From b581857b07b6bcc9b7da4378667a3f5a486a073b Mon Sep 17 00:00:00 2001 From: Sergio Vera Date: Sun, 8 Sep 2024 16:55:40 +0200 Subject: [PATCH] Updated routes --- .../webserver/controller/document/send.go | 9 ++-- internal/webserver/embedded/js/send-email.js | 5 +- .../webserver/embedded/views/document.html | 10 ++-- .../embedded/views/partials/actions.html | 7 ++- .../embedded/views/partials/delete-modal.html | 2 +- .../embedded/views/partials/docs-list.html | 4 +- .../embedded/views/partials/related.html | 2 +- internal/webserver/embedded/views/reader.html | 2 +- .../webserver/embedded/views/users/index.html | 2 +- internal/webserver/highlights_test.go | 6 +-- internal/webserver/remove_document_test.go | 2 +- internal/webserver/routes.go | 48 ++++++++++--------- internal/webserver/send_document_test.go | 4 +- internal/webserver/user_management_test.go | 10 ++-- 14 files changed, 57 insertions(+), 56 deletions(-) diff --git a/internal/webserver/controller/document/send.go b/internal/webserver/controller/document/send.go index f8898882..ba6b6c14 100644 --- a/internal/webserver/controller/document/send.go +++ b/internal/webserver/controller/document/send.go @@ -1,6 +1,7 @@ package document import ( + "log" "net/mail" "os" "path/filepath" @@ -10,7 +11,8 @@ import ( ) func (d *Controller) Send(c *fiber.Ctx) error { - if strings.Trim(c.FormValue("slug"), " ") == "" { + slug := "" + if slug = strings.Trim(c.Params("slug"), " "); slug == "" { return fiber.ErrBadRequest } @@ -18,13 +20,14 @@ func (d *Controller) Send(c *fiber.Ctx) error { return fiber.ErrBadRequest } - document, err := d.idx.Document(c.FormValue("slug")) + document, err := d.idx.Document(slug) if err != nil { return fiber.ErrBadRequest } if _, err := os.Stat(filepath.Join(d.config.LibraryPath, document.ID)); err != nil { - return fiber.ErrBadRequest + log.Println(err) + return fiber.ErrInternalServerError } return d.sender.SendDocument(c.FormValue("email"), d.config.LibraryPath, document.ID) diff --git a/internal/webserver/embedded/js/send-email.js b/internal/webserver/embedded/js/send-email.js index 73dd487e..60860bb0 100644 --- a/internal/webserver/embedded/js/send-email.js +++ b/internal/webserver/embedded/js/send-email.js @@ -13,14 +13,13 @@ Array.from(forms).forEach(form => { submit.setAttribute("disabled", true); spinner.classList.remove("visually-hidden"); sendIcon.classList.add("visually-hidden"); - fetch('/send', { + fetch(form.getAttribute("action"), { method: "POST", headers: { 'Content-Type': 'application/x-www-form-urlencoded' }, body: new URLSearchParams({ - 'email': form.elements[0].value, - 'slug': form.elements[1].value, + 'email': form.elements[0].value }) }) .then((response) => { diff --git a/internal/webserver/embedded/views/document.html b/internal/webserver/embedded/views/document.html index aa163e1f..9c5978cf 100644 --- a/internal/webserver/embedded/views/document.html +++ b/internal/webserver/embedded/views/document.html @@ -7,7 +7,7 @@
- {{t $lang "\"%s\" cover" .Document.Title}} @@ -23,7 +23,7 @@

- + @@ -31,7 +31,7 @@

  {{t .Lang "Read"}} - + @@ -40,7 +40,7 @@

{{.Document.Type}} - + @@ -69,7 +69,7 @@

{{t .Lang "Send to email unavailable, no email service configured"}}

{{else}}
-
+ -
  • +
  • @@ -16,7 +16,7 @@ {{.Document.Type}}
    • -
  • +
  • @@ -49,7 +49,7 @@
  • {{t .Lang "Send to email unavailable, no email service configured"}}
    • {{else}}
  • - +
    - diff --git a/internal/webserver/embedded/views/partials/docs-list.html b/internal/webserver/embedded/views/partials/docs-list.html index 51860bd3..ee93a525 100644 --- a/internal/webserver/embedded/views/partials/docs-list.html +++ b/internal/webserver/embedded/views/partials/docs-list.html @@ -9,7 +9,7 @@
    - {{t $lang "\"%s\" cover" $document.Title}} + {{t $lang "\"%s\" cover" $document.Title}}
    {{$document.Title}}

