From 204d4463c91f41c9b32ce6aae5ba4cb494368b41 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20M=C3=BCller?= Date: Thu, 21 Sep 2017 02:16:13 +0200 Subject: [PATCH] note removal implemented --- api_spec.js | 66 ++++++++++++++++++++++++++++++++++++++--------------- server.go | 5 ++-- storage.go | 15 +++++++++--- 3 files changed, 62 insertions(+), 24 deletions(-) diff --git a/api_spec.js b/api_spec.js index c8e216c..b9837bc 100644 --- a/api_spec.js +++ b/api_spec.js @@ -109,7 +109,7 @@ frisby.create('Valid posting') }) .toss(); -frisby.create('Valid posting, editing and more') +frisby.create('Valid posting, editing and removal') .post('http://localhost:3000/note', { password: 'aabbcc', tos: 'on', @@ -157,29 +157,57 @@ frisby.create('Valid posting, editing and more') .get('http://localhost:3000/' + noteId) .expectStatus(200) .expectBodyContains('Changed text!') + .after((err, res, body) => { + frisby.create('Read export of posted note') + .expectStatus(200) + .get('http://localhost:3000/' + noteId + '/export') + .expectHeaderContains('content-type', 'text/plain; charset=utf-8') + .expectBodyContains('Changed text!') + .toss(); + frisby.create('Open /edit on posted note') + .expectStatus(200) + .expectBodyContains('') + .get('http://localhost:3000/' + noteId + '/edit') + .toss(); + frisby.create('Read stats of posted note') + .get('http://localhost:3000/' + noteId + '/stats') + .expectHeaderContains('content-type', 'text/html; charset=utf-8') + .expectStatus(200) + .expectBodyContains('Statistics') + .expectBodyContains('Views0') + .toss(); + }) + .after((err, res, body) => { + frisby.create('Note available') + .get('http://localhost:3000/' + noteId) + .expectStatus(200) + .toss(); + frisby.create('Delete note with empty password') + .post('http://localhost:3000/note', { "id": noteId, "tos": "on", "text": "" }) + .expectStatus(400) + .toss(); + frisby.create('Delete note with wrong password') + .post('http://localhost:3000/note', { "id": noteId, "tos": "on", "text": "", "password": "xxyycc" }) + .expectStatus(401) + .toss(); + }) + .after((err, res, body) => { + frisby.create('Delete note') + .post('http://localhost:3000/note', { "id": noteId, "tos": "on", "text": "", "password": "aabbcc" }) + .expectStatus(301) + .after(function(err, res, body) { + frisby.create('Note unavailable') + .get('http://localhost:3000/' + noteId) + .expectStatus(404) + .toss(); + }) + .toss(); + }) .toss(); }) .toss(); }) .toss(); - frisby.create('Read export of posted note') - .expectStatus(200) - .get('http://localhost:3000/' + noteId + '/export') - .expectHeaderContains('content-type', 'text/plain; charset=utf-8') - .expectBodyContains(testNote) - .toss(); - frisby.create('Open /edit on posted note') - .expectStatus(200) - .expectBodyContains('') - .get('http://localhost:3000/' + noteId + '/edit') - .toss(); - frisby.create('Read stats of posted note') - .get('http://localhost:3000/' + noteId + '/stats') - .expectHeaderContains('content-type', 'text/html; charset=utf-8') - .expectStatus(200) - .expectBodyContains('Statistics') - .expectBodyContains('Views0') - .toss(); }) .toss(); diff --git a/server.go b/server.go index 64236cf..59d95b5 100644 --- a/server.go +++ b/server.go @@ -122,14 +122,15 @@ func main() { c.Logger().Errorf("POST /note error: %d", code) return c.Render(code, "Note", responsePage(code)) } + id := c.FormValue("id") text := c.FormValue("text") - if 10 > len(text) || len(text) > 50000 { + l := len(text) + if (id == "" || id != "" && l != 0) && (10 > l || l > 50000) { code := http.StatusBadRequest c.Logger().Errorf("POST /note error: %d", code) return c.Render(code, "Note", responsePage(code, "note length not accepted")) } - id := c.FormValue("id") n := &Note{ ID: id, Text: text, diff --git a/storage.go b/storage.go index 09a5d9d..8f0e9c8 100644 --- a/storage.go +++ b/storage.go @@ -54,9 +54,18 @@ func update(c echo.Context, db *sql.DB, n *Note) (*Note, error) { if err != nil { return nil, err } - stmt, _ := tx.Prepare("update notes set (text, edited, password) = (?, ?, ?) where id = ? and (password = ? or password = ?)") + s := "update notes set (text, edited, password) = (?, ?, ?) where id = ? and (password = ? or password = ?)" + if n.Text == "" { + s = "delete from notes where id = ? and (password = ? or password = ?)" + } + stmt, _ := tx.Prepare(s) defer stmt.Close() - res, err := stmt.Exec(n.Text, time.Now(), n.Password, n.ID, n.Password, n.DeprecatedPassword) + var res sql.Result + if n.Text == "" { + res, err = stmt.Exec(n.ID, n.Password, n.DeprecatedPassword) + } else { + res, err = stmt.Exec(n.Text, time.Now(), n.Password, n.ID, n.Password, n.DeprecatedPassword) + } if err != nil { tx.Rollback() return nil, err @@ -66,7 +75,7 @@ func update(c echo.Context, db *sql.DB, n *Note) (*Note, error) { tx.Rollback() return nil, errorUnathorised } - c.Logger().Debugf("updating note %s; committing transaction", n.ID) + c.Logger().Debugf("updating note %s (deletion: %t); committing transaction", n.ID, n.Text == "") return n, tx.Commit() }