From f34db50464361f1b28ef310fec75e69aa55abb16 Mon Sep 17 00:00:00 2001 From: Suraj Patil Date: Wed, 21 Sep 2016 22:10:46 +0530 Subject: [PATCH] code refactoring --- views/addViews.go | 215 ++++++++++++++++++++++-------------------- views/deleteViews.go | 206 ++++++++++++++++++++++------------------ views/otherViews.go | 193 ++++++++++++++++++++----------------- views/sessionViews.go | 2 + 4 files changed, 333 insertions(+), 283 deletions(-) diff --git a/views/addViews.go b/views/addViews.go index ee609a8..977f198 100644 --- a/views/addViews.go +++ b/views/addViews.go @@ -22,116 +22,125 @@ import ( // UploadedFileHandler is used to handle the uploaded file related requests func UploadedFileHandler(w http.ResponseWriter, r *http.Request) { - if r.Method == "GET" { - token := r.URL.Path[len("/files/"):] - - //file, err := db.GetFileName(token) - //if err != nil { - log.Println("serving file ./files/" + token) - http.ServeFile(w, r, "./files/"+token) - //} + if r.Method != "GET" { + http.Redirect(w, r, "/", http.StatusBadRequest) + return } + token := r.URL.Path[len("/files/"):] + + //file, err := db.GetFileName(token) + //if err != nil { + log.Println("serving file ./files/" + token) + http.ServeFile(w, r, "./files/"+token) + //} } //AddTaskFunc is used to handle the addition of new task, "/add" URL func AddTaskFunc(w http.ResponseWriter, r *http.Request) { - if r.Method == "POST" { // Will work only for POST requests, will redirect to home - var filelink string // will store the html when we have files to be uploaded, appened to the note content - r.ParseForm() - file, handler, err := r.FormFile("uploadfile") - if err != nil && handler != nil { - //Case executed when file is uploaded and yet an error occurs - log.Println(err) - message = "Error uploading file" - http.Redirect(w, r, "/", http.StatusInternalServerError) - } + if r.Method != "POST" { // Will work only for POST requests, will redirect to home + http.Redirect(w, r, "/", http.StatusBadRequest) + return + } - taskPriority, priorityErr := strconv.Atoi(r.FormValue("priority")) + var filelink string // will store the html when we have files to be uploaded, appened to the note content + r.ParseForm() + file, handler, err := r.FormFile("uploadfile") + if err != nil && handler != nil { + //Case executed when file is uploaded and yet an error occurs + log.Println(err) + message = "Error uploading file" + http.Redirect(w, r, "/", http.StatusInternalServerError) + } - if priorityErr != nil { - log.Print(priorityErr) - message = "Bad task priority" + taskPriority, priorityErr := strconv.Atoi(r.FormValue("priority")) + + if priorityErr != nil { + log.Print(priorityErr) + message = "Bad task priority" + } + priorityList := []int{1, 2, 3} + found := false + for _, priority := range priorityList { + if taskPriority == priority { + found = true } - priorityList := []int{1, 2, 3} - found := false - for _, priority := range priorityList { - if taskPriority == priority { - found = true + } + //If someone gives us incorrect priority number, we give the priority + //to that task as 1 i.e. Low + if !found { + taskPriority = 1 + } + var hidden int + hideTimeline := r.FormValue("hide") + if hideTimeline != "" { + hidden = 1 + } else { + hidden = 0 + } + // dueDate := r.FormValue("dueDate") + category := r.FormValue("category") + title := template.HTMLEscapeString(r.Form.Get("title")) + content := template.HTMLEscapeString(r.Form.Get("content")) + formToken := template.HTMLEscapeString(r.Form.Get("CSRFToken")) + + cookie, _ := r.Cookie("csrftoken") + if formToken == cookie.Value { + username := sessions.GetCurrentUserName(r) + if handler != nil { + // this will be executed whenever a file is uploaded + r.ParseMultipartForm(32 << 20) //defined maximum size of file + defer file.Close() + randomFileName := md5.New() + io.WriteString(randomFileName, strconv.FormatInt(time.Now().Unix(), 10)) + io.WriteString(randomFileName, handler.Filename) + token := fmt.Sprintf("%x", randomFileName.Sum(nil)) + f, err := os.OpenFile("./files/"+token, os.O_WRONLY|os.O_CREATE, 0666) + if err != nil { + log.Println(err) + return } - } - //If someone gives us incorrect priority number, we give the priority - //to that task as 1 i.e. Low - if !found { - taskPriority = 1 - } - var hidden int - hideTimeline := r.FormValue("hide") - if hideTimeline != "" { - hidden = 1 - } else { - hidden = 0 - } - // dueDate := r.FormValue("dueDate") - category := r.FormValue("category") - title := template.HTMLEscapeString(r.Form.Get("title")) - content := template.HTMLEscapeString(r.Form.Get("content")) - formToken := template.HTMLEscapeString(r.Form.Get("CSRFToken")) + defer f.Close() + io.Copy(f, file) - cookie, _ := r.Cookie("csrftoken") - if formToken == cookie.Value { - username := sessions.GetCurrentUserName(r) - if handler != nil { - // this will be executed whenever a file is uploaded - r.ParseMultipartForm(32 << 20) //defined maximum size of file - defer file.Close() - randomFileName := md5.New() - io.WriteString(randomFileName, strconv.FormatInt(time.Now().Unix(), 10)) - io.WriteString(randomFileName, handler.Filename) - token := fmt.Sprintf("%x", randomFileName.Sum(nil)) - f, err := os.OpenFile("./files/"+token, os.O_WRONLY|os.O_CREATE, 0666) - if err != nil { - log.Println(err) - return - } - defer f.Close() - io.Copy(f, file) - - if strings.HasSuffix(handler.Filename, ".png") || strings.HasSuffix(handler.Filename, ".jpg") { - filelink = "
" - } else { - filelink = "
" + handler.Filename + "" - } - content = content + filelink - - fileTruth := db.AddFile(handler.Filename, token, username) - if fileTruth != nil { - message = "Error adding filename in db" - log.Println("error adding task to db") - } - } - //taskTruth := db.AddTask(title, content, category, taskPriority, username, dueDate) - taskTruth := db.AddTask(title, content, category, taskPriority, username, hidden) - if taskTruth != nil { - message = "Error adding task" - log.Println("error adding task to db") - http.Redirect(w, r, "/", http.StatusInternalServerError) + if strings.HasSuffix(handler.Filename, ".png") || strings.HasSuffix(handler.Filename, ".jpg") { + filelink = "
" } else { - message = "Task added" - log.Println("added task to db") - http.Redirect(w, r, "/", http.StatusFound) + filelink = "
" + handler.Filename + "" } - } else { - log.Println("CSRF mismatch") - message = "Server Error" - http.Redirect(w, r, "/", http.StatusInternalServerError) - } + content = content + filelink + fileTruth := db.AddFile(handler.Filename, token, username) + if fileTruth != nil { + message = "Error adding filename in db" + log.Println("error adding task to db") + } + } + //taskTruth := db.AddTask(title, content, category, taskPriority, username, dueDate) + taskTruth := db.AddTask(title, content, category, taskPriority, username, hidden) + if taskTruth != nil { + message = "Error adding task" + log.Println("error adding task to db") + http.Redirect(w, r, "/", http.StatusInternalServerError) + } else { + message = "Task added" + log.Println("added task to db") + http.Redirect(w, r, "/", http.StatusFound) + } + } else { + log.Println("CSRF mismatch") + message = "Server Error" + http.Redirect(w, r, "/", http.StatusInternalServerError) } } //AddCategoryFunc used to add new categories to the