From a65de17ab2b6afa3e1f817168c79757cfce38159 Mon Sep 17 00:00:00 2001 From: Colin Okay Date: Sun, 20 Feb 2022 15:24:41 -0600 Subject: renaming --- src/main.lisp | 51 ++++++++++++++++++++++++--------------------------- 1 file changed, 24 insertions(+), 27 deletions(-) (limited to 'src') diff --git a/src/main.lisp b/src/main.lisp index c32f202..d1b8faa 100644 --- a/src/main.lisp +++ b/src/main.lisp @@ -69,8 +69,6 @@ (with-plist (limit made) (contributor-invites contributor) (< made limit))) -(defparameter +auth-cookie-name+ "olauthtoken") - (defclass api-access (db:store-object) ((token :reader api-token @@ -116,9 +114,9 @@ :initarg :brief :initform (error "Oneliners need a brief title") :documentation "A short description of the oneliner.") - (description - :accessor oneliner-description - :initarg :description + (explanation + :accessor oneliner-explanation + :initarg :explanation :initform "") (created-by :reader created-by @@ -148,7 +146,7 @@ (defmethod json:%to-json ((instance oneliner)) (with-slots - (db::id oneliner tags brief description + (db::id oneliner tags brief explanation created-at edited-at last-edited-by created-by flagged-by audited-by lockedp) instance @@ -157,7 +155,7 @@ (json:write-key-value :oneliner oneliner) (json:write-key-value :tags tags) (json:write-key-value :brief brief) - (json:write-key-value :description description) + (json:write-key-value :explanation explanation) (json:write-key-value :createdAt created-at) (json:write-key-value :editedAt (if edited-at edited-at :null)) (json:write-key-value :createdBy (contributor-handle created-by)) @@ -317,9 +315,9 @@ (defun make-new-oneliner (contributor plist) (with-plist - (oneliner tags brief description runstyle) plist + (oneliner tags brief explanation runstyle) plist (unless brief - (http-err 400 "Oneliner requires a brief description")) + (http-err 400 "Oneliner requires a brief explanation")) (unless oneliner (http-err 400 "Oneliner cannot be blank")) (when runstyle @@ -329,7 +327,7 @@ (db:with-transaction () (make-instance 'oneliner :created-by contributor - :description (or description "") + :explanation (or explanation "") :tags tags :oneliner oneliner :brief brief @@ -357,7 +355,7 @@ (defun edit-oneliner (ol contributor plist) (when (or (not (lockedp ol)) (adminp contributor)) (with-plist - (oneliner tags brief description runstyle) plist + (oneliner tags brief explanation runstyle) plist (when runstyle (setf runstyle (a:make-keyword runstyle)) (unless (typep runstyle 'runstyle) @@ -369,8 +367,8 @@ (setf (oneliner-tags ol) tags)) (when brief (setf (oneliner-brief ol) brief)) - (when description - (setf (oneliner-description ol) description)) + (when explanation + (setf (oneliner-explanation ol) explanation)) (when runstyle (setf (oneliner-runstyle ol) runstyle)))))) @@ -458,9 +456,6 @@ (let ((token (a:if-let (access (access-by-contributor contributor)) (api-token access) (api-token (make-api-access contributor))))) - (lzb:set-response-cookie - +auth-cookie-name+ token - :path "/" :domain *server-domain*) (to-json (list :token token)))) (t (http-err 401)))) @@ -470,7 +465,7 @@ (or (eq requesting-contributor target-contributor) (adminp requesting-contributor))) -(defendpoint* :post "/revoke/:contributor a-user-handle:" () +(defendpoint* :post "/revoke/:contributor a-user-handle:" ((token an-api-token)) (:auth t) "A contributor can revoke their own access (if for some reason their API key ends up out of their control), or an admin can revoke @@ -486,12 +481,12 @@ have exceeded the invite limit." (or (adminp contributor) (can-invite-p contributor)))) -(defendpoint* :post "/make-invite" () +(defendpoint* :post "/make-invite" ((token an-api-token)) (:auth 'authorized-to-invite) "On success, return an object containing a new [invite token](#invite-token)." (to-json (make-new-invite (request-contributor)))) -(defendpoint* :post "/add-oneliner" () +(defendpoint* :post "/add-oneliner" ((token an-api-token)) (:auth t) "Make a new [oneliner](#oneliner)." (make-new-oneliner (request-contributor) (lzb:request-body)) @@ -503,26 +498,27 @@ admin privileges are allowed to perform this action." (a:when-let (contributor (request-contributor)) (adminp contributor))) -(defendpoint* :patch "/lock/:oneliner a-oneliner-id:" () +(defendpoint* :patch "/lock/:oneliner a-oneliner-id:" ((token an-api-token)) (:auth 'admin-only) "Locks a oneliner. Locked oneliners cannot be edited or flagged." (lock-oneliner oneliner (request-contributor)) "true") -(defendpoint* :patch "/unlock/:oneliner a-oneliner-id:" () +(defendpoint* :patch "/unlock/:oneliner a-oneliner-id:" ((token an-api-token)) (:auth 'admin-only) "Unlocks a oneliner." (unlock-oneliner oneliner (request-contributor)) "true") -(defendpoint* :patch "/edit/:oneliner a-oneliner-id:" () +(defendpoint* :patch "/edit/:oneliner a-oneliner-id:" ((token an-api-token)) (:auth t) "Edit the fields of a oneliner." (if (edit-oneliner oneliner (request-contributor) (lzb:request-body)) "true" (http-err 403))) ;; in case it is locked -(defendpoint* :patch "/flag/:oneliner a-oneliner-id:" () () +(defendpoint* :patch "/flag/:oneliner a-oneliner-id:" ((token an-api-token)) + () "Flag the oneliner for review. Open to anyone." (if (flag-oneliner oneliner (request-contributor)) "true" @@ -540,7 +536,6 @@ Result](#search-result) object." (list :oneliners (query-oneliners :tags tags :notflagged notflagged :limit limit))) - (http-err 400))) ;;; HELPERS @@ -560,12 +555,12 @@ Result](#search-result) object." (defun oneliner-mentions-any (ol keywords) "A case insensitive search for the presence of any of KEYWORDS in the oneliner OL." - (with-slots (text breif description) ol + (with-slots (text breif explanation) ol (loop for word in keywords thereis (search word text :test #'char-equal) thereis (search word breif :test #'char-equal) - thereis (search word description :test #'char-equal)))) + thereis (search word explanation :test #'char-equal)))) (defun to-json (thing) @@ -574,7 +569,9 @@ Result](#search-result) object." (jonathan:to-json thing))) (defun request-contributor () - (a:when-let (access (access-by-token (lzb:request-cookie +auth-cookie-name+))) + (a:when-let (access + (access-by-token + (lzb:request-parameter "TOKEN"))) (api-contributor access))) -- cgit v1.2.3