aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/main.lisp51
1 files changed, 24 insertions, 27 deletions
diff --git a/src/main.lisp b/src/main.lisp
index c32f202..d1b8faa 100644
--- a/src/main.lisp
+++ b/src/main.lisp
@@ -69,8 +69,6 @@
(with-plist (limit made) (contributor-invites contributor)
(< made limit)))
-(defparameter +auth-cookie-name+ "olauthtoken")
-
(defclass api-access (db:store-object)
((token
:reader api-token
@@ -116,9 +114,9 @@
:initarg :brief
:initform (error "Oneliners need a brief title")
:documentation "A short description of the oneliner.")
- (description
- :accessor oneliner-description
- :initarg :description
+ (explanation
+ :accessor oneliner-explanation
+ :initarg :explanation
:initform "")
(created-by
:reader created-by
@@ -148,7 +146,7 @@
(defmethod json:%to-json ((instance oneliner))
(with-slots
- (db::id oneliner tags brief description
+ (db::id oneliner tags brief explanation
created-at edited-at last-edited-by created-by
flagged-by audited-by lockedp)
instance
@@ -157,7 +155,7 @@
(json:write-key-value :oneliner oneliner)
(json:write-key-value :tags tags)
(json:write-key-value :brief brief)
- (json:write-key-value :description description)
+ (json:write-key-value :explanation explanation)
(json:write-key-value :createdAt created-at)
(json:write-key-value :editedAt (if edited-at edited-at :null))
(json:write-key-value :createdBy (contributor-handle created-by))
@@ -317,9 +315,9 @@
(defun make-new-oneliner (contributor plist)
(with-plist
- (oneliner tags brief description runstyle) plist
+ (oneliner tags brief explanation runstyle) plist
(unless brief
- (http-err 400 "Oneliner requires a brief description"))
+ (http-err 400 "Oneliner requires a brief explanation"))
(unless oneliner
(http-err 400 "Oneliner cannot be blank"))
(when runstyle
@@ -329,7 +327,7 @@
(db:with-transaction ()
(make-instance 'oneliner
:created-by contributor
- :description (or description "")
+ :explanation (or explanation "")
:tags tags
:oneliner oneliner
:brief brief
@@ -357,7 +355,7 @@
(defun edit-oneliner (ol contributor plist)
(when (or (not (lockedp ol)) (adminp contributor))
(with-plist
- (oneliner tags brief description runstyle) plist
+ (oneliner tags brief explanation runstyle) plist
(when runstyle
(setf runstyle (a:make-keyword runstyle))
(unless (typep runstyle 'runstyle)
@@ -369,8 +367,8 @@
(setf (oneliner-tags ol) tags))
(when brief
(setf (oneliner-brief ol) brief))
- (when description
- (setf (oneliner-description ol) description))
+ (when explanation
+ (setf (oneliner-explanation ol) explanation))
(when runstyle
(setf (oneliner-runstyle ol) runstyle))))))
@@ -458,9 +456,6 @@
(let ((token (a:if-let (access (access-by-contributor contributor))
(api-token access)
(api-token (make-api-access contributor)))))
- (lzb:set-response-cookie
- +auth-cookie-name+ token
- :path "/" :domain *server-domain*)
(to-json (list :token token))))
(t
(http-err 401))))
@@ -470,7 +465,7 @@
(or (eq requesting-contributor target-contributor)
(adminp requesting-contributor)))
-(defendpoint* :post "/revoke/:contributor a-user-handle:" ()
+(defendpoint* :post "/revoke/:contributor a-user-handle:" ((token an-api-token))
(:auth t)
"A contributor can revoke their own access (if for some reason their
API key ends up out of their control), or an admin can revoke
@@ -486,12 +481,12 @@ have exceeded the invite limit."
(or (adminp contributor)
(can-invite-p contributor))))
-(defendpoint* :post "/make-invite" ()
+(defendpoint* :post "/make-invite" ((token an-api-token))
(:auth 'authorized-to-invite)
"On success, return an object containing a new [invite token](#invite-token)."
(to-json (make-new-invite (request-contributor))))
-(defendpoint* :post "/add-oneliner" ()
+(defendpoint* :post "/add-oneliner" ((token an-api-token))
(:auth t)
"Make a new [oneliner](#oneliner)."
(make-new-oneliner (request-contributor) (lzb:request-body))
@@ -503,26 +498,27 @@ admin privileges are allowed to perform this action."
(a:when-let (contributor (request-contributor))
(adminp contributor)))
-(defendpoint* :patch "/lock/:oneliner a-oneliner-id:" ()
+(defendpoint* :patch "/lock/:oneliner a-oneliner-id:" ((token an-api-token))
(:auth 'admin-only)
"Locks a oneliner. Locked oneliners cannot be edited or flagged."
(lock-oneliner oneliner (request-contributor))
"true")
-(defendpoint* :patch "/unlock/:oneliner a-oneliner-id:" ()
+(defendpoint* :patch "/unlock/:oneliner a-oneliner-id:" ((token an-api-token))
(:auth 'admin-only)
"Unlocks a oneliner."
(unlock-oneliner oneliner (request-contributor))
"true")
-(defendpoint* :patch "/edit/:oneliner a-oneliner-id:" ()
+(defendpoint* :patch "/edit/:oneliner a-oneliner-id:" ((token an-api-token))
(:auth t)
"Edit the fields of a oneliner."
(if (edit-oneliner oneliner (request-contributor) (lzb:request-body))
"true"
(http-err 403))) ;; in case it is locked
-(defendpoint* :patch "/flag/:oneliner a-oneliner-id:" () ()
+(defendpoint* :patch "/flag/:oneliner a-oneliner-id:" ((token an-api-token))
+ ()
"Flag the oneliner for review. Open to anyone."
(if (flag-oneliner oneliner (request-contributor))
"true"
@@ -540,7 +536,6 @@ Result](#search-result) object."
(list :oneliners (query-oneliners :tags tags
:notflagged notflagged
:limit limit)))
-
(http-err 400)))
;;; HELPERS
@@ -560,12 +555,12 @@ Result](#search-result) object."
(defun oneliner-mentions-any (ol keywords)
"A case insensitive search for the presence of any of KEYWORDS in the oneliner OL."
- (with-slots (text breif description) ol
+ (with-slots (text breif explanation) ol
(loop
for word in keywords
thereis (search word text :test #'char-equal)
thereis (search word breif :test #'char-equal)
- thereis (search word description :test #'char-equal))))
+ thereis (search word explanation :test #'char-equal))))
(defun to-json (thing)
@@ -574,7 +569,9 @@ Result](#search-result) object."
(jonathan:to-json thing)))
(defun request-contributor ()
- (a:when-let (access (access-by-token (lzb:request-cookie +auth-cookie-name+)))
+ (a:when-let (access
+ (access-by-token
+ (lzb:request-parameter "TOKEN")))
(api-contributor access)))