cmd/web/handlers_guestbook.go

@@ -1,6 +1,5 @@
 package main
 
-
 import (
 	"errors"
 	"fmt"
@@ -12,12 +11,12 @@ import (
 	"git.32bit.cafe/32bitcafe/guestbook/ui/views"
 )
 
-func (app *application) getGuestbookCreate(w http.ResponseWriter, r* http.Request) {
+func (app *application) getGuestbookCreate(w http.ResponseWriter, r *http.Request) {
 	data := app.newCommonData(r)
 	views.GuestbookCreate("New Guestbook", data).Render(r.Context(), w)
 }
 
-func (app *application) postGuestbookCreate(w http.ResponseWriter, r* http.Request) {
+func (app *application) postGuestbookCreate(w http.ResponseWriter, r *http.Request) {
 	userId := app.sessionManager.GetInt64(r.Context(), "authenticatedUserId")
 	err := r.ParseForm()
 	if err != nil {
@@ -83,6 +82,10 @@ func (app *application) getGuestbookDashboard(w http.ResponseWriter, r *http.Req
 		}
 		return
 	}
+	user := app.getCurrentUser(r)
+	if user.ID != guestbook.UserId {
+		app.clientError(w, http.StatusUnauthorized)
+	}
 	comments, err := app.guestbookComments.GetAll(guestbook.ID)
 	if err != nil {
 		app.serverError(w, r, err)

internal/models/user.go

@@ -11,7 +11,7 @@ import (
 )
 
 type User struct {
-	ID             int
+	ID             int64
 	ShortId        uint64
 	Username       string
 	Email          string