Updated to handle multiple users

db/files.go

@@ -12,15 +12,7 @@ import (
 // AddFile is used to add the md5 of a file name which is uploaded to our application
 // this will enable us to randomize the URL without worrying about the file names
 func AddFile(fileName, token string) error {
-	SQL := database.prepare("insert into files values(?,?)")
-	tx := database.begin()
-	_, err = tx.Stmt(SQL).Exec(fileName, token)
-	if err != nil {
-		log.Println(err)
-		tx.Rollback()
-	} else {
-		log.Println(tx.Commit())
-	}
+	err := taskQuery("insert into files values(?,?)", fileName, token)
 	return err
 }
 
@@ -45,9 +37,13 @@ func GetFileName(token string) (string, error) {
 
 //GetCategories will return the list of categories to be
 //rendered in the template
-func GetCategories() []types.CategoryCount {
-	stmt := "select c.name, count(*) from  category c left outer join task t  where c.id = t.cat_id and t.is_deleted='N' and t.finish_date is null   group by name    union     select name, 0  from category where name not in (select distinct name from task t join category c on t.cat_id = c.id and is_deleted!='Y'and t.finish_date is null)"
-	rows := database.query(stmt)
+func GetCategories(username string) []types.CategoryCount {
+	userID, err := GetUserID(username)
+	if err != nil {
+		return nil
+	}
+	stmt := "select c.name, count(*) from   category c left outer join task t  join status s on  c.id = t.cat_id and t.task_status_id=s.id where s.status!='DELETED' and c.user_id=?   group by name    union     select name, 0  from category c, user u where c.user_id=? and name not in (select distinct name from task t join category c join status s on s.id = t.task_status_id and t.cat_id = c.id and s.status!='DELETED' and c.user_id=?)"
+	rows := database.query(stmt, userID, userID, userID)
 	var categories []types.CategoryCount
 	var category types.CategoryCount
 
@@ -58,20 +54,25 @@ func GetCategories() []types.CategoryCount {
 		}
 		categories = append(categories, category)
 	}
+	rows.Close()
 	return categories
 }
 
 //AddCategory is used to add the task in the database
-func AddCategory(category string) error {
-	err := taskQuery("insert into category(name) values(?)", category)
+func AddCategory(username, category string) error {
+	userID, err := GetUserID(username)
+	if err != nil {
+		return nil
+	}
+	err = taskQuery("insert into category(name, user_id) values(?,?)", category, userID)
 	return err
 }
 
 // GetCategoryByName will return the ID of that category passed as args
 // used while inserting tasks into the table
-func GetCategoryByName(category string) int {
-	stmt := "select id from category where name=?"
-	rows := database.query(stmt, category)
+func GetCategoryByName(username, category string) int {
+	stmt := "select id from category where name=? and user_id = (select id from user where username=?)"
+	rows := database.query(stmt, category, username)
 	var categoryID int
 
 	for rows.Next() {
@@ -84,13 +85,17 @@ func GetCategoryByName(category string) int {
 }
 
 //DeleteCategoryByName will be used to delete a category from the category page
-func DeleteCategoryByName(category string) error {
+func DeleteCategoryByName(username, category string) error {
 	//first we delete entries from task and then from category
-	categoryID := GetCategoryByName(category)
-	query := "update task set cat_id = null where id =?"
-	err := taskQuery(query, categoryID)
+	categoryID := GetCategoryByName(username, category)
+	userID, err := GetUserID(username)
+	if err != nil {
+		return err
+	}
+	query := "update task set cat_id = null where id =? and user_id = ?"
+	err = taskQuery(query, categoryID, userID)
 	if err == nil {
-		err = taskQuery("delete from category where id=?", categoryID)
+		err = taskQuery("delete from category where id=? and user_id=?", categoryID, userID)
 		if err != nil {
 			return err
 		}
@@ -99,16 +104,24 @@ func DeleteCategoryByName(category string) error {
 }
 
