2017-07-25 15:39:49 +01:00
|
|
|
/* admin.go
|
2017-09-21 20:10:16 +01:00
|
|
|
*
|
2017-07-25 15:39:49 +01:00
|
|
|
* Here is where all the neccesary functions for managing episodes
|
|
|
|
* live, e.g adding removing etc.
|
2017-09-11 20:12:24 +01:00
|
|
|
*/
|
2017-07-25 15:39:49 +01:00
|
|
|
|
2017-10-05 06:48:02 +01:00
|
|
|
package admin
|
2017-07-15 16:06:37 +01:00
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
2017-07-16 18:43:47 +01:00
|
|
|
"io"
|
2017-09-21 20:10:16 +01:00
|
|
|
"io/ioutil"
|
|
|
|
"net/http"
|
2017-09-29 19:29:36 +01:00
|
|
|
"os"
|
2017-09-21 20:10:16 +01:00
|
|
|
"strings"
|
2017-10-28 01:41:28 +01:00
|
|
|
"encoding/json"
|
2017-10-26 05:34:15 +01:00
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
|
|
"database/sql"
|
|
|
|
|
|
|
|
_ "github.com/mattn/go-sqlite3"
|
2017-10-05 06:48:02 +01:00
|
|
|
|
2017-10-05 20:27:55 +01:00
|
|
|
"github.com/gmemstr/pogo/common"
|
2017-09-11 20:12:24 +01:00
|
|
|
)
|
2017-10-28 01:41:28 +01:00
|
|
|
type User struct {
|
|
|
|
Id int `json:"id"`
|
|
|
|
Dbun string `json:"username"`
|
|
|
|
Dbrn string `json:"realname"`
|
|
|
|
Dbem string `json:"email"`
|
|
|
|
}
|
|
|
|
type UserList struct {
|
|
|
|
Users []User
|
|
|
|
}
|
2017-09-19 20:28:59 +01:00
|
|
|
|
2017-10-26 05:34:15 +01:00
|
|
|
// Add user to the SQLite3 database
|
2017-10-26 05:12:40 +01:00
|
|
|
func AddUser() common.Handler {
|
|
|
|
|
|
|
|
return func(rc *common.RouterContext, w http.ResponseWriter, r *http.Request) *common.HTTPError {
|
|
|
|
|
2017-10-26 05:34:15 +01:00
|
|
|
db, err := sql.Open("sqlite3", "assets/config/users.db")
|
2017-10-26 05:12:40 +01:00
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
2017-10-26 05:34:15 +01:00
|
|
|
Message: fmt.Sprintf("error opening sqlite3 file: %v", err),
|
|
|
|
StatusCode: http.StatusInternalServerError,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
statement, err := db.Prepare("INSERT INTO users(username,hash,realname,email) VALUES (?,?,?,?)")
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: fmt.Sprintf("error preparing sqlite3 statement: %v", err),
|
|
|
|
StatusCode: http.StatusInternalServerError,
|
2017-10-26 05:12:40 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-10-26 17:03:54 +01:00
|
|
|
err = r.ParseMultipartForm(32 << 20)
|
2017-10-26 05:12:40 +01:00
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: err.Error(),
|
|
|
|
StatusCode: http.StatusBadRequest,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-10-26 05:34:15 +01:00
|
|
|
username := strings.Join(r.Form["username"], "")
|
2017-10-26 05:12:40 +01:00
|
|
|
password := strings.Join(r.Form["password"], "")
|
|
|
|
realname := strings.Join(r.Form["realname"], "")
|
|
|
|
email := strings.Join(r.Form["email"], "")
|
|
|
|
|
2017-10-26 17:03:54 +01:00
|
|
|
hash, err := bcrypt.GenerateFromPassword([]byte(password), 4)
|
2017-10-26 05:12:40 +01:00
|
|
|
|
2017-10-26 17:03:54 +01:00
|
|
|
_, err = statement.Exec(username,hash,realname,email)
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: fmt.Sprintf("error executing sqlite3 statement: %v", err),
|
|
|
|
StatusCode: http.StatusInternalServerError,
|
|
|
|
}
|
|
|
|
}
|
2017-10-26 05:34:15 +01:00
|
|
|
w.Write([]byte("<script>window.location = '/admin#/users/added';</script>"))
|
|
|
|
db.Close()
|
2017-10-26 05:12:40 +01:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2017-11-17 21:59:53 +00:00
|
|
|
func EditUser() common.Handler {
|
|
|
|
|
|
|
|
return func(rc *common.RouterContext, w http.ResponseWriter, r *http.Request) *common.HTTPError {
|
|