    @@ -91,7 +91,7 @@

    {{t $lang "Unknown author"}}
    {{end}} {{end}}
    -{{template "partials/delete-modal" dict "Lang" $lang "Action" "/documents" "ModalHeader" "Delete document" "ModalBody" "Are you sure you want to delete this document?" "ModalErrorMessage" "There was an error deleting the document"}} +{{template "partials/delete-modal" dict "Lang" $lang "Action" "documents" "ModalHeader" "Delete document" "ModalBody" "Are you sure you want to delete this document?" "ModalErrorMessage" "There was an error deleting the document"}} diff --git a/internal/webserver/embedded/views/partials/related.html b/internal/webserver/embedded/views/partials/related.html index 93c895f5..f3a952ab 100644 --- a/internal/webserver/embedded/views/partials/related.html +++ b/internal/webserver/embedded/views/partials/related.html @@ -1,5 +1,5 @@
    - {{t .Lang "\"%s\" cover" .Document.Title}} + {{t .Lang "\"%s\" cover" .Document.Title}}
    {{.Document.Title}}
    {{if .Document.Authors}} diff --git a/internal/webserver/embedded/views/reader.html b/internal/webserver/embedded/views/reader.html index 67d5daf0..25f8cf63 100644 --- a/internal/webserver/embedded/views/reader.html +++ b/internal/webserver/embedded/views/reader.html @@ -13,7 +13,7 @@ - +
    diff --git a/internal/webserver/embedded/views/users/index.html b/internal/webserver/embedded/views/users/index.html index c463bbeb..8022a889 100644 --- a/internal/webserver/embedded/views/users/index.html +++ b/internal/webserver/embedded/views/users/index.html @@ -40,6 +40,6 @@

