From: hylom Date: Fri, 25 Nov 2016 11:57:16 +0000 (+0900) Subject: Controller::API::User: implement post handler X-Git-Tag: v0.1.0~30 X-Git-Url: http://git.osdn.net/view?p=newslash%2Fnewslash.git;a=commitdiff_plain;h=8e3b780a57513ddbd6a21c669c6d519559fa7c3e Controller::API::User: implement post handler --- diff --git a/src/newslash_web/lib/Newslash/Web/Controller/API/User.pm b/src/newslash_web/lib/Newslash/Web/Controller/API/User.pm index 7b717ca2..84339dbf 100644 --- a/src/newslash_web/lib/Newslash/Web/Controller/API/User.pm +++ b/src/newslash_web/lib/Newslash/Web/Controller/API/User.pm @@ -29,106 +29,41 @@ sub get { sub post { my $c = shift; - my $params = {}; - my $extra_params = {}; - my $opts = {}; - my $user = $c->stash('user'); - - my $journals = $c->model('journals'); my $users = $c->model('users'); - my $util = $c->model('util'); - - my $allowed_tags = <<'EOT'; -{ - "a": ["href"], - "blockquote": [], - "i": [], - "strong": [] -} -EOT - #my $allowed = decode_json($allowed_tags); - my $allowed = { - 'b' => [], - 'i' => [], - 'p' => [], - 'br' => [], - 'a' => ['href',], - 'ol' => ['start',], - 'ul' => [], - 'li' => [], - 'dl' => [], - 'dt' => [], - 'dd' => [], - 'em' => [], - 'strong' => [], - 'tt' => [], - 'blockquote' => ['title', 'cite',], - 'div' => [], - 'ecode' => [], - 'del' => [], - 'ins' => [], - 'sub' => [], - 'sup' => [], - 'quote' => [], - 'strike' => [], - }; my $data = $c->req->json; my $message = ""; - $params->{description} = $util->escape_html({}, $data->{title}); - $message = "no title!" if !$params->{description}; - - # check user is valid - if (!defined $user || !$user->{login}) { - $message = "invalid author"; - } - $params->{uid} = $user->{uid}; - $params->{article} = $data->{introtext}; - $params->{commentstatus} = $data->{commentstatus}; - $params->{action} = $data->{action} || 'preview'; - $params->{posttype} = $data->{posttype}; - $params->{tid} = $data->{tid}; - - if ($data->{submissioncopy}) { - $params->{promotetype} = "publicize"; - } - else { - $params->{promotetype} = "public"; - } - - # TODO: can select topics - #$params->{topics_chosen} = { 49 => 10, }; # tid => weight - - #$extra_params->{createheaders} = $c->req->headers->to_string; - - if (length($message) > 0) { - $c->render(json => { err => 1, message => $message }); + if (!$user->{login}) { + $c->render(json => { error => 1, message => "you are not a login user." }); $c->rendered(400); return; } - if ($data->{action} eq 'preview') { - $data->{journal} = $util->clean_html($allowed, $params->{article}); - $data->{title} = $params->{description}; - $c->render(json => $data); + if ($data->{type} eq "config") { + my $new_cfg = $users->update(target => 'config', uid => $user->{uid}, config => $data->{config}); + if ($new_cfg) { + # update session cache + $user->{config} = $new_cfg; + $user->{configJSON} = encode_json($new_cfg); + my $session = $c->session('session'); + $c->kvs->hset('sessions', $session->{token}, $user); + + $c->render(json => {config => $new_cfg, message => ""}); + return; + } + $c->render(json => { error => 1, message => $users->last_error }); + $c->rendered(500); return; } - elsif ($params->{action} eq 'post') { - my $journal_id = $journals->create($params, $user, $extra_params, $opts); - if ($journal_id) { - $c->render(json => {type => "journal", id => $journal_id}); - } - else { - if ($journals->last_errorno && $journals->last_errorno == 1062) { #ER_DUP_ENTRY - $c->rendered(409); - return; - } - $c->render(json => { err => 1, message => $journals->last_error }); - $c->rendered(500); - } + $message = "invalid request"; + if (length($message) > 0) { + $c->render(json => { error => 1, message => $message }); + $c->rendered(400); + return; } + return; } 1;