 //UpdateCategoryByName will be used to delete a category from the category page
-func UpdateCategoryByName(oldName, newName string) error {
-	query := "update category set name = ? where name=?"
+func UpdateCategoryByName(username, oldName, newName string) error {
+	userID, err := GetUserID(username)
+	if err != nil {
+		return err
+	}
+	query := "update category set name = ? where name=? and user_id=?"
 	log.Println(query)
-	err := taskQuery(query, newName, oldName)
+	err = taskQuery(query, newName, oldName, userID)
 	return err
 }
 
 //DeleteCommentByID will actually delete the comment from db
-func DeleteCommentByID(id int) error {
-	query := "delete from comments where id=?"
-	err := taskQuery(query, id)
+func DeleteCommentByID(username string, id int) error {
+	userID, err := GetUserID(username)
+	if err != nil {
+		return err
+	}
+	query := "delete from comments where id=? and user_id = ?"
+	err = taskQuery(query, id, userID)
 	return err
 }

db/tasks.go

@@ -19,6 +19,7 @@ import (
 )
 
 var database Database
+var taskStatus map[string]int
 var err error
 
 //Database encapsulates database
@@ -26,6 +27,7 @@ type Database struct {
 	db *sql.DB
 }
 
+//Begins a transaction
 func (db Database) begin() (tx *sql.Tx) {
 	tx, err := db.db.Begin()
 	if err != nil {
@@ -55,6 +57,7 @@ func (db Database) query(q string, args ...interface{}) (rows *sql.Rows) {
 
 func init() {
 	database.db, err = sql.Open("sqlite3", "./tasks.db")
+	taskStatus = map[string]int{"COMPLETE": 1, "PENDING": 2, "DELETED": 3, "INCOMPLETE": 4}
 	if err != nil {
 		log.Fatal(err)
 	}
@@ -67,40 +70,45 @@ func Close() {
 
 //GetTasks retrieves all the tasks depending on the
 //status pending or trashed or completed
-func GetTasks(status, category string) (types.Context, error) {
+func GetTasks(username, status, category string) (types.Context, error) {
+	log.Println("getting tasks for ", status)
 	var tasks []types.Task
 	var task types.Task
 	var TaskCreated time.Time
 	var context types.Context
-	var getTasksql string
+	var getTaskSQL string
 	var rows *sql.Rows
 
-	comments, err := GetComments()
+	comments, err := GetComments(username)
 
 	if err != nil {
 		return context, err
 	}
 
-	basicSQL := "select t.id, title, content, created_date, priority, c.name from task t, category c where c.id = t.cat_id"
-	if status == "pending" && category == "" {
-		getTasksql = basicSQL + " and finish_date is null and is_deleted='N' order by priority desc, created_date asc"
-	} else if status == "deleted" {
-		getTasksql = basicSQL + " and is_deleted='Y' order by priority desc, created_date asc"
-	} else if status == "completed" {
-		getTasksql = basicSQL + " and finish_date is not null order by priority desc, created_date asc"
-	}
+	basicSQL := "select t.id, title, content, created_date, priority, c.name from task t, category c, status s, user u where u.username=? and s.id=t.task_status_id and c.id=t.cat_id and u.id=t.user_id"
+	if category == "" {
+		switch status {
+		case "pending":
+			getTaskSQL = basicSQL + " and s.status='INCOMPLETE'"
+		case "deleted":
+			getTaskSQL = basicSQL + " and s.status='DELETED' "
+		case "completed":
+			getTaskSQL = basicSQL + " and s.status='COMPLETE'"
+		}
 
-	if category != "" {
+		basicSQL += " order by priority desc, created_date asc"
+		rows = database.query(getTaskSQL, username)
+	} else {
 		status = category
-		getTasksql = basicSQL + " and name = ?  and  t.is_deleted!='Y' and t.finish_date is null  order by priority desc, created_date asc, finish_date asc"
-		rows, err = database.db.Query(getTasksql, category)
+		getTaskSQL = basicSQL + " and name = ?  and  s.status!='DELETED'  order by priority desc, created_date asc, finish_date asc"
+		rows, err = database.db.Query(getTaskSQL, username, category)
+		log.Print(getTaskSQL)
 
 		if err != nil {
-			log.Println("something went wrong while getting query")
+			log.Println("tasks.go: something went wrong while getting query fetch tasks by category")
 		}
-	} else {
-		rows = database.query(getTasksql)
 	}
+
 	defer rows.Close()
 	for rows.Next() {
 		task = types.Task{}
@@ -134,13 +142,13 @@ func GetTasks(status, category string) (types.Context, error) {
 }
 