    {{t $lang "Users"}}

    {{template "partials/pagination" .}} {{end}} -{{template "partials/delete-modal" dict "Lang" $lang "Action" "/users" "ModalHeader" "Delete user" "ModalBody" "Are you sure you want to delete this user?" "ModalErrorMessage" "There was an error deleting the user, try again later"}} +{{template "partials/delete-modal" dict "Lang" $lang "Action" "users" "ModalHeader" "Delete user" "ModalBody" "Are you sure you want to delete this user?" "ModalErrorMessage" "There was an error deleting the user, try again later"}} diff --git a/internal/webserver/highlights_test.go b/internal/webserver/highlights_test.go index 140ca844..0ec178fe 100644 --- a/internal/webserver/highlights_test.go +++ b/internal/webserver/highlights_test.go @@ -112,7 +112,7 @@ func TestHighlights(t *testing.T) { t.Fatalf("Unexpected error: %v", err.Error()) } - _, err = deleteRequest(url.Values{}, adminCookie, app, "/documents/john-doe-test-epub", t) + _, err = deleteRequest(url.Values{}, adminCookie, app, "/en/documents/john-doe-test-epub", t) if err != nil { t.Fatalf("Unexpected error: %v", err.Error()) } @@ -150,7 +150,7 @@ func TestHighlights(t *testing.T) { t.Fatalf("Unexpected error: %v", err.Error()) } - _, err = deleteRequest(url.Values{}, adminCookie, app, fmt.Sprintf("/users/%s", regularUser.Username), t) + _, err = deleteRequest(url.Values{}, adminCookie, app, fmt.Sprintf("/en/users/%s", regularUser.Username), t) if err != nil { t.Fatalf("Unexpected error: %v", err.Error()) } @@ -165,7 +165,7 @@ func TestHighlights(t *testing.T) { func highlight(cookie *http.Cookie, app *fiber.App, slug string, method string, t *testing.T) (*http.Response, error) { t.Helper() - req, err := http.NewRequest(method, fmt.Sprintf("/highlights/%s", slug), nil) + req, err := http.NewRequest(method, fmt.Sprintf("/en/highlights/%s", slug), nil) if err != nil { return nil, err } diff --git a/internal/webserver/remove_document_test.go b/internal/webserver/remove_document_test.go index 7e29b8e8..3983f849 100644 --- a/internal/webserver/remove_document_test.go +++ b/internal/webserver/remove_document_test.go @@ -60,7 +60,7 @@ func TestRemoveDocument(t *testing.T) { t.Fatalf("Unexpected error: %v", err.Error()) } - response, err = deleteRequest(url.Values{}, cookie, app, fmt.Sprintf("/documents/%s", tcase.slug), t) + response, err = deleteRequest(url.Values{}, cookie, app, fmt.Sprintf("/en/documents/%s", tcase.slug), t) if err != nil { t.Fatalf("Unexpected error: %v", err.Error()) } diff --git a/internal/webserver/routes.go b/internal/webserver/routes.go index ac80a582..fcd0a7ad 100644 --- a/internal/webserver/routes.go +++ b/internal/webserver/routes.go @@ -11,9 +11,12 @@ import ( ) func routes(app *fiber.App, controllers Controllers, jwtSecret []byte, sender Sender, requireAuth bool) { - var allowIfNotLoggedIn = AllowIfNotLoggedIn(jwtSecret) - var alwaysRequireAuthentication = AlwaysRequireAuthentication(jwtSecret, sender) - var configurableAuthentication = ConfigurableAuthentication(jwtSecret, sender, requireAuth) + // Middlewares + var ( + allowIfNotLoggedIn = AllowIfNotLoggedIn(jwtSecret) + alwaysRequireAuthentication = AlwaysRequireAuthentication(jwtSecret, sender) + configurableAuthentication = ConfigurableAuthentication(jwtSecret, sender, requireAuth) + ) app.Use("/css", filesystem.New(filesystem.Config{ Root: http.FS(cssFS), @@ -54,35 +57,34 @@ func routes(app *fiber.App, controllers Controllers, jwtSecret []byte, sender Se usersGroup := langGroup.Group("/users", alwaysRequireAuthentication) - usersGroup.Get("/", alwaysRequireAuthentication, RequireAdmin, controllers.Users.List) - usersGroup.Get("/new", alwaysRequireAuthentication, RequireAdmin, controllers.Users.New) - usersGroup.Post("/", alwaysRequireAuthentication, RequireAdmin, controllers.Users.Create) - usersGroup.Get("/:username", alwaysRequireAuthentication, controllers.Users.Edit) - usersGroup.Put("/:username", alwaysRequireAuthentication, controllers.Users.Update) - app.Delete("/users/:username", alwaysRequireAuthentication, RequireAdmin, controllers.Users.Delete) + usersGroup.Get("/", RequireAdmin, controllers.Users.List) + usersGroup.Get("/new", RequireAdmin, controllers.Users.New) + usersGroup.Post("/", RequireAdmin, controllers.Users.Create) + usersGroup.Get("/:username", controllers.Users.Edit) + usersGroup.Put("/:username", controllers.Users.Update) + usersGroup.Delete("/:username", RequireAdmin, controllers.Users.Delete) - langGroup.Get("/highlights", alwaysRequireAuthentication, controllers.Highlights.List) - app.Post("/highlights/:slug", alwaysRequireAuthentication, controllers.Highlights.Create) - app.Delete("/highlights/:slug", alwaysRequireAuthentication, controllers.Highlights.Delete) - - app.Delete("/documents/:slug", alwaysRequireAuthentication, RequireAdmin, controllers.Documents.Delete) + highlightsGroup := langGroup.Group("/highlights", alwaysRequireAuthentication) + highlightsGroup.Get("/", controllers.Highlights.List) + highlightsGroup.Post("/:slug", controllers.Highlights.Create) + highlightsGroup.Delete("/:slug", controllers.Highlights.Delete) + docsGroup := langGroup.Group("/documents") langGroup.Get("/upload", alwaysRequireAuthentication, RequireAdmin, controllers.Documents.UploadForm) - langGroup.Post("/documents", alwaysRequireAuthentication, RequireAdmin, controllers.Documents.Upload) + docsGroup.Post("/", alwaysRequireAuthentication, RequireAdmin, controllers.Documents.Upload) + docsGroup.Delete("/:slug", alwaysRequireAuthentication, RequireAdmin, controllers.Documents.Delete) // Authentication requirement is configurable for all routes below this middleware langGroup.Use(configurableAuthentication) app.Use(configurableAuthentication) - app.Get("/documents/:slug/cover", controllers.Documents.Cover) - langGroup.Get("/documents/:slug/read", controllers.Documents.Reader) - app.Get("/documents/:slug/download", controllers.Documents.Download) - - langGroup.Get("/documents/:slug", controllers.Documents.Detail) - - app.Post("/send", controllers.Documents.Send) + docsGroup.Get("/:slug/cover", controllers.Documents.Cover) + docsGroup.Get("/:slug/read", controllers.Documents.Reader) + docsGroup.Get("/:slug/download", controllers.Documents.Download) + docsGroup.Post("/:slug/send", controllers.Documents.Send) + docsGroup.Get("/:slug", controllers.Documents.Detail) + docsGroup.Get("/", controllers.Documents.Search) - langGroup.Get("/documents", controllers.Documents.Search) langGroup.Get("/", controllers.Documents.Search) app.Get("/", func(c *fiber.Ctx) error { diff --git a/internal/webserver/send_document_test.go b/internal/webserver/send_document_test.go index e222aae6..a1abd02a 100644 --- a/internal/webserver/send_document_test.go +++ b/internal/webserver/send_document_test.go @@ -22,7 +22,6 @@ func TestSendDocument(t *testing.T) { slug string expectedHTTPStatus int }{ - {"Send no document slug", "admin@example.com", "", http.StatusBadRequest}, {"Send no email address", "", "empty", http.StatusBadRequest}, {"Send non existing document slug", "admin@example.com", "wrong", http.StatusBadRequest}, {"Send document slug and email address", "admin@example.com", "john-doe-test-epub", http.StatusOK}, @@ -37,10 +36,9 @@ func TestSendDocument(t *testing.T) { data := url.Values{ "email": {tcase.email}, - "slug": {tcase.slug}, } - req, err := http.NewRequest(http.MethodPost, "/send", strings.NewReader(data.Encode())) + req, err := http.NewRequest(http.MethodPost, "/en/documents/"+tcase.slug+"/send", strings.NewReader(data.Encode())) req.Header.Add("Content-Type", "application/x-www-form-urlencoded") if err != nil { t.Fatalf("Unexpected error: %v", err.Error()) diff --git a/internal/webserver/user_management_test.go b/internal/webserver/user_management_test.go index d8144057..fb76539c 100644 --- a/internal/webserver/user_management_test.go +++ b/internal/webserver/user_management_test.go @@ -304,7 +304,7 @@ func TestUserManagement(t *testing.T) { t.Run("Try to delete a user without an active session", func(t *testing.T) { reset() - response, err := deleteRequest(url.Values{}, &http.Cookie{}, app, fmt.Sprintf("/users/%s", regularUser.Username), t) + response, err := deleteRequest(url.Values{}, &http.Cookie{}, app, fmt.Sprintf("/en/users/%s", regularUser.Username), t) if response == nil { t.Fatalf("Unexpected error: %v", err.Error()) } @@ -315,7 +315,7 @@ func TestUserManagement(t *testing.T) { t.Run("Try to delete a user with a regular user's session", func(t *testing.T) { reset() - response, err := deleteRequest(url.Values{}, regularUserCookie, app, fmt.Sprintf("/users/%s", regularUser.Username), t) + response, err := deleteRequest(url.Values{}, regularUserCookie, app, fmt.Sprintf("/en/users/%s", regularUser.Username), t) if response == nil { t.Fatalf("Unexpected error: %v", err.Error()) } @@ -326,7 +326,7 @@ func TestUserManagement(t *testing.T) { t.Run("Try to delete a user with an admin session", func(t *testing.T) { reset() - response, err := deleteRequest(url.Values{}, adminCookie, app, fmt.Sprintf("/users/%s", regularUser.Username), t) + response, err := deleteRequest(url.Values{}, adminCookie, app, fmt.Sprintf("/en/users/%s", regularUser.Username), t) if response == nil { t.Fatalf("Unexpected error: %v", err.Error()) } @@ -341,7 +341,7 @@ func TestUserManagement(t *testing.T) { t.Run("Try to delete the only existing admin user", func(t *testing.T) { reset() - response, err := deleteRequest(url.Values{}, adminCookie, app, fmt.Sprintf("/users/%s", adminUser.Username), t) + response, err := deleteRequest(url.Values{}, adminCookie, app, fmt.Sprintf("/en/users/%s", adminUser.Username), t) if response == nil { t.Fatalf("Unexpected error: %v", err.Error()) } @@ -352,7 +352,7 @@ func TestUserManagement(t *testing.T) { t.Run("Try to delete a non existing user with an admin session", func(t *testing.T) { reset() - response, err := deleteRequest(url.Values{}, adminCookie, app, "/users/wrong", t) + response, err := deleteRequest(url.Values{}, adminCookie, app, "/en/users/wrong", t) if response == nil { t.Fatalf("Unexpected error: %v", err.Error()) }