From 3937b626e87b33e08df50c0b6fc39d533434334c Mon Sep 17 00:00:00 2001 From: Craig Oates Date: Sat, 17 Sep 2022 11:50:43 +0100 Subject: [PATCH] finish implementing the /create/page defroute (HTTP POST). --- src/web.lisp | 38 +++++++++++++++++++++++++++++++++----- 1 file changed, 33 insertions(+), 5 deletions(-) diff --git a/src/web.lisp b/src/web.lisp index a29ceed..e0d93a5 100644 --- a/src/web.lisp +++ b/src/web.lisp @@ -347,15 +347,43 @@ (utils:set-alert "You are not logged in.") (redirect "/login")))) -;; TODO: UP-TO-HERE. NEED TO GET NIC TO DECIDE ON WHAT SHE ACTUALLY WANTS BEFORE -;; I CAN FLUSH OUT HOW AND WHAT IS SAVED TO THE DATABASE (LOCAL) AND WHAT IS -;; PUSHED TO MEILISEARCH DATABASE (IF USED). (defroute ("/create/page" :method :POST) () (destructuring-bind - (&key authenticity-token page-content &allow-other-keys) + (&key title page-content authenticity-token &allow-other-keys) (utils:request-params (lack.request:request-body-parameters ningle:*request*)) (format t "~a" page-content) - (redirect "/create/page"))) + (cond ((not (string= authenticity-token (auth:csrf-token))) + `(,+forbidden+ (:content-type "text/plain") ("Denied"))) + (t (hermetic:auth + (:logged-in) + ;; Authorised + (cond ((utils:string-is-nil-or-empty? title) + (render + "/user/create-page.html" + (append (auth:auth-user-data) + `(:alert "Title not provided. Unable to save page." + :title ,title + :data ,page-content)))) + + ((storage:file-exists-p + "" "pages" (format nil "~a.html" (utils:slugify title))) + (render + "/user/create-page.html" + (append (auth:auth-user-data) + `(:alert "Page with that title already exists. Unable to save page." + :title ,title + :data ,page-content)))) + + (t (storage:store-text + "" ; `USERNAME' blank because it's not used/needed. + "pages" + (format nil "~a.html" (utils:slugify title)) + page-content) + (utils:set-alert "Page created.") + (redirect "/dashboard"))) + ;; Not Authorised + (progn (utils:set-alert "You are not logged in.") + (redirect "/login"))))))) ;; ;; Error pages