|
|
db, err := sql.Open("sqlite3", "assets/config/users.db")
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: fmt.Sprintf("error in reading user database: %v", err),
|
|
|
|
StatusCode: http.StatusInternalServerError,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
err = r.ParseMultipartForm(32 << 20)
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: err.Error(),
|
|
|
|
StatusCode: http.StatusBadRequest,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
id := strings.Join(r.Form["id"], "")
|
|
|
|
username := strings.Join(r.Form["username"], "")
|
|
|
|
password := strings.Join(r.Form["oldpw"], "")
|
|
|
|
newpassword := strings.Join(r.Form["newpw1"], "")
|
|
|
|
realname := strings.Join(r.Form["realname"], "")
|
|
|
|
email := strings.Join(r.Form["email"], "")
|
|
|
|
pwhash, err := bcrypt.GenerateFromPassword([]byte(password), 4)
|
|
|
|
|
|
|
|
statement, err := db.Prepare("UPDATE users SET username=?, hash=?, realname=?, email=? WHERE id=?")
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: fmt.Sprintf("error preparing sqlite3 statement: %v", err),
|
|
|
|
StatusCode: http.StatusInternalServerError,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
pwstatement, err := db.Prepare("SELECT hash FROM users WHERE id=?")
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: fmt.Sprintf("error preparing sqlite3 statement: %v", err),
|
|
|
|
StatusCode: http.StatusInternalServerError,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
tmp, err := pwstatement.Query(id)
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: fmt.Sprintf("error executing sqlite3 statement: %v", err),
|
|
|
|
StatusCode: http.StatusInternalServerError,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
var hash []byte
|
|
|
|
|
|
|
|
for tmp.Next() {
|
|
|
|
err = tmp.Scan(&hash)
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: fmt.Sprintf("error executing sqlite3 statement: %v", err),
|
|
|
|
StatusCode: http.StatusInternalServerError,
|
|
|
|
}
|
2017-11-19 19:11:46 +00:00
|
|
|
}
|
2017-11-17 21:59:53 +00:00
|
|
|
}
|
|
|
|
fmt.Println(hash)
|
|
|
|
if bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)) != nil {
|
|
|
|
fmt.Println("Passwords do not match")
|
|
|
|
w.Write([]byte("<script>window.location = '/admin#/users/editerror';</script>"))
|
|
|
|
db.Close()
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if newpassword != "" {
|
|
|
|
pwhash, err = bcrypt.GenerateFromPassword([]byte(newpassword), 4)
|
|
|
|
}
|
|
|
|
|
|
|
|
_, err = statement.Exec(username,pwhash,realname,email,id)
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: fmt.Sprintf("error executing sqlite3 statement: %v", err),
|
|
|
|
StatusCode: http.StatusInternalServerError,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
w.Write([]byte("<script>window.location = '/admin#/users/edited';</script>"))
|
|
|
|
db.Close()
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-10-28 01:41:28 +01:00
|
|
|
func ListUsers() common.Handler {
|
|
|
|
|
|
|
|
return func(rc *common.RouterContext, w http.ResponseWriter, r *http.Request) *common.HTTPError {
|
|
|
|
|
|
|
|
db, err := sql.Open("sqlite3", "assets/config/users.db")
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: fmt.Sprintf("error in reading user database: %v", err),
|
|
|
|
StatusCode: http.StatusInternalServerError,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// NEVER SELECT hash ENTRY
|
|
|
|
statement, err := db.Prepare("SELECT id,username,realname,email FROM users")
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: fmt.Sprintf("error in reading user database: %v", err),
