diff options
| -rw-r--r-- | assets/entry_edit.html | 10 | ||||
| -rw-r--r-- | conf/clog.conf | 15 | ||||
| -rw-r--r-- | src/clog.c | 89 | ||||
| -rw-r--r-- | src/queries.h | 5 |
4 files changed, 102 insertions, 17 deletions
diff --git a/assets/entry_edit.html b/assets/entry_edit.html index 9982731..f87e9cf 100644 --- a/assets/entry_edit.html +++ b/assets/entry_edit.html @@ -1,9 +1,9 @@ <form action="/entries/%s" method="post"> -<input type="text" id="id" name="id" value="%s" placeholder="uuid"/> -<input type="text" id="title" name="title" value="%s" placeholder="title"/> -<textarea id="body" name="body" rows="50" cols="100">%s</textarea> +<input type="text" id="title" name="title" value="%s" placeholder="title" style="width: 100%;"/> +<textarea id="body" name="body" rows="50" style="width: 100%;">%s</textarea> <br> -<!--input type="button" value="Preview"--> -<input type="submit" value="Update"> +<input type="button" value="Preview (N/A)"> +<input type="submit" value="Save"> +<input type="button" value="Delete (N/A)"> </form> diff --git a/conf/clog.conf b/conf/clog.conf index 7ddcfd6..0739f70 100644 --- a/conf/clog.conf +++ b/conf/clog.conf @@ -19,6 +19,7 @@ seccomp_tracing no validator v_uuid regex ^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$ validator v_text function validate_text +# validator v_text regex .* domain * { attach notls @@ -39,6 +40,19 @@ domain * { validate qs:get query v_text } + route /entries/new { + handler get_new_entry_form + methods get + } + + route /entries/ { + handler save_new_entry + methods post + + validate post title v_text + validate post body v_text + } + route ^/entries/[a-z0-9\-]+$ { handler get_entry methods get @@ -53,7 +67,6 @@ domain * { handler update_entry methods post - validate post id v_uuid validate post title v_text validate post body v_text } @@ -16,11 +16,11 @@ #include "queries.h" // FIXME: Compilation fail if this is a .c file. KORE_SECCOMP_FILTER("clog", - KORE_SYSCALL_ALLOW(bind), - KORE_SYSCALL_ALLOW(getdents64), - KORE_SYSCALL_ALLOW(newfstatat), - KORE_SYSCALL_ALLOW(sendmmsg), - KORE_SYSCALL_ALLOW(uname) + KORE_SYSCALL_ALLOW(bind), + KORE_SYSCALL_ALLOW(getdents64), + KORE_SYSCALL_ALLOW(newfstatat), + KORE_SYSCALL_ALLOW(sendmmsg), + KORE_SYSCALL_ALLOW(uname) ) enum query_status { QUERY_STATUS_OK, QUERY_STATUS_ERROR, QUERY_STATUS_NOT_FOUND }; @@ -68,6 +68,8 @@ int get_index(struct http_request *req); int get_entry(struct http_request *req); int edit_entry(struct http_request *req); int update_entry(struct http_request *req); +int get_new_entry_form(struct http_request *req); +int save_new_entry(struct http_request *req); int sql_select(struct entry_query *eq); int sql_update(const char *id, const char *title, const char *body); @@ -364,7 +366,7 @@ int edit_entry(struct http_request *req) { kore_buf_appendf( content, (const char *) asset_entry_edit_html, - eq.entries[0]->id, eq.entries[0]->id, eq.entries[0]->title, eq.entries[0]->body + eq.entries[0]->id, eq.entries[0]->title, eq.entries[0]->body ); // Render MD. @@ -447,6 +449,63 @@ out: ; return KORE_RESULT_OK; } +int get_new_entry_form(struct http_request *req) { + struct kore_buf *content = NULL; + + content = kore_buf_alloc(0); + + kore_buf_appendf( + content, (const char *) asset_entry_edit_html, + "", "", "" + ); + + http_ok_resp(req, HTTP_STATUS_OK, content); + + kore_free(content); + + return KORE_RESULT_OK; +} + +int save_new_entry(struct http_request *req) { + int err = 0; + + char *title = NULL; + char *body = NULL; + + http_populate_post(req); + + if (http_argument_get_string(req, "title", &title)) { + kore_log(LOG_INFO, "form title %s.", title); + } + else { + kore_log(LOG_ERR, "Error no title"); + http_err_resp(req, HTTP_STATUS_BAD_REQUEST); + goto out; + } + + if (http_argument_get_string(req, "body", &body)) { + kore_log(LOG_INFO, "form body %s.", body); + } + else { + kore_log(LOG_ERR, "Error no body"); + http_err_resp(req, HTTP_STATUS_BAD_REQUEST); + goto out; + } + + err = sql_update(NULL, title, body); + if (err == KORE_RESULT_ERROR) { + kore_log(LOG_ERR, "Error saving new entry."); + http_err_resp(req, HTTP_STATUS_INTERNAL_ERROR); + goto out; + } + + http_err_resp(req, HTTP_STATUS_CREATED); + +out: ; + + return KORE_RESULT_OK; +} + int sql_select(struct entry_query *eq) { int err = KORE_RESULT_OK; @@ -502,7 +561,7 @@ int sql_select(struct entry_query *eq) { // Iterate over entries and render them. eq->num_entries = kore_pgsql_ntuples(&sql); for (i = 0; i < eq->num_entries; i++) { - // Fetch & copy data to entry + // Fetch & copy data to entry entry = kore_malloc(sizeof(struct entry)); entry->id = kore_strdup(kore_pgsql_getvalue(&sql, i, 0)); entry->title = kore_strdup(kore_pgsql_getvalue(&sql, i, 1)); @@ -535,10 +594,18 @@ int sql_update(const char *id, const char *title, const char *body) { goto out; } - err = kore_pgsql_query_params( - &sql, q_update_entry, 0, 4, KORE_PGSQL_PARAM_TEXT(title), KORE_PGSQL_PARAM_TEXT(body), - KORE_PGSQL_PARAM_TEXT(body), KORE_PGSQL_PARAM_TEXT(id) - ); + if (id) { + err = kore_pgsql_query_params( + &sql, q_update_entry, 0, 4, KORE_PGSQL_PARAM_TEXT(title), KORE_PGSQL_PARAM_TEXT(body), + KORE_PGSQL_PARAM_TEXT(body), KORE_PGSQL_PARAM_TEXT(id) + ); + } + else { + err = kore_pgsql_query_params( + &sql, q_insert_entry, 0, 3, KORE_PGSQL_PARAM_TEXT(title), KORE_PGSQL_PARAM_TEXT(body), + KORE_PGSQL_PARAM_TEXT(body) + ); + } if (err == KORE_RESULT_ERROR) { kore_pgsql_logerror(&sql); goto out; diff --git a/src/queries.h b/src/queries.h index 9e90581..696d42a 100644 --- a/src/queries.h +++ b/src/queries.h @@ -19,6 +19,11 @@ const char *q_search_entries = ") " "SELECT id, title, created_at::DATE, updated_at::DATE, body FROM query;"; +const char *q_insert_entry = +"INSERT INTO entries (title, body, search_vector) " +"VALUES ($1, $2, TO_TSVECTOR('english', $3)) " +"RETURNING id;"; + const char *q_update_entry = "UPDATE entries " "SET title = $1, body = $2, updated_at = NOW(), search_vector = TO_TSVECTOR('english', $3) " |