32bitcafe/webweav.ing
1
1
Fork 0
Code Issues 12 Pull Requests Packages Projects 1 Releases Wiki Activity

check user owns guestbook

Browse Source
This commit is contained in:
yequari 2025-03-15 12:18:17 -07:00
parent 6c18752230
commit 11c0815676
2 changed files with 168 additions and 165 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cmd/web/handlers_guestbook.go
View File

@ -1,6 +1,5 @@
package main package main
import ( import (
"errors" "errors"
"fmt" "fmt"
@ -12,12 +11,12 @@ import (
"git.32bit.cafe/32bitcafe/guestbook/ui/views" "git.32bit.cafe/32bitcafe/guestbook/ui/views"
) )
func (app *application) getGuestbookCreate(w http.ResponseWriter, r* http.Request) { func (app *application) getGuestbookCreate(w http.ResponseWriter, r *http.Request) {
data := app.newCommonData(r) data := app.newCommonData(r)
views.GuestbookCreate("New Guestbook", data).Render(r.Context(), w) views.GuestbookCreate("New Guestbook", data).Render(r.Context(), w)
} }
func (app *application) postGuestbookCreate(w http.ResponseWriter, r* http.Request) { func (app *application) postGuestbookCreate(w http.ResponseWriter, r *http.Request) {
userId := app.sessionManager.GetInt64(r.Context(), "authenticatedUserId") userId := app.sessionManager.GetInt64(r.Context(), "authenticatedUserId")
err := r.ParseForm() err := r.ParseForm()
if err != nil { if err != nil {
@ -83,6 +82,10 @@ func (app *application) getGuestbookDashboard(w http.ResponseWriter, r *http.Req
} }
return return
} }
user := app.getCurrentUser(r)
if user.ID != guestbook.UserId {
app.clientError(w, http.StatusUnauthorized)
}
comments, err := app.guestbookComments.GetAll(guestbook.ID) comments, err := app.guestbookComments.GetAll(guestbook.ID)
if err != nil { if err != nil {
app.serverError(w, r, err) app.serverError(w, r, err)

2
internal/models/user.go
View File

@ -11,7 +11,7 @@ import (
) )
type User struct { type User struct {
ID int ID int64
ShortId uint64 ShortId uint64
Username string Username string
Email string Email string