return-to-ritherdon
/
ritherdon-archive
1
0
Fork 0
Code Issues 2 Pull Requests Projects 1 Releases Wiki Activity
Browse Source

add /storage/upload defroutes (single and multi file uploads).

stable
Craig Oates 2 years ago
parent
a855d9db90
commit
c4f9f52ba8
1 changed files with 52 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 52
      src/web.lisp

52
src/web.lisp
Unescape View File

@ -738,6 +738,58 @@
(progn (utils:set-alert "You are not authorised to delete page.")
(redirect "/login")))))))
(defroute ("/storage/upload" :method :POST) ()
(destructuring-bind
(&key storage-file authenticity-token &allow-other-keys)
(utils:request-params
(lack.request:request-body-parameters ningle:*request*))
(if (not (string= authenticity-token (auth:csrf-token)))
`(,+forbidden+ (:content-type "text/plain") ("Denied"))
(hermetic:auth
(:logged-in)
;; Authorised
(cond ((utils:string-is-nil-or-empty? (cadr storage-file))
(utils:set-alert "No file provided..")
(redirect "/dashboard"))
(t (storage:store-file
"" "media"
(utils:slugify (second storage-file)) storage-file)
(utils:set-alert "File uploaded.")
(redirect "/dashboard")))
;; Not Authorised
(progn
(utils:set-alert "You are not authorised to view this page.")
(redirect "/login"))))))
(defroute ("/storage/multi-upload" :method :POST) ()
(destructuring-bind
(&key authenticity-token &allow-other-keys)
(utils:request-params
(lack.request:request-body-parameters ningle:*request*))
(if (not (string= authenticity-token (auth:csrf-token)))
`(,+forbidden+ (:content-type "text/plain") ("Denied"))
(let ((files (utils:separate-files-in-web-request
(lack.request:request-body-parameters ningle:*request*)
"STORAGE-FILES")))
(format t "[INFO] Files: ~a" (length files))
(hermetic:auth
(:logged-in)
;; Authorised
(cond ((utils:string-is-nil-or-empty? (caddr (car files)))
(utils:set-alert "No files provided.")
(redirect "/dashboard"))
(t (loop :for item :in files :do
(storage:store-file
"" "media"
(utils:slugify (caddr item)) (cdr item)))
(utils:set-alert "File uploaded.")
(redirect "/dashboard")))
;; Not Authorised
(progn
(utils:set-alert "You are not authorised to view this page.")
(redirect "/login")))))))
;;
;; Error pages

Write Preview
Loading…
Cancel
Save