database func AddCategoryFunc(w http.ResponseWriter, r *http.Request) { + if r.Method != "POST" { // We respond only to POST requests, redirect to home for others + http.Redirect(w, r, "/", http.StatusBadRequest) + return + } + r.ParseForm() category := r.Form.Get("category") if strings.Trim(category, " ") != "" { @@ -160,19 +169,19 @@ func EditTaskFunc(w http.ResponseWriter, r *http.Request) { log.Println(err) http.Redirect(w, r, "/", http.StatusBadRequest) return - } else { - redirectURL := utils.GetRedirectUrl(r.Referer()) - username := sessions.GetCurrentUserName(r) - task, err := db.GetTaskByID(username, id) - categories := db.GetCategories(username) - task.Categories = categories - task.Referer = redirectURL - - if err != nil { - task.Message = "Error fetching Tasks" - } - editTemplate.Execute(w, task) } + redirectURL := utils.GetRedirectUrl(r.Referer()) + username := sessions.GetCurrentUserName(r) + task, err := db.GetTaskByID(username, id) + categories := db.GetCategories(username) + task.Categories = categories + task.Referer = redirectURL + + if err != nil { + task.Message = "Error fetching Tasks" + } + editTemplate.Execute(w, task) + } //AddCommentFunc will be used diff --git a/views/deleteViews.go b/views/deleteViews.go index be2b108..60173a2 100644 --- a/views/deleteViews.go +++ b/views/deleteViews.go @@ -19,130 +19,154 @@ func TrashTaskFunc(w http.ResponseWriter, r *http.Request) { //for best UX we want the user to be returned to the page making //the delete transaction, we use the r.Referer() function to get the link redirectURL := utils.GetRedirectUrl(r.Referer()) - if r.Method == "GET" { - id, err := strconv.Atoi(r.URL.Path[len("/trash/"):]) + + if r.Method != "GET" { + http.Redirect(w, r, "/", http.StatusBadRequest) + return + } + + id, err := strconv.Atoi(r.URL.Path[len("/trash/"):]) + if err != nil { + log.Println("TrashTaskFunc", err) + message = "Incorrect command" + http.Redirect(w, r, redirectURL, http.StatusFound) + } else { + username := sessions.GetCurrentUserName(r) + err = db.TrashTask(username, id) if err != nil { - log.Println("TrashTaskFunc", err) - message = "Incorrect command" - http.Redirect(w, r, redirectURL, http.StatusFound) + message = "Error trashing task" } else { - username := sessions.GetCurrentUserName(r) - err = db.TrashTask(username, id) - if err != nil { - message = "Error trashing task" - } else { - message = "Task trashed" - } - http.Redirect(w, r, redirectURL, http.StatusFound) + message = "Task trashed" } + http.Redirect(w, r, redirectURL, http.StatusFound) + } } //RestoreTaskFunc is used to restore task from trash, handles "/restore/" URL func RestoreTaskFunc(w http.ResponseWriter, r *http.Request) { - if r.Method == "GET" { - id, err := strconv.Atoi(r.URL.Path[len("/restore/"):]) - if err != nil { - log.Println(err) - http.Redirect(w, r, "/deleted", http.StatusBadRequest) - } else { - username := sessions.GetCurrentUserName(r) - err = db.RestoreTask(username, id) - if err != nil { - message = "Restore failed" - } else { - message = "Task restored" - } - http.Redirect(w, r, "/deleted/", http.StatusFound) - } + if r.Method != "GET" { + http.Redirect(w, r, "/", http.StatusBadRequest) + return } + + id, err := strconv.Atoi(r.URL.Path[len("/restore/"):]) + if err != nil { + log.Println(err) + http.Redirect(w, r, "/deleted", http.StatusBadRequest) + } else { + username := sessions.GetCurrentUserName(r) + err = db.RestoreTask(username, id) + if err != nil { + message = "Restore failed" + } else { + message = "Task restored" + } + http.Redirect(w, r, "/deleted/", http.StatusFound) + } + } //DeleteTaskFunc is used to delete a