diff --git a/src/web.lisp b/src/web.lisp index 325f837..a81c7f3 100644 --- a/src/web.lisp +++ b/src/web.lisp @@ -114,7 +114,7 @@ (utils:set-alert "Passwords don't match." "invalid-data") (redirect "/sign-up")) ((find t (mapcar - #'utils:string-is-nil-or-empty? + #'validation:string-is-nil-or-empty? `(,username ,display-name ,password))) (utils:set-alert "Incomplete form. Please fill out every section." "missing-data") @@ -271,7 +271,7 @@ (hermetic:auth (:administrator) ;; Authorised (cond ((or (string= set-home-page "Select Page") - (utils:string-is-nil-or-empty? set-home-page)) + (validation:string-is-nil-or-empty? set-home-page)) (utils:set-alert "No value provided. Home page not changed." "missing-data") (redirect "/site-settings")) @@ -294,7 +294,7 @@ `(,+forbidden+ (:content-type "text/plain") ("Denied")) (hermetic:auth (:administrator) ;; Authorised - (cond ((utils:string-is-nil-or-empty? site-name) + (cond ((validation:string-is-nil-or-empty? site-name) (utils:set-alert "No value provided. Site name not changed." "missing-data") (redirect "/site-settings")) @@ -337,7 +337,7 @@ (hermetic:auth (:administrator) ;; Authorised - (cond ((utils:string-is-nil-or-empty? (cadr favicon-file)) + (cond ((validation:string-is-nil-or-empty? (cadr favicon-file)) (utils:set-alert "No file provided. Favicon not uploaded." "missing-data") (redirect "/site-settings")) @@ -391,7 +391,7 @@ (hermetic:auth (:administrator) ;; Authorised - (cond ((utils:string-is-nil-or-empty? (cadr site-logo)) + (cond ((validation:string-is-nil-or-empty? (cadr site-logo)) (utils:set-alert "No file provided. Site logo not uploaded." "missing-data") (redirect "/site-settings")) @@ -444,7 +444,7 @@ (utils:set-alert "Passwords don't match." "invalid-data") (redirect "/users")) ((find t (mapcar - #'utils:string-is-nil-or-empty? + #'validation:string-is-nil-or-empty? `(,username ,display-name ,password))) (utils:set-alert "Incomplete form. Please fill out every section." "missing-data") @@ -487,7 +487,7 @@ (t (hermetic:auth (:logged-in) ;; Authorised - (cond ((utils:string-is-nil-or-empty? display-name) + (cond ((validation:string-is-nil-or-empty? display-name) (utils:set-alert "Display name not entered." "missing-data") (redirect "/user/edit")) (t (nera-db:update-user @@ -510,7 +510,7 @@ (:logged-in) ;; Authorised (cond ((find t (mapcar - #'utils:string-is-nil-or-empty? + #'validation:string-is-nil-or-empty? `(,new-password ,password-check))) (utils:set-alert "Missing new password data. Make sure both password boxes are filled out." @@ -537,11 +537,11 @@ (t (hermetic:auth (:administrator) ;; Authorised - (cond ((utils:string-is-nil-or-empty? username) + (cond ((validation:string-is-nil-or-empty? username) (utils:set-alert "Username not provided. No change made." "missing-data") (redirect "/users")) - ((utils:string-is-nil-or-empty? password) + ((validation:string-is-nil-or-empty? password) (utils:set-alert "Password not provided. No change made." "missing-data") (redirect "/users")) @@ -568,7 +568,7 @@ (t (hermetic:auth (:administrator) ;; Authorised - (cond ((utils:string-is-nil-or-empty? username) + (cond ((validation:string-is-nil-or-empty? username) (utils:set-alert "Username not provided. Unable to delete account." "missing-data") (redirect "/users")) @@ -592,7 +592,7 @@ `(,+forbidden+ (:content-type "text/plain") ("Denied"))) (t (hermetic:auth (:logged-in) ;; Authorised - (cond ((utils:string-is-nil-or-empty? delete-account-check) + (cond ((validation:string-is-nil-or-empty? delete-account-check) (utils:set-alert "No username entered. Account not deleted." "missing-data") @@ -645,7 +645,7 @@ (t (hermetic:auth (:logged-in) ;; Authorised - (cond ((utils:string-is-nil-or-empty? title) + (cond ((validation:string-is-nil-or-empty? title) (render "/user/create-page.html" (append (auth:auth-user-data) @@ -734,7 +734,7 @@ (t (hermetic:auth (:logged-in) ;; Authorised - (cond ((utils:string-is-nil-or-empty? slug) + (cond ((validation:string-is-nil-or-empty? slug) (utils:set-alert "Page cannot be found." "missing-data") (redirect "/user/pages")) @@ -756,17 +756,17 @@ (t (hermetic:auth (:logged-in) ;; Authorised - (cond ((utils:string-is-nil-or-empty? slug) + (cond ((validation:string-is-nil-or-empty? slug) (utils:set-alert "Cannot find file. Unable to save changes." "missing-data") (redirect "/user/pages")) - ((utils:string-is-nil-or-empty? new-title) + ((validation:string-is-nil-or-empty? new-title) (utils:set-alert "No title provided. Unable to save changes." "missing-data") (redirect (format nil "/edit/page/~a" slug))) - ((utils:string-is-nil-or-empty? id) + ((validation:string-is-nil-or-empty? id) (utils:set-alert "No Id. found. Cannot find page in