implement back-end for /danger/create-snapshot-download defroute.

This route zips up the specified Snapshot and moves it to the /storage/media
directory. I was originally planning of having the user download the Snapshot at
this point but I decided to change how this works.

I decided to go with the 'zip up a Snapshot and move it to /storage/media'
because I didn't want to re-implement the 'download' functionality outsite of
the /storage features. Maintaining two 'download' sections is not something I
want to be doing -- that is what the /storage section is for (sort out the
downloading). Doing this way, also, adds another chance place for the site's
data to be recovered from.

src/web.lisp

@@ -15,6 +15,7 @@
 	#:utils
 	#:validation
 	#:user
+        #:zip
 	#:nera-db
 	#:files
         #:search
@@ -1706,15 +1707,52 @@
               (cond ((validation::string-is-nil-or-empty? snapshot-name)
                      (utils:set-alert "No Snapshot Name provided." "missing-data")
                      (redirect "/danger/manage-snapshots"))
-                    ;; Check snapshot exists here...
                     ((not (storage:raw-directory-exists?
-                            (format nil "snapshots/~a/" snapshot-name)))
+                           (format nil "snapshots/~a/" snapshot-name)))
                      (utils:set-alert "Cannot find selected Snapshot." "invalid-data")
                      (redirect "/danger/manage-snapshots"))
-                    (t
-                     (snapshot:delete-snapshot snapshot-name)
-                     (utils:set-alert "Snapshot deleted." "success")
-                     (redirect "/danger/manage-snapshots")))
+                    (t (snapshot:delete-snapshot snapshot-name)
+                       (utils:set-alert "Snapshot deleted." "success")
+                       (redirect "/danger/manage-snapshots")))
+	      ;; Not Authorised
+	      (progn (utils:set-alert
+                      "You are not authorised to delete page." "error")
+		     (redirect "/login")))))))
+
+
+(defroute ("/danger/create-snapshot-download" :method :POST) ()
+  (destructuring-bind
+      (&key snapshot-name authenticity-token &allow-other-keys)
+      (utils:request-params (lack.request:request-body-parameters ningle:*request*))
+    (cond ((not (string= authenticity-token (auth:csrf-token)))
+	   `(,+forbidden+ (:content-type "text/plain") ("Denied")))
+	  (t (hermetic:auth
+	      (:administrator)
+	      ;; Authorised
+              (cond ((validation::string-is-nil-or-empty? snapshot-name)
+                     (utils:set-alert "No Snapshot Name provided." "missing-data")
+                     (redirect "/danger/manage-snapshots"))
+                    ((not (storage:raw-directory-exists?
+                           (format nil "snapshots/~a/" snapshot-name)))
+                     (utils:set-alert "Cannot find selected Snapshot." "invalid-data")
+                     (redirect "/danger/manage-snapshots"))
+                    ((storage:file-exists-p
+                      "" "media" (format nil "~a.zip" snapshot-name))
+                     (utils:set-alert
+                      "Snapshot already prepared and moved to Storage Files"
+                      "invalid-data")
+                     (redirect "/danger/manage-snapshots"))
+                    (t (zip:zip
+                        (storage:make-path
+                         "" "media" (format nil "~a.zip"snapshot-name))
+                        (storage:make-raw-path
+                         (format nil "snapshots/~a/" snapshot-name)))
+                       (nera:add-storage-file
+                        (format nil "~a.zip"snapshot-name)
+                        (format nil "~a-zip"snapshot-name)
+                        "application/zip")
+                       (utils:set-alert "Snapshot ready for download." "success")
+                       (redirect "/danger/manage-snapshots")))
 	      ;; Not Authorised
 	      (progn (utils:set-alert
                       "You are not authorised to delete page." "error")