diff --git a/db/files.go b/db/files.go index 2e6125c..c7df15f 100644 --- a/db/files.go +++ b/db/files.go @@ -12,15 +12,7 @@ import ( // AddFile is used to add the md5 of a file name which is uploaded to our application // this will enable us to randomize the URL without worrying about the file names func AddFile(fileName, token string) error { - SQL := database.prepare("insert into files values(?,?)") - tx := database.begin() - _, err = tx.Stmt(SQL).Exec(fileName, token) - if err != nil { - log.Println(err) - tx.Rollback() - } else { - log.Println(tx.Commit()) - } + err := taskQuery("insert into files values(?,?)", fileName, token) return err } @@ -45,9 +37,13 @@ func GetFileName(token string) (string, error) { //GetCategories will return the list of categories to be //rendered in the template -func GetCategories() []types.CategoryCount { - stmt := "select c.name, count(*) from category c left outer join task t where c.id = t.cat_id and t.is_deleted='N' and t.finish_date is null group by name union select name, 0 from category where name not in (select distinct name from task t join category c on t.cat_id = c.id and is_deleted!='Y'and t.finish_date is null)" - rows := database.query(stmt) +func GetCategories(username string) []types.CategoryCount { + userID, err := GetUserID(username) + if err != nil { + return nil + } + stmt := "select c.name, count(*) from category c left outer join task t join status s on c.id = t.cat_id and t.task_status_id=s.id where s.status!='DELETED' and c.user_id=? group by name union select name, 0 from category c, user u where c.user_id=? and name not in (select distinct name from task t join category c join status s on s.id = t.task_status_id and t.cat_id = c.id and s.status!='DELETED' and c.user_id=?)" + rows := database.query(stmt, userID, userID, userID) var categories []types.CategoryCount var category types.CategoryCount @@ -58,20 +54,25 @@ func GetCategories() []types.CategoryCount { } categories = append(categories, category) } + rows.Close() return categories } //AddCategory is used to add the task in the database -func AddCategory(category string) error { - err := taskQuery("insert into category(name) values(?)", category) +func AddCategory(username, category string) error { + userID, err := GetUserID(username) + if err != nil { + return nil + } + err = taskQuery("insert into category(name, user_id) values(?,?)", category, userID) return err } // GetCategoryByName will return the ID of that category passed as args // used while inserting tasks into the table -func GetCategoryByName(category string) int { - stmt := "select id from category where name=?" - rows := database.query(stmt, category) +func GetCategoryByName(username, category string) int { + stmt := "select id from category where name=? and user_id = (select id from user where username=?)" + rows := database.query(stmt, category, username) var categoryID int for rows.Next() { @@ -84,13 +85,17 @@ func GetCategoryByName(category string) int { } //DeleteCategoryByName will be used to delete a category from the category page -func DeleteCategoryByName(category string) error { +func DeleteCategoryByName(username, category string) error { //first we delete entries from task and then from category - categoryID := GetCategoryByName(category) - query := "update task set cat_id = null where id =?" - err := taskQuery(query, categoryID) + categoryID := GetCategoryByName(username, category) + userID, err := GetUserID(username) + if err != nil { + return err + } + query := "update task set cat_id = null where id =? and user_id = ?" + err = taskQuery(query, categoryID, userID) if err == nil { - err = taskQuery("delete from category where id=?", categoryID) + err = taskQuery("delete from category where id=? and user_id=?", categoryID, userID) if err != nil { return err } @@ -99,16 +104,24 @@ func DeleteCategoryByName(category string) error { } //UpdateCategoryByName will be used to delete a category from the category page -func UpdateCategoryByName(oldName, newName string) error { - query := "update category set name = ? where name=?" +func UpdateCategoryByName(username, oldName, newName string) error { + userID, err := GetUserID(username) + if err != nil { + return err + } + query := "update category set name = ? where name=? and user_id=?" log.Println(query) - err := taskQuery(query, newName, oldName) + err = taskQuery(query, newName, oldName, userID) return err } //DeleteCommentByID will actually delete the comment from db -func DeleteCommentByID(id int) error { - query := "delete from comments where id=?" - err := taskQuery(query, id) +func DeleteCommentByID(username string, id int) error { + userID, err := GetUserID(username) + if err != nil { + return err + } + query := "delete from comments where id=? and user_id = ?" + err = taskQuery(query, id, userID) return err } diff --git a/db/tasks.go b/db/tasks.go index 84ad44f..caadcbd 100644 --- a/db/tasks.go +++ b/db/tasks.go @@ -19,6 +19,7 @@ import ( ) var database Database +var taskStatus map[string]int var err error //Database encapsulates database @@ -26,6 +27,7 @@ type Database struct { db *sql.DB } +//Begins a transaction func (db Database) begin() (tx *sql.Tx) { tx, err := db.db.Begin() if err != nil { @@ -55,6 +57,7 @@ func (db Database) query(q string, args ...interface{}) (rows *sql.Rows) { func init() { database.db, err = sql.Open("sqlite3", "./tasks.db") + taskStatus = map[string]int{"COMPLETE": 1, "PENDING": 2, "DELETED": 3, "INCOMPLETE": 4} if err != nil { log.Fatal(err) } @@ -67,40 +70,45 @@ func Close() { //GetTasks retrieves all the tasks depending on the //status pending or trashed or completed -func GetTasks(status, category string) (types.Context, error) { +func GetTasks(username, status, category string) (types.Context, error) { + log.Println("getting tasks for ", status) var tasks []types.Task var task types.Task var TaskCreated time.Time var context types.Context - var getTasksql string + var getTaskSQL string var rows *sql.Rows - comments, err := GetComments() + comments, err := GetComments(username) if err != nil { return context, err } - basicSQL := "select t.id, title, content, created_date, priority, c.name from task t, category c where c.id = t.cat_id" - if status == "pending" && category == "" { - getTasksql = basicSQL + " and finish_date is null and is_deleted='N' order by priority desc, created_date asc" - } else if status == "deleted" { - getTasksql = basicSQL + " and is_deleted='Y' order by priority desc, created_date asc" - } else if status == "completed" { - getTasksql = basicSQL + " and finish_date is not null order by priority desc, created_date asc" - } + basicSQL := "select t.id, title, content, created_date, priority, c.name from task t, category c, status s, user u where u.username=? and s.id=t.task_status_id and c.id=t.cat_id and u.id=t.user_id" + if category == "" { + switch status { + case "pending": + getTaskSQL = basicSQL + " and s.status='INCOMPLETE'" + case "deleted": + getTaskSQL = basicSQL + " and s.status='DELETED' " + case "completed": + getTaskSQL = basicSQL + " and s.status='COMPLETE'" + } - if category != "" { + basicSQL += " order by priority desc, created_date asc" + rows = database.query(getTaskSQL, username) + } else { status = category - getTasksql = basicSQL + " and name = ? and t.is_deleted!='Y' and t.finish_date is null order by priority desc, created_date asc, finish_date asc" - rows, err = database.db.Query(getTasksql, category) + getTaskSQL = basicSQL + " and name = ? and s.status!='DELETED' order by priority desc, created_date asc, finish_date asc" + rows, err = database.db.Query(getTaskSQL, username, category) + log.Print(getTaskSQL) if err != nil { - log.Println("something went wrong while getting query") + log.Println("tasks.go: something went wrong while getting query fetch tasks by category") } - } else { - rows = database.query(getTasksql) } + defer rows.Close() for rows.Next() { task = types.Task{} @@ -134,13 +142,13 @@ func GetTasks(status, category string) (types.Context, error) { } //GetTaskByID function gets the tasks from the ID passed to the function, used to populate EditTask -func GetTaskByID(id int) (types.Context, error) { +func GetTaskByID(username string, id int) (types.Context, error) { var tasks []types.Task var task types.Task - getTasksql := "select t.id, t.title, t.content, t.priority, c.name from task t left outer join category c where c.id = t.cat_id and t.id=?" + getTaskSQL := "select t.id, t.title, t.content, t.priority, c.name from task t join user u left outer join category c where c.id = t.cat_id and t.id=? and u.username=?" - rows := database.query(getTasksql, id) + rows := database.query(getTaskSQL, id, username) defer rows.Close() if