CHANGE: added protection to create booking route
This commit is contained in:
@@ -62,7 +62,7 @@ func getBookings(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
// TODO add config for timeoffset
|
||||
// TODO add config for timeoffset
|
||||
tsFrom, err := parseTimestamp(r, "time_from", time.Now().AddDate(0, -1, 0).Format("2006-01-02"))
|
||||
if(err != nil ){
|
||||
log.Println("Error parsing 'from' time", err)
|
||||
@@ -85,8 +85,6 @@ func getBookings(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
ctx := context.WithValue(r.Context(), "user", user)
|
||||
templates.TimeDashboard(bookings).Render(ctx, w)
|
||||
// w.Header().Set("Content-Type", "application/json")
|
||||
// json.NewEncoder(w).Encode(bookings)
|
||||
}
|
||||
|
||||
func updateBooking(w http.ResponseWriter, r *http.Request){
|
||||
@@ -115,6 +113,47 @@ func updateBooking(w http.ResponseWriter, r *http.Request){
|
||||
getBookings(w, r)
|
||||
}
|
||||
|
||||
func getBookingsAPI(w http.ResponseWriter, r *http.Request){
|
||||
_user_pn := r.URL.Query().Get("personal_nummer")
|
||||
user_pn, err := strconv.Atoi(_user_pn)
|
||||
if(err != nil){
|
||||
log.Println("No personal numver found!")
|
||||
http.Error(w, "No personal number found", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
user, err := (*models.User).GetByPersonalNummer(nil, user_pn)
|
||||
if(err != nil){
|
||||
log.Println("No user found with the given personal number!")
|
||||
http.Error(w, "No user found", http.StatusNotFound)
|
||||
return
|
||||
}
|
||||
|
||||
// TODO add config for timeoffset
|
||||
tsFrom, err := parseTimestamp(r, "time_from", time.Now().AddDate(0, -1, 0).Format("2006-01-02"))
|
||||
if(err != nil ){
|
||||
log.Println("Error parsing 'from' time", err)
|
||||
http.Error(w, "Timestamp 'from' cannot be parsed!", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
tsTo, err := parseTimestamp(r, "time_to", time.Now().Format("2006-01-02"))
|
||||
if(err != nil ){
|
||||
log.Println("Error parsing 'to' time", err)
|
||||
http.Error(w, "Timestamp 'to' cannot be parsed!", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
tsTo = tsTo.AddDate(0,0,1) // so that today is inside
|
||||
|
||||
bookings, err := (*models.Booking).GetBookingsGrouped(nil, user.CardUID, tsFrom, tsTo)
|
||||
if err != nil {
|
||||
log.Println("Error getting bookings: ", err)
|
||||
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
json.NewEncoder(w).Encode(bookings)
|
||||
}
|
||||
|
||||
// Updates a booking form the given json body
|
||||
func updateBookingAPI(w http.ResponseWriter, r *http.Request) {
|
||||
_booking_id := r.URL.Query().Get("counter_id")
|
||||
|
||||
Reference in New Issue
Block a user