Verifiziere Mailadresse vor dem Löschen von Sprechstunden

This commit is contained in:
Gonne 2022-10-30 18:07:40 +01:00
parent 8654263798
commit b594c7bf75
5 changed files with 63 additions and 15 deletions

View file

@ -2,26 +2,55 @@
package controllers package controllers
import ( import (
"database/sql"
"errors"
"net/http" "net/http"
//"officeHours/models" "officeHours/models"
"officeHours/templating" "officeHours/templating"
"strconv" "strconv"
) )
func (b *BaseHandler) DeleteOfficeHourHandler(w http.ResponseWriter, req *http.Request) { func (b *BaseHandler) DeleteOfficeHourHandler(w http.ResponseWriter, req *http.Request) {
// TODO: error handling here is by no means sufficient, furthermore
// 400 BadRequest is for technically wrong stuff (most promimently GET instead of POST)
if req.FormValue("id") != "" { if req.FormValue("id") != "" {
_, err := strconv.Atoi(req.FormValue("id")) id, err := strconv.Atoi(req.FormValue("id"))
if err != nil { if err != nil {
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
templating.ServeTemplate(w, "deleteFailure", struct{ Error string }{"Id konnte nicht gelesen werden."})
return
} }
//officeHour, err := b.officeHourRepo.FindById(id) officeHour, err := b.officeHourRepo.FindById(id)
if err != nil { if err != nil {
w.WriteHeader(http.StatusBadRequest) if errors.Is(err, sql.ErrNoRows) {
w.WriteHeader(http.StatusNotFound)
templating.ServeTemplate(w, "deleteFailure", struct{ Error string }{"Sprechstunde wurde nicht gefunden."})
} else {
w.WriteHeader(http.StatusInternalServerError)
templating.ServeTemplate(w, "deleteFailure", struct{ Error error }{err})
} }
//_, err = b.requestRepo.Add(officeHour, models.RequestDelete) return
templating.ServeTemplate(w, "deleteDisabled", nil) }
if req.FormValue("email") == "" {
templating.ServeTemplate(w, "deleteMailForm", struct {
Error string
OfficeHour models.OfficeHour
}{"", officeHour})
return
}
if req.FormValue("email") != officeHour.Tutor.Email {
w.WriteHeader(http.StatusUnauthorized)
templating.ServeTemplate(w, "deleteMailForm", struct {
Error string
OfficeHour models.OfficeHour
}{"Die Sprechstunde wurde nicht mit dieser Mailadresse angegeben.", officeHour})
return
}
_, err = b.requestRepo.Add(officeHour, models.RequestDelete)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
templating.ServeTemplate(w, "deleteFailure", struct{ Error error }{err})
return
}
templating.ServeTemplate(w, "deleteSuccess", nil)
} else { } else {
officeHours, _ := b.officeHourRepo.GetAll(true) officeHours, _ := b.officeHourRepo.GetAll(true)
timetable, slots := b.GetTimetable(officeHours) timetable, slots := b.GetTimetable(officeHours)

View file

@ -43,8 +43,9 @@ func InitTemplates() error {
"addFailure": {"addFailure.html", false}, "addFailure": {"addFailure.html", false},
"addMask": {"addMask.html", false}, "addMask": {"addMask.html", false},
"addSuccess": {"addSuccess.html", false}, "addSuccess": {"addSuccess.html", false},
"deleteFailure": {"deleteFailure.html", false},
"deleteMailForm": {"deleteMailForm.html", false},
"deleteSuccess": {"deleteSuccess.html", false}, "deleteSuccess": {"deleteSuccess.html", false},
"deleteDisabled": {"deleteDisabled.html", false},
"executeFailure": {"executeFailure.html", false}, "executeFailure": {"executeFailure.html", false},
"executeSuccess": {"executeSuccess.html", false}, "executeSuccess": {"executeSuccess.html", false},
"index": {"index.html", false}, "index": {"index.html", false},

View file

@ -1,6 +0,0 @@
{{define "title"}}Sprechstunde löschen{{end}}
{{define "content"}}
Sprechstunden zu löschen wurde wegen zu viel Spam deaktiviert. <br>
Falls du deine Sprechstunde löschen möchtest, melde dich bitte unter <a href="mailto:sprechstundentool@mathebau.de">sprechstundentool@mathebau.de</a>.
{{end}}

View file

@ -0,0 +1,5 @@
{{define "title"}}Sprechstunde löschen{{end}}
{{define "content"}}
Das Löschen der Sprechstunde ist fehlgeschlagen: {{.Error}}
{{end}}

View file

@ -0,0 +1,19 @@
{{define "title"}}Sprechstunde löschen{{end}}
{{define "content"}}
{{.Error}}
Willst du die Sprechstunde<br>
{{printf "%02d" .OfficeHour.Date.Hour}}:{{printf "%02d" .OfficeHour.Date.Minute}} - {{printf "%02d" .OfficeHour.EndDate.Hour}}:{{printf "%02d" .OfficeHour.EndDate.Minute}}<br>
{{if eq .OfficeHour.Date.Week 1}}in ungeraden Vorlesungswochen<br>{{end}}{{if eq .OfficeHour.Date.Week 2}}in geraden Vorlesungswochen<br>{{end}}
{{.OfficeHour.Course.Name}}<br>
{{.OfficeHour.Tutor.Name}}<br>
{{.OfficeHour.Room.Name}}<br>
wirklich löschen? Bitte bestätige dies durch Angabe der Mailadresse, mit der die Sprechstunde angelegt wurde: <br>
<form method="POST" action="deleteOfficeHour">
<input type="hidden" name="id" value="{{.OfficeHour.Id}}">
<label for="email">Email-Adresse</label>:
<input name="email" id="email" type="email" size="50" required><br>
<input type="submit">
</form>
{{end}}