > 0) {
+        $c->render(json => { error => 1, message => $message });
+        $c->rendered(400);
+        return;
     }
+    return;
 }
 
 1;