From db249816414b0ba095bc722a195cfd74e2ce35b6 Mon Sep 17 00:00:00 2001
From: gmemstr <bladesimmer@gmail.com>
Date: Mon, 8 Jan 2018 13:45:50 -0800
Subject: [PATCH] New config route for editing & getting config

Now that config no longer handles sensitive account info it's fine to pass this to client. Debating whether to allow anyone to fetch config, but for now restricted to level 2 user accounts.
---
 admin/admin.go   | 59 ++++++++++++++++++++++++++++++++++++++++++++++++
 router/router.go |  5 ++++
 2 files changed, 64 insertions(+)

diff --git a/admin/admin.go b/admin/admin.go
index 2178d90..06fb01f 100644
--- a/admin/admin.go
+++ b/admin/admin.go
@@ -47,6 +47,65 @@ type Config struct {
  * able to have access to, mostly user management.
  */
 
+func ConfigurationManager() common.Handler {
+
+	return func(rc *common.RouterContext, w http.ResponseWriter, r *http.Request) *common.HTTPError {
+
+		if r.Method == "GET" {
+			return common.ReadAndServeFile("assets/config/config.json", w)
+		}
+		fmt.Println(r.Host)
+		err := r.ParseMultipartForm(32 << 20)
+		if err != nil {
+			return &common.HTTPError{
+				Message:    err.Error(),
+				StatusCode: http.StatusBadRequest,
+			}
+		}
+		file, handler, err := r.FormFile("image")
+		if err == nil {
+			defer file.Close()
+			fmt.Println(handler.Header)
+			f, err := os.OpenFile("./assets/web/static/podcastimage.png", os.O_WRONLY|os.O_CREATE, 0666)
+			if err != nil {
+				w.Write([]byte("<script>window.location = '/admin#failed';</script>"))
+
+				fmt.Println(err)
+				return nil
+			}
+			defer f.Close()
+			io.Copy(f, file)
+		} else {
+			// Do nothing, assume no image was uploaded :(
+		}
+		newconfig := Config{
+			strings.Join(r.Form["feedname"], ""),
+			strings.Join(r.Form["host"], ""),
+			strings.Join(r.Form["email"], ""),
+			strings.Join(r.Form["description"], ""),
+			r.Host + "/assets/podcastimage.png",
+			"http://" + r.Host,
+		}
+		newconfigjson, err := json.Marshal(newconfig)
+		if err != nil {
+			return &common.HTTPError{
+				Message:    err.Error(),
+				StatusCode: http.StatusBadRequest,
+			}
+		}
+		err = ioutil.WriteFile("./assets/config/config.json", newconfigjson, 0644)
+		if err != nil {
+			return &common.HTTPError{
+				Message:    err.Error(),
+				StatusCode: http.StatusBadRequest,
+			}
+		}
+		w.Write([]byte("<script>window.location = '/admin#/Settings#saved';</script>"))
+		return nil
+	}
+
+}
+
 func AddUser() common.Handler {
 
 	return func(rc *common.RouterContext, w http.ResponseWriter, r *http.Request) *common.HTTPError {
diff --git a/router/router.go b/router/router.go
index 4a882c9..efe4a0d 100644
--- a/router/router.go
+++ b/router/router.go
@@ -120,6 +120,11 @@ func Init() *mux.Router {
 		admin.ListUsers(),
 	)).Methods("GET")
 
+	r.Handle("/admin/settings", Handle(
+		auth.RequireAuthorization(2),
+		admin.ConfigurationManager(),
+	)).Methods("GET", "POST")
+
 	return r
 }