 //GetTaskByID function gets the tasks from the ID passed to the function, used to populate EditTask
-func GetTaskByID(id int) (types.Context, error) {
+func GetTaskByID(username string, id int) (types.Context, error) {
 	var tasks []types.Task
 	var task types.Task
 
-	getTasksql := "select t.id, t.title, t.content, t.priority, c.name from task t left outer join category c  where c.id = t.cat_id and t.id=?"
+	getTaskSQL := "select t.id, t.title, t.content, t.priority, c.name from task t join user u left outer join category c  where c.id = t.cat_id and t.id=? and u.username=?"
 
-	rows := database.query(getTasksql, id)
+	rows := database.query(getTaskSQL, id, username)
 	defer rows.Close()
 	if rows.Next() {
 		err := rows.Scan(&task.Id, &task.Title, &task.Content, &task.Priority, &task.Category)
@@ -155,60 +163,66 @@ func GetTaskByID(id int) (types.Context, error) {
 }
 
 //TrashTask is used to delete the task
-func TrashTask(id int) error {
-	err := taskQuery("update task set is_deleted='Y',last_modified_at=datetime() where id=?", id)
+func TrashTask(username string, id int) error {
+	err := taskQuery("update task set task_status_id=?,last_modified_at=datetime() where user_id=(select id from user where username=?) and id=?", taskStatus["DELETED"], username, id)
 	return err
 }
 
 //CompleteTask  is used to mark tasks as complete
-func CompleteTask(id int) error {
-	err := taskQuery("update task set is_deleted='Y', finish_date=datetime(),last_modified_at=datetime() where id=?", id)
+func CompleteTask(username string, id int) error {
+	err := taskQuery("update task set task_status_id=?, finish_date=datetime(),last_modified_at=datetime() where id=? and user_id=(select id from user where username=?) ", taskStatus["COMPLETE"], id, username)
 	return err
 }
 
 //DeleteAll is used to empty the trash
-func DeleteAll() error {
-	err := taskQuery("delete from task where is_deleted='Y'")
+func DeleteAll(username string) error {
+	err := taskQuery("delete from task where task_status_id=? where user_id=(select id from user where username=?)", taskStatus["DELETED"], username)
 	return err
 }
 
 //RestoreTask is used to restore tasks from the Trash
-func RestoreTask(id int) error {
-	err := taskQuery("update task set is_deleted='N',last_modified_at=datetime() where id=?", id)
+func RestoreTask(username string, id int) error {
+	err := taskQuery("update task set task_status_id=?,last_modified_at=datetime(),finish_date=null where id=? and user_id=(select id from user where username=?)", taskStatus["INCOMPLETE"], id, username)
 	return err
 }
 
 //RestoreTaskFromComplete is used to restore tasks from the Trash
-func RestoreTaskFromComplete(id int) error {
-	err := taskQuery("update task set finish_date=null,last_modified_at=datetime() where id=?", id)
+func RestoreTaskFromComplete(username string, id int) error {
+	err := taskQuery("update task set finish_date=null,last_modified_at=datetime(), task_status_id=? where id=? and user_id=(select id from user where username=?)", taskStatus["INCOMPLETE"], id, username)
 	return err
 }
 
 //DeleteTask is used to delete the task from the database
-func DeleteTask(id int) error {
-	err := taskQuery("delete from task where id = ?", id)
+func DeleteTask(username string, id int) error {
+	err := taskQuery("delete from task where id = ? and user_id=(select id from user where username=?)", id, username)
 	return err
 }
 