task, trash = move to recycle bin, delete = permanent delete func DeleteTaskFunc(w http.ResponseWriter, r *http.Request) { username := sessions.GetCurrentUserName(r) - if r.Method == "GET" { - id := r.URL.Path[len("/delete/"):] - if id == "all" { - err := db.DeleteAll(username) - if err != nil { - message = "Error deleting tasks" - http.Redirect(w, r, "/", http.StatusInternalServerError) - } - http.Redirect(w, r, "/", http.StatusFound) + if r.Method != "GET" { + http.Redirect(w, r, "/", http.StatusBadRequest) + return + } + + id := r.URL.Path[len("/delete/"):] + if id == "all" { + err := db.DeleteAll(username) + if err != nil { + message = "Error deleting tasks" + http.Redirect(w, r, "/", http.StatusInternalServerError) + } + http.Redirect(w, r, "/", http.StatusFound) + } else { + id, err := strconv.Atoi(id) + if err != nil { + log.Println(err) + http.Redirect(w, r, "/", http.StatusBadRequest) } else { - id, err := strconv.Atoi(id) + err = db.DeleteTask(username, id) if err != nil { - log.Println(err) - http.Redirect(w, r, "/", http.StatusBadRequest) + message = "Error deleting task" } else { - err = db.DeleteTask(username, id) - if err != nil { - message = "Error deleting task" - } else { - message = "Task deleted" - } - http.Redirect(w, r, "/deleted", http.StatusFound) + message = "Task deleted" } + http.Redirect(w, r, "/deleted", http.StatusFound) } } + } //RestoreFromCompleteFunc restores the task from complete to pending func RestoreFromCompleteFunc(w http.ResponseWriter, r *http.Request) { - if r.Method == "GET" { - id, err := strconv.Atoi(r.URL.Path[len("/incomplete/"):]) - if err != nil { - log.Println(err) - http.Redirect(w, r, "/completed", http.StatusBadRequest) - } else { - username := sessions.GetCurrentUserName(r) - err = db.RestoreTaskFromComplete(username, id) - if err != nil { - message = "Restore failed" - } else { - message = "Task restored" - } - http.Redirect(w, r, "/completed", http.StatusFound) - } + if r.Method != "GET" { + http.Redirect(w, r, "/", http.StatusBadRequest) + return } + + id, err := strconv.Atoi(r.URL.Path[len("/incomplete/"):]) + if err != nil { + log.Println(err) + http.Redirect(w, r, "/completed", http.StatusBadRequest) + } else { + username := sessions.GetCurrentUserName(r) + err = db.RestoreTaskFromComplete(username, id) + if err != nil { + message = "Restore failed" + } else { + message = "Task restored" + } + http.Redirect(w, r, "/completed", http.StatusFound) + } + } //DeleteCategoryFunc will delete any category func DeleteCategoryFunc(w http.ResponseWriter, r *http.Request) { - if r.Method == "GET" { - categoryName := r.URL.Path[len("/del-category/"):] - username := sessions.GetCurrentUserName(r) - err := db.DeleteCategoryByName(username, categoryName) - if err != nil { - message = "error deleting category" - } else { - message = "Category " + categoryName + " deleted" - } - - http.Redirect(w, r, "/", http.StatusFound) + if r.Method != "GET" { + http.Redirect(w, r, "/", http.StatusBadRequest) + return } + + categoryName := r.URL.Path[len("/del-category/"):] + username := sessions.GetCurrentUserName(r) + err := db.DeleteCategoryByName(username, categoryName) + if err != nil { + message = "error deleting category" + } else { + message = "Category " + categoryName + " deleted" + } + + http.Redirect(w, r, "/", http.StatusFound) + } //DeleteCommentFunc will delete any category func DeleteCommentFunc(w http.ResponseWriter, r *http.Request) { - if r.Method == "GET" { - id := r.URL.Path[len("/del-comment/"):] - commentID, err := strconv.Atoi(id) - if err != nil { - http.Redirect(w, r, "/", http.StatusBadRequest) - return - } - username := sessions.GetCurrentUserName(r) - - err = db.DeleteCommentByID(username, commentID) - - if err != nil { - message = "comment not deleted" - } else { - message = "comment deleted" - } - - http.Redirect(w, r, "/", http.StatusFound) + if r.Method != "GET" { + http.Redirect(w, r, "/", http.StatusBadRequest) + return } + + id := r.URL.Path[len("/del-comment/"):] + commentID, err := strconv.Atoi(id) + if err != nil { + http.Redirect(w, r, "/", http.StatusBadRequest) + return + } + username := sessions.GetCurrentUserName(r) + + err = db.DeleteCommentByID(username, commentID) + + if err != nil { + message = "comment not deleted" + } else { + message = "comment deleted" + } + + http.Redirect(w, r, "/", http.StatusFound) } diff --git a/views/otherViews.go b/views/otherViews.go index cc339f4..ce0b6b9 100644 --- a/views/otherViews.go +++ b/views/otherViews.go @@ -56,117 +56,132 @@ func PopulateTemplates() { //CompleteTaskFunc is used to show the complete tasks, handles "/completed/" url func CompleteTaskFunc(w http.ResponseWriter, r *http.Request) { - if r.Method == "GET" { - redirectURL := utils.GetRedirectUrl(r.Referer()) - id, err := strconv.Atoi(r.URL.Path[len("/complete/"):]) - if err != nil { - log.Println(err) - } else { - username := sessions.GetCurrentUserName(r) - err = db.CompleteTask(username, id) - if err != nil { - message = "Complete task failed" - } else { - message = "Task marked complete" - } - http.Redirect(w, r, redirectURL, http.StatusFound) - } + if r.Method != "GET" { + http.Redirect(w, r, "/", http.StatusBadRequest) + return } + + redirectURL := utils.GetRedirectUrl(r.Referer()) + id, err := strconv.Atoi(r.URL.Path[len("/complete/"):]) + if err != nil { + log.Println(err) + } else { + username := sessions.GetCurrentUserName(r) + err = db.CompleteTask(username, id) + if err != nil { + message = "Complete task failed" + } else { + message = "Task marked complete" + } + http.Redirect(w, r, redirectURL, http.StatusFound) + } + } //SearchTaskFunc is used to handle the /search/ url, handles the search function func SearchTaskFunc(w http.ResponseWriter, r *http.Request) { - if r.Method == "POST" { - r.ParseForm() - query := r.Form.Get("query") - - username := sessions.GetCurrentUserName(r) - context, err := db.SearchTask(username, query) - if err != nil { - log.Println("error fetching search results") - } - - categories := db.GetCategories(username) - context.Categories = categories - - searchTemplate.Execute(w, context) + if r.Method != "POST" { + http.Redirect(w, r, "/", http.StatusBadRequest) + return } + r.ParseForm() + query := r.Form.Get("query") + + username := sessions.GetCurrentUserName(r) + context, err := db.SearchTask(username, query) + if err != nil { + log.Println("error fetching search results") + } + + categories := db.GetCategories(username) + context.Categories = categories + + searchTemplate.Execute(w, context) + } //UpdateTaskFunc is used to update a task, handes "/update/" URL func UpdateTaskFunc(w http.ResponseWriter, r *http.Request) { - if r.Method == "POST" { - r.ParseForm() - id, err := strconv.Atoi(r.Form.Get("id")) - if err != nil { - log.Println(err) - } - category := r.Form.Get("category") - title := r.Form.Get("title") - content := r.Form.Get("content") - priority, err := strconv.Atoi(r.Form.Get("priority")) - if err != nil { - log.Println(err) - } - username := sessions.GetCurrentUserName(r) - - var hidden int - hideTimeline := r.FormValue("hide") - if hideTimeline != "" { - hidden = 1 - } else { - hidden = 0 - } - - err = db.UpdateTask(id, title, content, category, priority, username, hidden) - if err != nil { - message = "Error updating