rows.Next() { err := rows.Scan(&task.Id, &task.Title, &task.Content, &task.Priority, &task.Category) @@ -155,60 +163,66 @@ func GetTaskByID(id int) (types.Context, error) { } //TrashTask is used to delete the task -func TrashTask(id int) error { - err := taskQuery("update task set is_deleted='Y',last_modified_at=datetime() where id=?", id) +func TrashTask(username string, id int) error { + err := taskQuery("update task set task_status_id=?,last_modified_at=datetime() where user_id=(select id from user where username=?) and id=?", taskStatus["DELETED"], username, id) return err } //CompleteTask is used to mark tasks as complete -func CompleteTask(id int) error { - err := taskQuery("update task set is_deleted='Y', finish_date=datetime(),last_modified_at=datetime() where id=?", id) +func CompleteTask(username string, id int) error { + err := taskQuery("update task set task_status_id=?, finish_date=datetime(),last_modified_at=datetime() where id=? and user_id=(select id from user where username=?) ", taskStatus["COMPLETE"], id, username) return err } //DeleteAll is used to empty the trash -func DeleteAll() error { - err := taskQuery("delete from task where is_deleted='Y'") +func DeleteAll(username string) error { + err := taskQuery("delete from task where task_status_id=? where user_id=(select id from user where username=?)", taskStatus["DELETED"], username) return err } //RestoreTask is used to restore tasks from the Trash -func RestoreTask(id int) error { - err := taskQuery("update task set is_deleted='N',last_modified_at=datetime() where id=?", id) +func RestoreTask(username string, id int) error { + err := taskQuery("update task set task_status_id=?,last_modified_at=datetime(),finish_date=null where id=? and user_id=(select id from user where username=?)", taskStatus["INCOMPLETE"], id, username) return err } //RestoreTaskFromComplete is used to restore tasks from the Trash -func RestoreTaskFromComplete(id int) error { - err := taskQuery("update task set finish_date=null,last_modified_at=datetime() where id=?", id) +func RestoreTaskFromComplete(username string, id int) error { + err := taskQuery("update task set finish_date=null,last_modified_at=datetime(), task_status_id=? where id=? and user_id=(select id from user where username=?)", taskStatus["INCOMPLETE"], id, username) return err } //DeleteTask is used to delete the task from the database -func DeleteTask(id int) error { - err := taskQuery("delete from task where id = ?", id) +func DeleteTask(username string, id int) error { + err := taskQuery("delete from task where id = ? and user_id=(select id from user where username=?)", id, username) return err } //AddTask is used to add the task in the database -func AddTask(title, content, category string, taskPriority int) error { +func AddTask(title, content, category string, taskPriority int, username string) error { + log.Println("AddTask: started function") var err error + userID, err := GetUserID(username) + if err != nil { + return err + } + if category == "" { - err = taskQuery("insert into task(title, content, priority, created_date, last_modified_at) values(?,?,?,datetime(), datetime())", title, content, taskPriority) + err = taskQuery("insert into task(title, content, priority, task_status_id, created_date, last_modified_at, user_id) values(?,?,?,?,datetime(), datetime(),?)", title, content, taskPriority, taskStatus["INCOMPLETE"], userID) } else { - categoryID := GetCategoryByName(category) - err = taskQuery("insert into task(title, content, priority, created_date, last_modified_at, cat_id) values(?,?,?,datetime(), datetime(), ?)", title, content, taskPriority, categoryID) + categoryID := GetCategoryByName(username, category) + err = taskQuery("insert into task(title, content, priority, created_date, last_modified_at, cat_id, task_status_id, user_id) values(?,?,?,datetime(), datetime(), ?,?,?)", title, content, taskPriority, categoryID, taskStatus["INCOMPLETE"], userID) } return err } -//GetCategoryIdByName will return the category ID for the category, used in the edit task +//GetCategoryIDByName will return the category ID for the category, used in the edit task //function where we need to be able to update the categoryID of the task -func GetCategoryIdByName(category string) int { +func GetCategoryIDByName(username string, category string) int { var categoryID int - getTasksql := "select id from category where name=?" + getTaskSQL := "select c.id from category c , user u where u.id = c.user_id and name=? and u.username=?" - rows := database.query(getTasksql, category) + rows := database.query(getTaskSQL, category, username) defer rows.Close() if rows.Next() { err := rows.Scan(&categoryID) @@ -222,9 +236,13 @@ func GetCategoryIdByName(category string) int { } //UpdateTask is used to update the tasks in the database -func UpdateTask(id int, title, content, category string, priority int) error { - categoryID := GetCategoryIdByName(category) - err := taskQuery("update task set title=?, content=?, cat_id=?, priority = ? where id=?", title, content, categoryID, priority, id) +func UpdateTask(id int, title, content, category string, priority int, username string) error { + categoryID := GetCategoryIDByName(username, category) + userID, err := GetUserID(username) + if err != nil { + return err + } + err = taskQuery("update task set title=?, content=?, cat_id=?, priority = ? where id=? and user_id=?", title, content, categoryID, priority, id, userID) return err } @@ -234,7 +252,7 @@ func taskQuery(sql string, args ...interface{}) error { tx := database.begin() _, err = tx.Stmt(SQL).Exec(args...) if err != nil { - log.Println(err) + log.Println("taskQuery: ", err) tx.Rollback() } else { tx.Commit() @@ -243,20 +261,25 @@ func taskQuery(sql string, args ...interface{}) error { } //SearchTask is used to return the search results depending on the query -func SearchTask(query string) types.Context { +func SearchTask(username, query string) (types.Context, error) { var tasks []types.Task var task types.Task var TaskCreated time.Time var context types.Context - comments, err := GetComments() + comments, err := GetComments(username) if err != nil { log.Println("SearchTask: something went wrong in finding comments") } - stmt := "select t.id, title, content, created_date, priority, c.name from task t, category c where c.id = t.cat_id and (title like '%" + query + "%' or content like '%" + query + "%') order by created_date desc" + userID, err := GetUserID(username) + if err != nil { + return context, err + } - rows := database.query(stmt, query, query) + stmt := "select t.id, title, content, created_date, priority, c.name from task t, category c where t.user_id=? and c.id = t.cat_id and (title like '%" + query + "%' or content like '%" + query + "%') order by created_date desc" + + rows := database.query(stmt, userID, query, query) for rows.Next() { err := rows.Scan(&task.Id, &task.Title, &task.Content, &TaskCreated, &task.Priority, &task.Category) @@ -284,21 +307,25 @@ func SearchTask(query string) types.Context { tasks = append(tasks, task) } context = types.Context{Tasks: tasks, Search: query, Navigation: "search"} - return context + return context, nil } //GetComments is used to get comments, all of them. //We do not want 100 different pages to show tasks, we want to use as few pages as possible //so we are going to populate everything on the damn home pages -func GetComments() (map[int][]types.Comment, error) { +func GetComments(username string) (map[int][]types.Comment, error) { commentMap := make(map[int][]types.Comment) var taskID int var comment types.Comment var created time.Time - stmt := "select id, taskID, content, created from comments;" - rows := database.query(stmt) + userID, err := GetUserID(username) + if err != nil { + return commentMap, err + } + stmt := "select c.id, c.taskID, c.content, c.created from comments c, task t where t.id=c.taskID and c.user_id=?;" + rows := database.query(stmt, userID) for rows.Next() { err := rows.Scan(&comment.ID, &taskID, &comment.Content, &created) @@ -310,13 +337,18 @@ func GetComments() (map[int][]types.Comment, error) { comment.Created = created.Format("Jan 2 2006 15:04:05") commentMap[taskID] = append(commentMap[taskID], comment) } + rows.Close() return commentMap, nil } //AddComments will be used to add comments in the database -func AddComments(id int, comment string) error { - stmt := "insert into comments(taskID, content, created) values (?,?,datetime())" - err := taskQuery(stmt, id, comment) +func AddComments(username string, id int, comment string) error { + userID, err := GetUserID(username) + if err != nil { + return err + } + stmt := "insert into comments(taskID, content, created, user_id) values (?,?,datetime(),?)" + err = taskQuery(stmt, id, comment, userID) if err != nil { return err diff --git a/db/user.go b/db/user.go new file mode 100644 index 0000000..2537962 --- /dev/null +++ b/db/user.go @@ -0,0 +1,48 @@ +package db + +import "log" + +//CreateUser will create a new user, take as input the parameters and +//insert it into database +func CreateUser(username, password, email string) error { + err := taskQuery("insert into user(username, password, email) values(?,?,?)", username, password, email) + return err +} + +//ValidUser will check if the user exists in db and if exists if the username password +//combination is valid +func ValidUser(username, password string) bool { + var passwordFromDB string + userSQL := "select password from user where username=?" + log.Print("validating user ", username) + rows := database.query(userSQL, username) + + if rows.Next() { + err := rows.Scan(&passwordFromDB) + if err != nil { + return false + } + } + //If the password matches, return true + if password == passwordFromDB { + return true + } + //by default return false + return false +} + +//GetUserID will get the user's ID from the database +func GetUserID(username string) (int, error) { + var userID int + userSQL := "select id from user where username=?" + rows := database.query(userSQL, username) + + if rows.Next() { + err := rows.Scan(&userID) + if err != nil { + return -1, err + } + } + rows.Close() + return userID, nil +} diff --git a/schema.sql b/schema.sql index 4f00680..efc4c45 100644 --- a/schema.sql +++ b/schema.sql @@ -1,15 +1,41 @@ CREATE TABLE task ( -id integer primary key autoincrement, -title varchar(100), -content text, -is_deleted char(1) default 'N', -created_date timestamp, -last_modified_at timestamp, -finish_date timestamp -, priority integer, cat_id references category(id)); - -CREATE TABLE files(name varchar(1000) not null, autoName varchar(255) not null); - -CREATE TABLE category( id integer primary key autoincrement ,name varchar(1000) not null); - -CREATE TABLE comments(id integer primary key autoincrement, content ntext, taskID references task(id), created datetime); + id integer primary key autoincrement, + title varchar(100), + content text, + task_status_id references status(id), + created_date timestamp, + due_date timestamp, + last_modified_at timestamp, + finish_date timestamp, + priority integer, + cat_id references category(id), + user_id references user(id) +); +CREATE TABLE status ( + id integer primary key autoincrement, + status varchar(50) not null +); +CREATE TABLE files( + name varchar(1000) not null, + autoName varchar(255) not null, + user_id references user(id), + created_date timestamp +); +CREATE TABLE category( + id integer primary key autoincrement, + name varchar(1000) not null, + user_id references user(id) +); +CREATE TABLE comments( + id integer primary key autoincrement, + content ntext, + taskID references task(id), + created datetime, + user_id references user(id) + ); +CREATE TABLE user ( + id integer primary key autoincrement, + username varchar(100), + password varchar(1000), + email varchar(100) +); \ No newline at end of file diff --git a/sessions/sessions.go b/sessions/sessions.go index 55c3960..4c3774a 100755 --- a/sessions/sessions.go +++ b/sessions/sessions.go @@ -8,12 +8,23 @@ import ( //Store the cookie store which is going to store session data in the cookie var Store = sessions.NewCookieStore([]byte("secret-password")) +var session *sessions.Session //IsLoggedIn will check if the user has an active session and return True func IsLoggedIn(r *http.Request) bool { session, err := Store.Get(r, "session") + if err == nil && (session.Values["loggedin"] == "true") { return true } return false } + +//GetCurrentUserName returns the username of the logged in user +func GetCurrentUserName(r *http.Request) string { + session, err := Store.Get(r, "session") + if err == nil { + return session.Values["username"].