 //AddTask is used to add the task in the database
-func AddTask(title, content, category string, taskPriority int) error {
+func AddTask(title, content, category string, taskPriority int, username string) error {
+	log.Println("AddTask: started function")
 	var err error
+	userID, err := GetUserID(username)
+	if err != nil {
+		return err
+	}
+
 	if category == "" {
-		err = taskQuery("insert into task(title, content, priority, created_date, last_modified_at) values(?,?,?,datetime(), datetime())", title, content, taskPriority)
+		err = taskQuery("insert into task(title, content, priority, task_status_id, created_date, last_modified_at, user_id) values(?,?,?,?,datetime(), datetime(),?)", title, content, taskPriority, taskStatus["INCOMPLETE"], userID)
 	} else {
-		categoryID := GetCategoryByName(category)
-		err = taskQuery("insert into task(title, content, priority, created_date, last_modified_at, cat_id) values(?,?,?,datetime(), datetime(), ?)", title, content, taskPriority, categoryID)
+		categoryID := GetCategoryByName(username, category)
+		err = taskQuery("insert into task(title, content, priority, created_date, last_modified_at, cat_id, task_status_id, user_id) values(?,?,?,datetime(), datetime(), ?,?,?)", title, content, taskPriority, categoryID, taskStatus["INCOMPLETE"], userID)
 	}
 	return err
 }
 
-//GetCategoryIdByName will return the category ID for the category, used in the edit task
+//GetCategoryIDByName will return the category ID for the category, used in the edit task
 //function where we need to be able to update the categoryID of the task
-func GetCategoryIdByName(category string) int {
+func GetCategoryIDByName(username string, category string) int {
 	var categoryID int
-	getTasksql := "select id from category where name=?"
+	getTaskSQL := "select c.id from category c , user u where u.id = c.user_id and name=? and u.username=?"
 
-	rows := database.query(getTasksql, category)
+	rows := database.query(getTaskSQL, category, username)
 	defer rows.Close()
 	if rows.Next() {
 		err := rows.Scan(&categoryID)
@@ -222,9 +236,13 @@ func GetCategoryIdByName(category string) int {
 }
 
 //UpdateTask is used to update the tasks in the database
-func UpdateTask(id int, title, content, category string, priority int) error {
-	categoryID := GetCategoryIdByName(category)
-	err := taskQuery("update task set title=?, content=?, cat_id=?, priority = ? where id=?", title, content, categoryID, priority, id)
+func UpdateTask(id int, title, content, category string, priority int, username string) error {
+	categoryID := GetCategoryIDByName(username, category)
+	userID, err := GetUserID(username)
+	if err != nil {
+		return err
+	}
+	err = taskQuery("update task set title=?, content=?, cat_id=?, priority = ? where id=? and user_id=?", title, content, categoryID, priority, id, userID)
 	return err
 }
 
@@ -234,7 +252,7 @@ func taskQuery(sql string, args ...interface{}) error {
 	tx := database.begin()
 	_, err = tx.Stmt(SQL).Exec(args...)
 	if err != nil {
-		log.Println(err)
+		log.Println("taskQuery: ", err)
 		tx.Rollback()
 	} else {
 		tx.Commit()
@@ -243,20 +261,25 @@ func taskQuery(sql string, args ...interface{}) error {
 }
 
 //SearchTask is used to return the search results depending on the query
-func SearchTask(query string) types.Context {
+func SearchTask(username, query string) (types.Context, error) {
 	var tasks []types.Task
 	var task types.Task
 	var TaskCreated time.Time
 	var context types.Context
 
-	comments, err := GetComments()
+	comments, err := GetComments(username)
 	if err != nil {
 		log.Println("SearchTask: something went wrong in finding comments")
 	}
 
-	stmt := "select t.id, title, content, created_date, priority, c.name from task t, category c where c.id = t.cat_id and (title like '%" + query + "%' or content like '%" + query + "%') order by created_date desc"
+	userID, err := GetUserID(username)
+	if err != nil {
+		return context, err
+	}
 
-	rows := database.query(stmt, query, query)
+	stmt := "select t.id, title, content, created_date, priority, c.name from task t, category c where t.user_id=? and c.id = t.cat_id and (title like '%" + query + "%' or content like '%" + query + "%') order by created_date desc"
+
+	rows := database.query(stmt, userID, query, query)
 
 	for rows.Next() {
 		err := rows.Scan(&task.Id, &task.Title, &task.Content, &TaskCreated, &task.Priority, &task.Category)
@@ -284,21 +307,25 @@ func SearchTask(query string) types.Context {
 		tasks = append(tasks, task)
 	}
 	context = types.Context{Tasks: tasks, Search: query, Navigation: "search"}
-	return context
+	return context, nil
 }
 
