|
|
|
@ -738,6 +738,58 @@
|
|
|
|
|
(progn (utils:set-alert "You are not authorised to delete page.") |
|
|
|
|
(redirect "/login"))))))) |
|
|
|
|
|
|
|
|
|
(defroute ("/storage/upload" :method :POST) () |
|
|
|
|
(destructuring-bind |
|
|
|
|
(&key storage-file authenticity-token &allow-other-keys) |
|
|
|
|
(utils:request-params |
|
|
|
|
(lack.request:request-body-parameters ningle:*request*)) |
|
|
|
|
(if (not (string= authenticity-token (auth:csrf-token))) |
|
|
|
|
`(,+forbidden+ (:content-type "text/plain") ("Denied")) |
|
|
|
|
(hermetic:auth |
|
|
|
|
(:logged-in) |
|
|
|
|
;; Authorised |
|
|
|
|
(cond ((utils:string-is-nil-or-empty? (cadr storage-file)) |
|
|
|
|
(utils:set-alert "No file provided..") |
|
|
|
|
(redirect "/dashboard")) |
|
|
|
|
|
|
|
|
|
(t (storage:store-file |
|
|
|
|
"" "media" |
|
|
|
|
(utils:slugify (second storage-file)) storage-file) |
|
|
|
|
(utils:set-alert "File uploaded.") |
|
|
|
|
(redirect "/dashboard"))) |
|
|
|
|
;; Not Authorised |
|
|
|
|
(progn |
|
|
|
|
(utils:set-alert "You are not authorised to view this page.") |
|
|
|
|
(redirect "/login")))))) |
|
|
|
|
|
|
|
|
|
(defroute ("/storage/multi-upload" :method :POST) () |
|
|
|
|
(destructuring-bind |
|
|
|
|
(&key authenticity-token &allow-other-keys) |
|
|
|
|
(utils:request-params |
|
|
|
|
(lack.request:request-body-parameters ningle:*request*)) |
|
|
|
|
(if (not (string= authenticity-token (auth:csrf-token))) |
|
|
|
|
`(,+forbidden+ (:content-type "text/plain") ("Denied")) |
|
|
|
|
(let ((files (utils:separate-files-in-web-request |
|
|
|
|
(lack.request:request-body-parameters ningle:*request*) |
|
|
|
|
"STORAGE-FILES"))) |
|
|
|
|
(format t "[INFO] Files: ~a" (length files)) |
|
|
|
|
(hermetic:auth |
|
|
|
|
(:logged-in) |
|
|
|
|
;; Authorised |
|
|
|
|
(cond ((utils:string-is-nil-or-empty? (caddr (car files))) |
|
|
|
|
(utils:set-alert "No files provided.") |
|
|
|
|
(redirect "/dashboard")) |
|
|
|
|
(t (loop :for item :in files :do |
|
|
|
|
(storage:store-file |
|
|
|
|
"" "media" |
|
|
|
|
(utils:slugify (caddr item)) (cdr item))) |
|
|
|
|
(utils:set-alert "File uploaded.") |
|
|
|
|
(redirect "/dashboard"))) |
|
|
|
|
;; Not Authorised |
|
|
|
|
(progn |
|
|
|
|
(utils:set-alert "You are not authorised to view this page.") |
|
|
|
|
(redirect "/login"))))))) |
|
|
|
|
|
|
|
|
|
;; |
|
|
|
|
;; Error pages |
|
|
|
|
|
|
|
|
|