|
|
|
|
StatusCode: http.StatusInternalServerError,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
rows, err := statement.Query()
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: fmt.Sprintf("error in executing user SELECT: %v", err),
|
|
|
|
StatusCode: http.StatusInternalServerError,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
res := []User{}
|
|
|
|
|
|
|
|
for rows.Next() {
|
|
|
|
var u User
|
|
|
|
err := rows.Scan(&u.Id, &u.Dbun, &u.Dbrn, &u.Dbem)
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: fmt.Sprintf("error in decoding sql data", err),
|
|
|
|
StatusCode: http.StatusBadRequest,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
res = append(res, u)
|
|
|
|
}
|
|
|
|
fin, err := json.Marshal(res)
|
|
|
|
w.Write(fin)
|
2017-10-28 01:45:24 +01:00
|
|
|
db.Close()
|
2017-10-28 01:41:28 +01:00
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-09-11 18:10:35 +01:00
|
|
|
// Write custom CSS to disk or send it back to the client if GET
|
2017-10-05 06:48:02 +01:00
|
|
|
|
|
|
|
func CustomCss() common.Handler {
|
|
|
|
|
|
|
|
return func(rc *common.RouterContext, w http.ResponseWriter, r *http.Request) *common.HTTPError {
|
|
|
|
|
|
|
|
if r.Method == "GET" {
|
|
|
|
return common.ReadAndServeFile("assets/web/static/custom.css", w)
|
|
|
|
}
|
|
|
|
|
|
|
|
err := r.ParseMultipartForm(32 << 20)
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: err.Error(),
|
|
|
|
StatusCode: http.StatusBadRequest,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-09-03 17:53:17 +01:00
|
|
|
css := strings.Join(r.Form["css"], "")
|
|
|
|
|
|
|
|
filename := "custom.css"
|
|
|
|
|
2017-10-05 06:48:02 +01:00
|
|
|
err = ioutil.WriteFile("./assets/web/static/"+filename, []byte(css), 0644)
|
|
|
|
|
2017-09-21 20:10:16 +01:00
|
|
|
if err != nil {
|
2017-09-07 21:45:21 +01:00
|
|
|
w.Write([]byte("<script>window.location = '/admin#failed';</script>"))
|
2017-09-21 20:10:16 +01:00
|
|
|
panic(err)
|
2017-09-03 17:53:17 +01:00
|
|
|
} else {
|
2017-09-21 20:10:16 +01:00
|
|
|
w.Write([]byte("<script>window.location = '/admin#cssupdated';</script>"))
|
2017-09-03 17:53:17 +01:00
|
|
|
}
|
2017-10-05 06:48:02 +01:00
|
|
|
return nil
|
2017-09-03 17:53:17 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-10-09 03:24:38 +01:00
|
|
|
func EditEpisode() common.Handler {
|
|
|
|
return func(rc *common.RouterContext, w http.ResponseWriter, r *http.Request) *common.HTTPError {
|
|
|
|
err := r.ParseMultipartForm(32 << 20)
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: err.Error(),
|
|
|
|
StatusCode: http.StatusBadRequest,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
PreviousFilename := strings.Join(r.Form["previousfilename"], "")
|
|
|
|
|
|
|
|
date := strings.Join(r.Form["date"], "")
|
|
|
|
title := strings.Join(r.Form["title"], "")
|
|
|
|
|
|
|
|
name := fmt.Sprintf("%v_%v", date, title)
|
|
|
|
filename := "./podcasts/" + name + ".mp3"
|
|
|
|
shownotes := "./podcasts/" + name + "_SHOWNOTES.md"
|
|
|
|
fmt.Println(filename)
|
|
|
|
description := strings.Join(r.Form["description"], "")
|
|
|
|
|
|
|
|
if ("./podcasts" + PreviousFilename + ".mp3" != filename) {
|
|
|
|
err = os.Rename("./podcasts/" + PreviousFilename + ".mp3", filename)
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: err.Error(),
|
|
|
|
StatusCode: http.StatusBadRequest,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
err = os.Rename("./podcasts/" + PreviousFilename + "_SHOWNOTES.md", shownotes)