 //GetComments is used to get comments, all of them.
 //We do not want 100 different pages to show tasks, we want to use as few pages as possible
 //so we are going to populate everything on the damn home pages
-func GetComments() (map[int][]types.Comment, error) {
+func GetComments(username string) (map[int][]types.Comment, error) {
 	commentMap := make(map[int][]types.Comment)
 
 	var taskID int
 	var comment types.Comment
 	var created time.Time
 
-	stmt := "select id, taskID, content, created from comments;"
-	rows := database.query(stmt)
+	userID, err := GetUserID(username)
+	if err != nil {
+		return commentMap, err
+	}
+	stmt := "select c.id, c.taskID, c.content, c.created from comments c, task t where t.id=c.taskID and c.user_id=?;"
+	rows := database.query(stmt, userID)
 
 	for rows.Next() {
 		err := rows.Scan(&comment.ID, &taskID, &comment.Content, &created)
@@ -310,13 +337,18 @@ func GetComments() (map[int][]types.Comment, error) {
 		comment.Created = created.Format("Jan 2 2006 15:04:05")
 		commentMap[taskID] = append(commentMap[taskID], comment)
 	}
+	rows.Close()
 	return commentMap, nil
 }
 
 //AddComments will be used to add comments in the database
-func AddComments(id int, comment string) error {
-	stmt := "insert into comments(taskID, content, created) values (?,?,datetime())"
-	err := taskQuery(stmt, id, comment)
+func AddComments(username string, id int, comment string) error {
+	userID, err := GetUserID(username)
+	if err != nil {
+		return err
+	}
+	stmt := "insert into comments(taskID, content, created, user_id) values (?,?,datetime(),?)"
+	err = taskQuery(stmt, id, comment, userID)
 
 	if err != nil {
 		return err

db/user.go

@@ -0,0 +1,48 @@
+package db
+
+import "log"
+
+//CreateUser will create a new user, take as input the parameters and
+//insert it into database
+func CreateUser(username, password, email string) error {
+	err := taskQuery("insert into user(username, password, email) values(?,?,?)", username, password, email)
+	return err
+}
+
+//ValidUser will check if the user exists in db and if exists if the username password
+//combination is valid
+func ValidUser(username, password string) bool {
+	var passwordFromDB string
+	userSQL := "select password from user where username=?"
+	log.Print("validating user ", username)
+	rows := database.query(userSQL, username)
+
+	if rows.Next() {
+		err := rows.Scan(&passwordFromDB)
+		if err != nil {
+			return false
+		}
+	}
+	//If the password matches, return true
+	if password == passwordFromDB {
+		return true
+	}
+	//by default return false
+	return false
+}
+
+//GetUserID will get the user's ID from the database
+func GetUserID(username string) (int, error) {
+	var userID int
+	userSQL := "select id from user where username=?"
+	rows := database.query(userSQL, username)
+
+	if rows.Next() {
+		err := rows.Scan(&userID)
+		if err != nil {
+			return -1, err
+		}
+	}
+	rows.Close()
+	return userID, nil
+}

schema.sql

@@ -1,15 +1,41 @@
 CREATE TABLE task (
-id integer primary key autoincrement,
-title varchar(100),
-content text,
-is_deleted char(1) default 'N',
-created_date timestamp,
-last_modified_at timestamp,
-finish_date timestamp
-, priority integer, cat_id references category(id));
-
-CREATE TABLE files(name varchar(1000) not null, autoName varchar(255) not null);
-
-CREATE TABLE category( id integer primary key autoincrement ,name varchar(1000) not null);
-
-CREATE TABLE comments(id integer primary key autoincrement, content ntext, taskID references task(id), created datetime);
+    id integer primary key autoincrement,
+    title varchar(100),
+    content text,
+    task_status_id references status(id),
+    created_date timestamp,
+    due_date timestamp,
+    last_modified_at timestamp,
+    finish_date timestamp,
+    priority integer,
+    cat_id references category(id),
+    user_id references user(id)
+);
+CREATE TABLE status (
+    id integer primary key autoincrement,
+    status varchar(50) not null
+);
+CREATE TABLE files(
+    name varchar(1000) not null,
+    autoName varchar(255) not null,
+    user_id references user(id),
+    created_date timestamp
+);
+CREATE TABLE category(
+    id integer primary key autoincrement,
+    name varchar(1000) not null,
+    user_id references user(id)
+);
+CREATE TABLE comments(
+    id integer primary key autoincrement,
+    content ntext,
+    taskID references task(id),
+    created datetime,
+    user_id references user(id)
+ );
+CREATE TABLE user (
+    id integer primary key autoincrement,
+    username varchar(100),
+    password varchar(1000),
+    email varchar(100)
+);

