sub post {
my $c = shift;
- my $params = {};
- my $extra_params = {};
- my $opts = {};
-
my $user = $c->stash('user');
-
- my $journals = $c->model('journals');
my $users = $c->model('users');
- my $util = $c->model('util');
-
- my $allowed_tags = <<'EOT';
-{
- "a": ["href"],
- "blockquote": [],
- "i": [],
- "strong": []
-}
-EOT
- #my $allowed = decode_json($allowed_tags);
- my $allowed = {
- 'b' => [],
- 'i' => [],
- 'p' => [],
- 'br' => [],
- 'a' => ['href',],
- 'ol' => ['start',],
- 'ul' => [],
- 'li' => [],
- 'dl' => [],
- 'dt' => [],
- 'dd' => [],
- 'em' => [],
- 'strong' => [],
- 'tt' => [],
- 'blockquote' => ['title', 'cite',],
- 'div' => [],
- 'ecode' => [],
- 'del' => [],
- 'ins' => [],
- 'sub' => [],
- 'sup' => [],
- 'quote' => [],
- 'strike' => [],
- };
my $data = $c->req->json;
my $message = "";
- $params->{description} = $util->escape_html({}, $data->{title});
- $message = "no title!" if !$params->{description};
-
- # check user is valid
- if (!defined $user || !$user->{login}) {
- $message = "invalid author";
- }
- $params->{uid} = $user->{uid};
- $params->{article} = $data->{introtext};
- $params->{commentstatus} = $data->{commentstatus};
- $params->{action} = $data->{action} || 'preview';
- $params->{posttype} = $data->{posttype};
- $params->{tid} = $data->{tid};
-
- if ($data->{submissioncopy}) {
- $params->{promotetype} = "publicize";
- }
- else {
- $params->{promotetype} = "public";
- }
-
- # TODO: can select topics
- #$params->{topics_chosen} = { 49 => 10, }; # tid => weight
-
- #$extra_params->{createheaders} = $c->req->headers->to_string;
-
- if (length($message) > 0) {
- $c->render(json => { err => 1, message => $message });
+ if (!$user->{login}) {
+ $c->render(json => { error => 1, message => "you are not a login user." });
$c->rendered(400);
return;
}
- if ($data->{action} eq 'preview') {
- $data->{journal} = $util->clean_html($allowed, $params->{article});
- $data->{title} = $params->{description};
- $c->render(json => $data);
+ if ($data->{type} eq "config") {
+ my $new_cfg = $users->update(target => 'config', uid => $user->{uid}, config => $data->{config});
+ if ($new_cfg) {
+ # update session cache
+ $user->{config} = $new_cfg;
+ $user->{configJSON} = encode_json($new_cfg);
+ my $session = $c->session('session');
+ $c->kvs->hset('sessions', $session->{token}, $user);
+
+ $c->render(json => {config => $new_cfg, message => ""});
+ return;
+ }
+ $c->render(json => { error => 1, message => $users->last_error });
+ $c->rendered(500);
return;
}
- elsif ($params->{action} eq 'post') {
- my $journal_id = $journals->create($params, $user, $extra_params, $opts);
- if ($journal_id) {
- $c->render(json => {type => "journal", id => $journal_id});
- }
- else {
- if ($journals->last_errorno && $journals->last_errorno == 1062) { #ER_DUP_ENTRY
- $c->rendered(409);
- return;
- }
- $c->render(json => { err => 1, message => $journals->last_error });
- $c->rendered(500);
- }
+ $message = "invalid request";
+ if (length($message) > 0) {
+ $c->render(json => { error => 1, message => $message });
+ $c->rendered(400);
+ return;
}
+ return;
}
1;