task" - } else { - message = "Task updated" - log.Println(message) - } - http.Redirect(w, r, "/", http.StatusFound) + if r.Method != "POST" { + http.Redirect(w, r, "/", http.StatusBadRequest) + return } + + r.ParseForm() + id, err := strconv.Atoi(r.Form.Get("id")) + if err != nil { + log.Println(err) + } + category := r.Form.Get("category") + title := r.Form.Get("title") + content := r.Form.Get("content") + priority, err := strconv.Atoi(r.Form.Get("priority")) + if err != nil { + log.Println(err) + } + username := sessions.GetCurrentUserName(r) + + var hidden int + hideTimeline := r.FormValue("hide") + if hideTimeline != "" { + hidden = 1 + } else { + hidden = 0 + } + + err = db.UpdateTask(id, title, content, category, priority, username, hidden) + if err != nil { + message = "Error updating task" + } else { + message = "Task updated" + log.Println(message) + } + http.Redirect(w, r, "/", http.StatusFound) } //UpdateCategoryFunc is used to update a task, handes "/upd-category/" URL func UpdateCategoryFunc(w http.ResponseWriter, r *http.Request) { - if r.Method == "POST" { - var redirectURL string - r.ParseForm() - oldName := r.URL.Path[len("/upd-category/"):] - newName := r.Form.Get("catname") - username := sessions.GetCurrentUserName(r) - err := db.UpdateCategoryByName(username, oldName, newName) - if err != nil { - message = "error updating category" - log.Println("not updated category " + oldName) - redirectURL = "/category/" + oldName - } else { - message = "cat " + oldName + " -> " + newName - redirectURL = "/category/" + newName - } - log.Println("redirecting to " + redirectURL) - http.Redirect(w, r, redirectURL, http.StatusFound) + if r.Method != "POST" { + http.Redirect(w, r, "/", http.StatusBadRequest) + return } + var redirectURL string + r.ParseForm() + oldName := r.URL.Path[len("/upd-category/"):] + newName := r.Form.Get("catname") + username := sessions.GetCurrentUserName(r) + err := db.UpdateCategoryByName(username, oldName, newName) + if err != nil { + message = "error updating category" + log.Println("not updated category " + oldName) + redirectURL = "/category/" + oldName + } else { + message = "cat " + oldName + " -> " + newName + redirectURL = "/category/" + newName + } + log.Println("redirecting to " + redirectURL) + http.Redirect(w, r, redirectURL, http.StatusFound) + } //SignUpFunc will enable new users to sign up to our service func SignUpFunc(w http.ResponseWriter, r *http.Request) { - if r.Method == "POST" { - r.ParseForm() + if r.Method != "POST" { + http.Redirect(w, r, "/", http.StatusBadRequest) + return + } + r.ParseForm() - username := r.Form.Get("username") - password := r.Form.Get("password") - email := r.Form.Get("email") + username := r.Form.Get("username") + password := r.Form.Get("password") + email := r.Form.Get("email") - log.Println(username, password, email) + log.Println(username, password, email) - err := db.CreateUser(username, password, email) - if err != nil { - http.Error(w, "Unable to sign user up", http.StatusInternalServerError) - } else { - http.Redirect(w, r, "/login/", 302) - } + err := db.CreateUser(username, password, email) + if err != nil { + http.Error(w, "Unable to sign user up", http.StatusInternalServerError) + } else { + http.Redirect(w, r, "/login/", 302) } } diff --git a/views/sessionViews.go b/views/sessionViews.go index 57227b4..e14a518 100644 --- a/views/sessionViews.go +++ b/views/sessionViews.go @@ -60,5 +60,7 @@ func LoginFunc(w http.ResponseWriter, r *http.Request) { } log.Print("Invalid user " + username) loginTemplate.Execute(w, nil) + default: + http.Redirect(w, r, "/login/", http.StatusUnauthorized) } }