sessions/sessions.go

@@ -8,12 +8,23 @@ import (
 
 //Store the cookie store which is going to store session data in the cookie
 var Store = sessions.NewCookieStore([]byte("secret-password"))
+var session *sessions.Session
 
 //IsLoggedIn will check if the user has an active session and return True
 func IsLoggedIn(r *http.Request) bool {
 	session, err := Store.Get(r, "session")
+
 	if err == nil && (session.Values["loggedin"] == "true") {
 		return true
 	}
 	return false
 }
+
+//GetCurrentUserName returns the username of the logged in user
+func GetCurrentUserName(r *http.Request) string {
+	session, err := Store.Get(r, "session")
+	if err == nil {
+		return session.Values["username"].(string)
+	}
+	return ""
+}

views/addViews.go

@@ -16,6 +16,7 @@ import (
 	"time"
 
 	"github.com/thewhitetulip/Tasks/db"
+	"github.com/thewhitetulip/Tasks/sessions"
 	"github.com/thewhitetulip/Tasks/utils"
 )
 
@@ -50,7 +51,6 @@ func AddTaskFunc(w http.ResponseWriter, r *http.Request) {
 		if priorityErr != nil {
 			log.Print(priorityErr)
 			message = "Bad task priority"
-			http.Redirect(w, r, "/", http.StatusInternalServerError)
 		}
 		priorityList := []int{1, 2, 3}
 		found := false
@@ -101,8 +101,8 @@ func AddTaskFunc(w http.ResponseWriter, r *http.Request) {
 					log.Println("error adding task to db")
 				}
 			}
-
-			taskTruth := db.AddTask(title, content, category, taskPriority)
+			username := sessions.GetCurrentUserName(r)
+			taskTruth := db.AddTask(title, content, category, taskPriority, username)
 
 			if taskTruth != nil {
 				message = "Error adding task"
@@ -128,8 +128,8 @@ func AddCategoryFunc(w http.ResponseWriter, r *http.Request) {
 	r.ParseForm()
 	category := r.Form.Get("category")
 	if strings.Trim(category, " ") != "" {
-		err := db.AddCategory(category)
-		if err != nil {
+		username := sessions.GetCurrentUserName(r)
+		if err := db.AddCategory(username, category); err != nil {
 			message = "Error adding category"
 			http.Redirect(w, r, "/", http.StatusBadRequest)
 		} else {
@@ -148,8 +148,9 @@ func EditTaskFunc(w http.ResponseWriter, r *http.Request) {
 			http.Redirect(w, r, "/", http.StatusBadRequest)
 		} else {
 			redirectURL := utils.GetRedirectUrl(r.Referer())
-			task, err := db.GetTaskByID(id)
-			categories := db.GetCategories()
+			username := sessions.GetCurrentUserName(r)
+			task, err := db.GetTaskByID(username, id)
+			categories := db.GetCategories(username)
 			task.Categories = categories
 			task.Referer = redirectURL
 
@@ -174,7 +175,8 @@ func AddCommentFunc(w http.ResponseWriter, r *http.Request) {
 			log.Println("unable to convert into integer")
 			message = "Error adding comment"
 		} else {
-			err = db.AddComments(idInt, text)
+			username := sessions.GetCurrentUserName(r)
+			err = db.AddComments(username, idInt, text)
 
 			if err != nil {
 				log.Println("unable to insert into db")

views/deleteViews.go

@@ -10,6 +10,7 @@ import (
 	"strconv"
 
 	"github.com/thewhitetulip/Tasks/db"
+	"github.com/thewhitetulip/Tasks/sessions"
 	"github.com/thewhitetulip/Tasks/utils"
 )
 