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: err.Error(),
|
|
|
|
StatusCode: http.StatusBadRequest,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
err = ioutil.WriteFile(shownotes, []byte(description), 0644)
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: err.Error(),
|
|
|
|
StatusCode: http.StatusBadRequest,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
w.Write([]byte("<script>window.location = '/admin#published';</script>"))
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-10-05 06:48:02 +01:00
|
|
|
func CreateEpisode() common.Handler {
|
|
|
|
return func(rc *common.RouterContext, w http.ResponseWriter, r *http.Request) *common.HTTPError {
|
|
|
|
err := r.ParseMultipartForm(32 << 20)
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: err.Error(),
|
|
|
|
StatusCode: http.StatusBadRequest,
|
|
|
|
}
|
|
|
|
}
|
2017-09-07 04:02:14 +01:00
|
|
|
|
|
|
|
// Build filename for episode
|
2017-07-16 18:43:47 +01:00
|
|
|
date := strings.Join(r.Form["date"], "")
|
|
|
|
title := strings.Join(r.Form["title"], "")
|
|
|
|
|
2017-09-21 20:10:16 +01:00
|
|
|
name := fmt.Sprintf("%v_%v", date, title)
|
2017-07-16 18:43:47 +01:00
|
|
|
filename := name + ".mp3"
|
|
|
|
shownotes := name + "_SHOWNOTES.md"
|
|
|
|
description := strings.Join(r.Form["description"], "")
|
2017-09-21 20:10:16 +01:00
|
|
|
// Finish building filenames
|
2017-07-16 18:43:47 +01:00
|
|
|
|
2017-10-05 06:48:02 +01:00
|
|
|
err = ioutil.WriteFile("./podcasts/"+shownotes, []byte(description), 0644)
|
2017-09-21 20:10:16 +01:00
|
|
|
if err != nil {
|
2017-09-07 21:45:21 +01:00
|
|
|
w.Write([]byte("<script>window.location = '/admin#failed';</script>"))
|
2017-09-21 20:10:16 +01:00
|
|
|
fmt.Println(err)
|
|
|
|
}
|
2017-07-16 18:43:47 +01:00
|
|
|
|
|
|
|
file, handler, err := r.FormFile("file")
|
2017-09-21 20:10:16 +01:00
|
|
|
if err != nil {
|
2017-09-07 21:45:21 +01:00
|
|
|
w.Write([]byte("<script>window.location = '/admin#failed';</script>"))
|
|
|
|
|
2017-09-21 20:10:16 +01:00
|
|
|
fmt.Println(err)
|
2017-10-05 06:48:02 +01:00
|
|
|
return nil
|
2017-09-21 20:10:16 +01:00
|
|
|
}
|
|
|
|
defer file.Close()
|
|
|
|
fmt.Println(handler.Header)
|
|
|
|
f, err := os.OpenFile("./podcasts/"+filename, os.O_WRONLY|os.O_CREATE, 0666)
|
|
|
|
if err != nil {
|
2017-09-07 21:45:21 +01:00
|
|
|
w.Write([]byte("<script>window.location = '/admin#failed';</script>"))
|
|
|
|
|
2017-09-21 20:10:16 +01:00
|
|
|
fmt.Println(err)
|
2017-10-05 06:48:02 +01:00
|
|
|
return nil
|
2017-09-21 20:10:16 +01:00
|
|
|
}
|
|
|
|
defer f.Close()
|
|
|
|
io.Copy(f, file)
|
|
|
|
w.Write([]byte("<script>window.location = '/admin#published';</script>"))
|
2017-10-05 06:48:02 +01:00
|
|
|
|
|
|
|
return nil
|
2017-07-16 18:43:47 +01:00
|
|
|
}
|
2017-07-25 15:39:49 +01:00
|
|
|
}
|
|
|
|
|
2017-10-05 06:48:02 +01:00
|
|
|
func RemoveEpisode() common.Handler {
|
|
|
|
return func(rc *common.RouterContext, w http.ResponseWriter, r *http.Request) *common.HTTPError {
|
|
|
|
// Episode should be the full MP3 filename
|
|
|
|
// Remove MP3 first
|
|
|
|
err := r.ParseMultipartForm(32 << 20)
|
|
|
|
if err != nil {
|
|
|
|
return &common.HTTPError{
|
|
|
|
Message: err.Error(),
|
|
|
|
StatusCode: http.StatusBadRequest,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
episode := strings.Join(r.Form["episode"], "")
|
|
|
|
os.Remove(episode)
|
|
|
|
sn := strings.Replace(episode, ".mp3", "_SHOWNOTES.md", 2)
|
|
|
|
os.Remove(sn)
|
2017-09-07 04:03:24 +01:00
|
|
|
|
2017-10-05 06:48:02 +01:00
|
|
|
return nil
|
|
|
|
}
|
2017-09-11 18:10:35 +01:00
|
|
|
}
|