database." "missing-data") (redirect "/user/pages")) @@ -791,7 +791,7 @@ (t (hermetic:auth (:logged-in) ;; Authorised - (cond ((utils:string-is-nil-or-empty? slug) + (cond ((validation:string-is-nil-or-empty? slug) (utils:set-alert "Cannot find page in database." "missing-data") (redirect "/user/pages")) @@ -813,7 +813,7 @@ (t (hermetic:auth (:administrator) ;; Authorised - (cond ((utils:string-is-nil-or-empty? slug) + (cond ((validation:string-is-nil-or-empty? slug) (utils:set-alert "Cannot find page in database. Nothing deleted." "missing-data") (redirect "/user/pages")) @@ -892,7 +892,7 @@ (hermetic:auth (:logged-in) ;; Authorised - (cond ((utils:string-is-nil-or-empty? (caddr (car files))) + (cond ((validation:string-is-nil-or-empty? (caddr (car files))) (utils:set-alert "No files provided." "missing-data") (redirect "/storage/manage")) @@ -930,7 +930,7 @@ (hermetic:auth (:logged-in) ;; Authorised - (cond ((utils:string-is-nil-or-empty? new-file-name) + (cond ((validation:string-is-nil-or-empty? new-file-name) (utils:set-alert "No file name provided. Nothing updated." "missing-data") (redirect "/storage/manage")) @@ -1062,7 +1062,7 @@ (t (hermetic:auth (:logged-in) ;; Authorised - (cond ((find t (mapcar #'utils:string-is-nil-or-empty? `(,title ,month ,year))) + (cond ((find t (mapcar #'validation:string-is-nil-or-empty? `(,title ,month ,year))) (render "/user/create-archive.html" (append (auth:auth-user-data) @@ -1177,7 +1177,7 @@ (t (hermetic:auth (:administrator) ;; Authorised - (cond ((utils:string-is-nil-or-empty? archive-slug) + (cond ((validation:string-is-nil-or-empty? archive-slug) (utils:set-alert "No archive slug provided. Thumbnail not updated." "missing-data") @@ -1226,7 +1226,7 @@ (t (hermetic:auth (:administrator) ;; Authorised - (cond ((find t (mapcar #'utils:string-is-nil-or-empty? + (cond ((find t (mapcar #'validation:string-is-nil-or-empty? `(,id ,archive-slug ,new-title))) (utils:set-alert "Title and meta-data not provided. Archive entry not renamed." @@ -1283,7 +1283,7 @@ (t (hermetic:auth (:administrator) ;; Authorised - (cond ((find t (mapcar #'utils:string-is-nil-or-empty? + (cond ((find t (mapcar #'validation:string-is-nil-or-empty? `(,archive-slug ,month ,year))) (utils:set-alert "Full date not provided. Not updated." "missing-data") @@ -1331,7 +1331,7 @@ (t (hermetic:auth (:administrator) ;; Authorised - (cond ((find t (mapcar #'utils:string-is-nil-or-empty? + (cond ((find t (mapcar #'validation:string-is-nil-or-empty? `(,archive-slug ,new-keywords))) (utils:set-alert "Keywords not provided. Not updated." "missing-data") @@ -1375,7 +1375,7 @@ (t (hermetic:auth (:logged-in) ;; Authorised - (cond ((utils:string-is-nil-or-empty? slug) + (cond ((validation:string-is-nil-or-empty? slug) (utils:set-alert "Archive entry cannot be found." "missing-data") (redirect "/user/archive")) @@ -1398,7 +1398,7 @@ (t (hermetic:auth (:administrator) ;; Authorised - (cond ((utils:string-is-nil-or-empty? slug) + (cond ((validation:string-is-nil-or-empty? slug) (utils:set-alert "Cannot find archive entry in database. Nothing deleted." "missing-data") @@ -1520,7 +1520,7 @@ (t (hermetic:auth (:administrator) ;; Authorised - (cond ((find t (mapcar #'utils:string-is-nil-or-empty? + (cond ((find t (mapcar #'validation:string-is-nil-or-empty? `(,filename ,directory))) (utils:set-alert "File name or directory not provided." "missing-data") @@ -1563,7 +1563,7 @@ (t (hermetic:auth (:administrator) ;; Authorised - (cond ((find t (mapcar #'utils:string-is-nil-or-empty? `(,name ,table))) + (cond ((find t (mapcar #'validation:string-is-nil-or-empty? `(,name ,table))) (utils:set-alert "Entry name or database table not provided." "missing-data") (redirect "/danger/manage-database-entries")) @@ -1694,6 +1694,28 @@ "You are not authorised to delete page." "error") (redirect "/login"))))))) +(defroute ("/danger/delete-snapshot" :method :POST) () + (destructuring-bind + (&key snapshot-name authenticity-token &allow-other-keys) + (utils:request-params (lack.request:request-body-parameters ningle:*request*)) + (cond ((not (string= authenticity-token (auth:csrf-token))) + `(,+forbidden+ (:content-type "text/plain") ("Denied"))) + (t (hermetic:auth + (:administrator) + ;; Authorised + (cond ((validation::string-is-nil-or-empty? snapshot-name) + (utils:set-alert "No Snapshot Name provided." "missing-data") + (redirect "/danger/manage-snapshots")) + ;; Check snapshot exists here... + (t + ;; (snapshot:delete-snapshot) + (utils:set-alert "Snapshot deleted." "success") + (redirect "/danger/manage-snapshots"))) + ;; Not Authorised + (progn (utils:set-alert + "You are not authorised to delete page." "error") + (redirect "/login"))))))) + ;; ;; Error pages