@@ -25,7 +26,8 @@ func TrashTaskFunc(w http.ResponseWriter, r *http.Request) {
 			message = "Incorrect command"
 			http.Redirect(w, r, redirectURL, http.StatusFound)
 		} else {
-			err = db.TrashTask(id)
+			username := sessions.GetCurrentUserName(r)
+			err = db.TrashTask(username, id)
 			if err != nil {
 				message = "Error trashing task"
 			} else {
@@ -44,7 +46,8 @@ func RestoreTaskFunc(w http.ResponseWriter, r *http.Request) {
 			log.Println(err)
 			http.Redirect(w, r, "/deleted", http.StatusBadRequest)
 		} else {
-			err = db.RestoreTask(id)
+			username := sessions.GetCurrentUserName(r)
+			err = db.RestoreTask(username, id)
 			if err != nil {
 				message = "Restore failed"
 			} else {
@@ -57,10 +60,11 @@ func RestoreTaskFunc(w http.ResponseWriter, r *http.Request) {
 
 //DeleteTaskFunc is used to delete a task, trash = move to recycle bin, delete = permanent delete
 func DeleteTaskFunc(w http.ResponseWriter, r *http.Request) {
+	username := sessions.GetCurrentUserName(r)
 	if r.Method == "GET" {
 		id := r.URL.Path[len("/delete/"):]
 		if id == "all" {
-			err := db.DeleteAll()
+			err := db.DeleteAll(username)
 			if err != nil {
 				message = "Error deleting tasks"
 				http.Redirect(w, r, "/", http.StatusInternalServerError)
@@ -72,7 +76,7 @@ func DeleteTaskFunc(w http.ResponseWriter, r *http.Request) {
 				log.Println(err)
 				http.Redirect(w, r, "/", http.StatusBadRequest)
 			} else {
-				err = db.DeleteTask(id)
+				err = db.DeleteTask(username, id)
 				if err != nil {
 					message = "Error deleting task"
 				} else {
@@ -92,7 +96,8 @@ func RestoreFromCompleteFunc(w http.ResponseWriter, r *http.Request) {
 			log.Println(err)
 			http.Redirect(w, r, "/completed", http.StatusBadRequest)
 		} else {
-			err = db.RestoreTaskFromComplete(id)
+			username := sessions.GetCurrentUserName(r)
+			err = db.RestoreTaskFromComplete(username, id)
 			if err != nil {
 				message = "Restore failed"
 			} else {
@@ -107,7 +112,8 @@ func RestoreFromCompleteFunc(w http.ResponseWriter, r *http.Request) {
 func DeleteCategoryFunc(w http.ResponseWriter, r *http.Request) {
 	if r.Method == "GET" {
 		categoryName := r.URL.Path[len("/del-category/"):]
-		err := db.DeleteCategoryByName(categoryName)
+		username := sessions.GetCurrentUserName(r)
+		err := db.DeleteCategoryByName(username, categoryName)
 		if err != nil {
 			message = "error deleting category"
 		} else {
@@ -127,8 +133,9 @@ func DeleteCommentFunc(w http.ResponseWriter, r *http.Request) {
 			http.Redirect(w, r, "/", http.StatusBadRequest)
 			return
 		}
+		username := sessions.GetCurrentUserName(r)
 
-		err = db.DeleteCommentByID(commentID)
+		err = db.DeleteCommentByID(username, commentID)
 
 		if err != nil {
 			message = "comment not deleted"

views/otherViews.go

@@ -14,6 +14,7 @@ import (
 	"text/template"
 
 	"github.com/thewhitetulip/Tasks/db"
+	"github.com/thewhitetulip/Tasks/sessions"
 	"github.com/thewhitetulip/Tasks/utils"
 )
 
@@ -61,7 +62,8 @@ func CompleteTaskFunc(w http.ResponseWriter, r *http.Request) {
 		if err != nil {
 			log.Println(err)
 		} else {
-			err = db.CompleteTask(id)
+			username := sessions.GetCurrentUserName(r)
+			err = db.CompleteTask(username, id)
 			if err != nil {
 				message = "Complete task failed"
 			} else {
@@ -78,9 +80,13 @@ func SearchTaskFunc(w http.ResponseWriter, r *http.Request) {
 		r.ParseForm()
 		query := r.Form.Get("query")
 
