api: log comment deleter and deletion date
Signed-off-by: Adhityaa Chandrasekar <adtac@adtac.in>
This commit is contained in:
Adhityaa Chandrasekar
@@ -7,18 +7,7 @@ import (
|
||||
|
||||
func emailModerateHandler(w http.ResponseWriter, r *http.Request) {
|
||||
unsubscribeSecretHex := r.FormValue("unsubscribeSecretHex")
|
||||
e, err := emailGetByUnsubscribeSecretHex(unsubscribeSecretHex)
|
||||
if err != nil {
|
||||
fmt.Fprintf(w, "error: %v", err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
action := r.FormValue("action")
|
||||
if action != "delete" && action != "approve" {
|
||||
fmt.Fprintf(w, "error: invalid action")
|
||||
return
|
||||
}
|
||||
|
||||
commentHex := r.FormValue("commentHex")
|
||||
if commentHex == "" {
|
||||
fmt.Fprintf(w, "error: invalid commentHex")
|
||||
@@ -26,23 +15,35 @@ func emailModerateHandler(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
statement := `
|
||||
SELECT domain
|
||||
SELECT domain, deleted
|
||||
FROM comments
|
||||
WHERE commentHex = $1;
|
||||
`
|
||||
row := db.QueryRow(statement, commentHex)
|
||||
|
||||
var domain string
|
||||
if err = row.Scan(&domain); err != nil {
|
||||
var deleted bool
|
||||
if err := row.Scan(&domain, &deleted); err != nil {
|
||||
// TODO: is this the only error?
|
||||
fmt.Fprintf(w, "error: no such comment found (perhaps it has been deleted?)")
|
||||
return
|
||||
}
|
||||
|
||||
if deleted {
|
||||
fmt.Fprintf(w, "error: that comment has already been deleted")
|
||||
return
|
||||
}
|
||||
|
||||
e, err := emailGetByUnsubscribeSecretHex(unsubscribeSecretHex)
|
||||
if err != nil {
|
||||
fmt.Fprintf(w, "error: %v", err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
isModerator, err := isDomainModerator(domain, e.Email)
|
||||
if err != nil {
|
||||
logger.Errorf("error checking if %s is a moderator: %v", e.Email, err)
|
||||
fmt.Fprintf(w, "error checking if %s is a moderator: %v", e.Email, err)
|
||||
fmt.Fprintf(w, "error: %v", errorInternal)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -51,10 +52,31 @@ func emailModerateHandler(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if action == "approve" {
|
||||
// Do not use commenterGetByEmail here because we don't know which provider
|
||||
// should be used. This was poor design on multiple fronts on my part, but
|
||||
// let's deal with that later. For now, it suffices to match the
|
||||
// deleter/approver with any account owned by the same email.
|
||||
statement = `
|
||||
SELECT commenterHex
|
||||
FROM commenters
|
||||
WHERE email = $1;
|
||||
`
|
||||
row = db.QueryRow(statement, e.Email)
|
||||
|
||||
var commenterHex string
|
||||
if err = row.Scan(&commenterHex); err != nil {
|
||||
logger.Errorf("cannot retrieve commenterHex by email %q: %v", e.Email, err)
|
||||
fmt.Fprintf(w, "error: %v", errorInternal)
|
||||
return
|
||||
}
|
||||
|
||||
switch action {
|
||||
case "approve":
|
||||
err = commentApprove(commentHex)
|
||||
} else {
|
||||
err = commentDelete(commentHex)
|
||||
case "delete":
|
||||
err = commentDelete(commentHex, commenterHex)
|
||||
default:
|
||||
err = errorInvalidAction
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
|
||||
Reference in New Issue
Block a user