(string) + } + return "" +} diff --git a/views/addViews.go b/views/addViews.go index 4a38f96..1099822 100644 --- a/views/addViews.go +++ b/views/addViews.go @@ -16,6 +16,7 @@ import ( "time" "github.com/thewhitetulip/Tasks/db" + "github.com/thewhitetulip/Tasks/sessions" "github.com/thewhitetulip/Tasks/utils" ) @@ -50,7 +51,6 @@ func AddTaskFunc(w http.ResponseWriter, r *http.Request) { if priorityErr != nil { log.Print(priorityErr) message = "Bad task priority" - http.Redirect(w, r, "/", http.StatusInternalServerError) } priorityList := []int{1, 2, 3} found := false @@ -101,8 +101,8 @@ func AddTaskFunc(w http.ResponseWriter, r *http.Request) { log.Println("error adding task to db") } } - - taskTruth := db.AddTask(title, content, category, taskPriority) + username := sessions.GetCurrentUserName(r) + taskTruth := db.AddTask(title, content, category, taskPriority, username) if taskTruth != nil { message = "Error adding task" @@ -128,8 +128,8 @@ func AddCategoryFunc(w http.ResponseWriter, r *http.Request) { r.ParseForm() category := r.Form.Get("category") if strings.Trim(category, " ") != "" { - err := db.AddCategory(category) - if err != nil { + username := sessions.GetCurrentUserName(r) + if err := db.AddCategory(username, category); err != nil { message = "Error adding category" http.Redirect(w, r, "/", http.StatusBadRequest) } else { @@ -148,8 +148,9 @@ func EditTaskFunc(w http.ResponseWriter, r *http.Request) { http.Redirect(w, r, "/", http.StatusBadRequest) } else { redirectURL := utils.GetRedirectUrl(r.Referer()) - task, err := db.GetTaskByID(id) - categories := db.GetCategories() + username := sessions.GetCurrentUserName(r) + task, err := db.GetTaskByID(username, id) + categories := db.GetCategories(username) task.Categories = categories task.Referer = redirectURL @@ -174,7 +175,8 @@ func AddCommentFunc(w http.ResponseWriter, r *http.Request) { log.Println("unable to convert into integer") message = "Error adding comment" } else { - err = db.AddComments(idInt, text) + username := sessions.GetCurrentUserName(r) + err = db.AddComments(username, idInt, text) if err != nil { log.Println("unable to insert into db") diff --git a/views/deleteViews.go b/views/deleteViews.go index 31b8824..be2b108 100644 --- a/views/deleteViews.go +++ b/views/deleteViews.go @@ -10,6 +10,7 @@ import ( "strconv" "github.com/thewhitetulip/Tasks/db" + "github.com/thewhitetulip/Tasks/sessions" "github.com/thewhitetulip/Tasks/utils" ) @@ -25,7 +26,8 @@ func TrashTaskFunc(w http.ResponseWriter, r *http.Request) { message = "Incorrect command" http.Redirect(w, r, redirectURL, http.StatusFound) } else { - err = db.TrashTask(id) + username := sessions.GetCurrentUserName(r) + err = db.TrashTask(username, id) if err != nil { message = "Error trashing task" } else { @@ -44,7 +46,8 @@ func RestoreTaskFunc(w http.ResponseWriter, r *http.Request) { log.Println(err) http.Redirect(w, r, "/deleted", http.StatusBadRequest) } else { - err = db.RestoreTask(id) + username := sessions.GetCurrentUserName(r) + err = db.RestoreTask(username, id) if err != nil { message = "Restore failed" } else { @@ -57,10 +60,11 @@ func RestoreTaskFunc(w http.ResponseWriter, r *http.Request) { //DeleteTaskFunc is used to delete a task, trash = move to recycle bin, delete = permanent delete func DeleteTaskFunc(w http.ResponseWriter, r *http.Request) { + username := sessions.GetCurrentUserName(r) if r.Method == "GET" { id := r.URL.Path[len("/delete/"):] if id == "all" { - err := db.DeleteAll() + err := db.DeleteAll(username) if err != nil { message = "Error deleting tasks" http.Redirect(w, r, "/", http.StatusInternalServerError) @@ -72,7 +76,7 @@ func DeleteTaskFunc(w http.ResponseWriter, r *http.Request) { log.Println(err) http.Redirect(w, r, "/", http.StatusBadRequest) } else { - err = db.DeleteTask(id) + err = db.DeleteTask(username, id) if err != nil { message = "Error deleting task" } else { @@ -92,7 +96,8 @@ func RestoreFromCompleteFunc(w http.ResponseWriter, r *http.Request) { log.Println(err) http.Redirect(w, r, "/completed", http.StatusBadRequest) } else { - err = db.RestoreTaskFromComplete(id) + username := sessions.GetCurrentUserName(r) + err = db.RestoreTaskFromComplete(username, id) if err != nil { message = "Restore failed" } else { @@ -107,7 +112,8 @@ func RestoreFromCompleteFunc(w http.ResponseWriter, r *http.Request) { func DeleteCategoryFunc(w http.ResponseWriter, r *http.Request) { if r.Method == "GET" { categoryName := r.URL.Path[len("/del-category/"):] - err := db.DeleteCategoryByName(categoryName) + username := sessions.GetCurrentUserName(r) + err := db.DeleteCategoryByName(username, categoryName) if err != nil { message = "error deleting category" } else { @@ -127,8 +133,9 @@ func DeleteCommentFunc(w http.ResponseWriter, r *http.Request) { http.Redirect(w, r, "/", http.StatusBadRequest) return } + username := sessions.GetCurrentUserName(r) - err = db.DeleteCommentByID(commentID) + err = db.DeleteCommentByID(username, commentID) if err != nil { message = "comment not deleted" diff --git a/views/otherViews.go b/views/otherViews.go index 4e7391b..ce8a3ed 100644 --- a/views/otherViews.go +++ b/views/otherViews.go @@ -14,6 +14,7 @@ import ( "text/template" "github.com/thewhitetulip/Tasks/db" + "github.com/thewhitetulip/Tasks/sessions" "github.com/thewhitetulip/Tasks/utils" ) @@ -61,7 +62,8 @@ func CompleteTaskFunc(w http.ResponseWriter, r *http.Request) { if err != nil { log.Println(err) } else { - err = db.CompleteTask(id) + username := sessions.GetCurrentUserName(r) + err = db.CompleteTask(username, id) if err != nil { message = "Complete task failed" } else { @@ -78,9 +80,13 @@ func SearchTaskFunc(w http.ResponseWriter, r *http.Request) { r.ParseForm() query := r.Form.Get("query") - context := db.SearchTask(query) + username := sessions.GetCurrentUserName(r) + context, err := db.SearchTask(username, query) + if err != nil { + log.Println("error fetching search results") + } - categories := db.GetCategories() + categories := db.GetCategories(username) context.Categories = categories searchTemplate.Execute(w, context) @@ -102,7 +108,8 @@ func UpdateTaskFunc(w http.ResponseWriter, r *http.Request) { if err != nil { log.Println(err) } - err = db.UpdateTask(id, title, content, category, priority) + username := sessions.GetCurrentUserName(r) + err = db.UpdateTask(id, title, content, category, priority, username) if err != nil { message = "Error updating task" } else { @@ -120,8 +127,8 @@ func UpdateCategoryFunc(w http.ResponseWriter, r *http.Request) { r.ParseForm() oldName := r.URL.Path[len("/upd-category/"):] newName := r.Form.Get("catname") - - err := db.UpdateCategoryByName(oldName, newName) + username := sessions.GetCurrentUserName(r) + err := db.UpdateCategoryByName(username, oldName, newName) if err != nil { message = "error updating category" log.Println("not updated category " + oldName) diff --git a/views/views.go b/views/views.go index 2619e5f..151b32e 100644 --- a/views/views.go +++ b/views/views.go @@ -26,8 +26,9 @@ var err error //TODO add http404 error func ShowAllTasksFunc(w http.ResponseWriter, r *http.Request) { if r.Method == "GET" { - context, err := db.GetTasks("pending", "") - categories := db.GetCategories() + username := sessions.GetCurrentUserName(r) + context, err := db.GetTasks(username, "pending", "") + categories := db.GetCategories(username) if err != nil { http.Redirect(w, r, "/", http.StatusInternalServerError) } else { @@ -48,8 +49,9 @@ func ShowAllTasksFunc(w http.ResponseWriter, r *http.Request) { //ShowTrashTaskFunc is used to handle the "/trash" URL which is used to show the deleted tasks func ShowTrashTaskFunc(w http.ResponseWriter, r *http.Request) { if r.Method == "GET" { - context, err := db.GetTasks("deleted", "") - categories := db.GetCategories() + username := sessions.GetCurrentUserName(r) + categories := db.GetCategories(username) + context, err := db.GetTasks(username, "deleted", "") context.Categories = categories if err != nil { http.Redirect(w, r, "/trash", http.StatusInternalServerError) @@ -65,8 +67,9 @@ func ShowTrashTaskFunc(w http.ResponseWriter, r *http.Request) { //ShowCompleteTasksFunc is used to populate the "/completed/" URL func ShowCompleteTasksFunc(w http.ResponseWriter, r *http.Request) { if r.Method == "GET" { - context, err := db.GetTasks("completed", "") - categories := db.GetCategories() + username := sessions.GetCurrentUserName(r) + categories := db.GetCategories(username) + context, err := db.GetTasks(username, "completed", "") context.Categories = categories if err != nil { http.Redirect(w, r, "/completed", http.StatusInternalServerError) @@ -80,8 +83,9 @@ func ShowCompleteTasksFunc(w http.ResponseWriter, r *http.Request) { func ShowCategoryFunc(w http.ResponseWriter, r *http.Request) { if r.Method == "GET" && sessions.IsLoggedIn(r) { category := r.URL.Path[len("/category/"):] - context, err := db.GetTasks("", category) - categories := db.GetCategories() + username := sessions.GetCurrentUserName(r) + context, err := db.GetTasks(username, "", category) + categories := db.GetCategories(username) if err != nil { http.Redirect(w, r, "/", http.StatusInternalServerError)