-		context := db.SearchTask(query)
+		username := sessions.GetCurrentUserName(r)
+		context, err := db.SearchTask(username, query)
+		if err != nil {
+			log.Println("error fetching search results")
+		}
 
-		categories := db.GetCategories()
+		categories := db.GetCategories(username)
 		context.Categories = categories
 
 		searchTemplate.Execute(w, context)
@@ -102,7 +108,8 @@ func UpdateTaskFunc(w http.ResponseWriter, r *http.Request) {
 		if err != nil {
 			log.Println(err)
 		}
-		err = db.UpdateTask(id, title, content, category, priority)
+		username := sessions.GetCurrentUserName(r)
+		err = db.UpdateTask(id, title, content, category, priority, username)
 		if err != nil {
 			message = "Error updating task"
 		} else {
@@ -120,8 +127,8 @@ func UpdateCategoryFunc(w http.ResponseWriter, r *http.Request) {
 		r.ParseForm()
 		oldName := r.URL.Path[len("/upd-category/"):]
 		newName := r.Form.Get("catname")
-
-		err := db.UpdateCategoryByName(oldName, newName)
+		username := sessions.GetCurrentUserName(r)
+		err := db.UpdateCategoryByName(username, oldName, newName)
 		if err != nil {
 			message = "error updating category"
 			log.Println("not updated category " + oldName)

views/views.go

@@ -26,8 +26,9 @@ var err error
 //TODO add http404 error
 func ShowAllTasksFunc(w http.ResponseWriter, r *http.Request) {
 	if r.Method == "GET" {
-		context, err := db.GetTasks("pending", "")
-		categories := db.GetCategories()
+		username := sessions.GetCurrentUserName(r)
+		context, err := db.GetTasks(username, "pending", "")
+		categories := db.GetCategories(username)
 		if err != nil {
 			http.Redirect(w, r, "/", http.StatusInternalServerError)
 		} else {
@@ -48,8 +49,9 @@ func ShowAllTasksFunc(w http.ResponseWriter, r *http.Request) {
 //ShowTrashTaskFunc is used to handle the "/trash" URL which is used to show the deleted tasks
 func ShowTrashTaskFunc(w http.ResponseWriter, r *http.Request) {
 	if r.Method == "GET" {
-		context, err := db.GetTasks("deleted", "")
-		categories := db.GetCategories()
+		username := sessions.GetCurrentUserName(r)
+		categories := db.GetCategories(username)
+		context, err := db.GetTasks(username, "deleted", "")
 		context.Categories = categories
 		if err != nil {
 			http.Redirect(w, r, "/trash", http.StatusInternalServerError)
@@ -65,8 +67,9 @@ func ShowTrashTaskFunc(w http.ResponseWriter, r *http.Request) {
 //ShowCompleteTasksFunc is used to populate the "/completed/" URL
 func ShowCompleteTasksFunc(w http.ResponseWriter, r *http.Request) {
 	if r.Method == "GET" {
-		context, err := db.GetTasks("completed", "")
-		categories := db.GetCategories()
+		username := sessions.GetCurrentUserName(r)
+		categories := db.GetCategories(username)
+		context, err := db.GetTasks(username, "completed", "")
 		context.Categories = categories
 		if err != nil {
 			http.Redirect(w, r, "/completed", http.StatusInternalServerError)
@@ -80,8 +83,9 @@ func ShowCompleteTasksFunc(w http.ResponseWriter, r *http.Request) {
 func ShowCategoryFunc(w http.ResponseWriter, r *http.Request) {
 	if r.Method == "GET" && sessions.IsLoggedIn(r) {
 		category := r.URL.Path[len("/category/"):]
-		context, err := db.GetTasks("", category)
-		categories := db.GetCategories()
+		username := sessions.GetCurrentUserName(r)
+		context, err := db.GetTasks(username, "", category)
+		categories := db.GetCategories(username)
 
 		if err != nil {
 			http.Redirect(w, r, "/", http.StatusInternalServerError)