new map and settings routes, add tokens for DBs

8 years ago · 4b576813a0
--- a/compass/app/Http/Controllers/Controller.php
+++ b/compass/app/Http/Controllers/Controller.php
@ -8,16 +8,21 @@ use DB;

 class Controller extends BaseController
 {
  private static function displayURL() {
    return preg_replace('/(^https?:\/\/|\/$)/', '', session('me'));
  }

  public function index(Request $request) {
    if(session('user_id')) {

      $databases = DB::select('SELECT d.*
        FROM `databases` d
        JOIN database_users u ON d.id = u.database_id
        WHERE u.user_id = ?', [session('user_id')]);
        WHERE u.user_id = ?
        ORDER BY name', [session('user_id')]);

      return view('dashboard', [
        'displayURL' => preg_replace('/(^https?:\/\/|\/$)/', '', session('me')),
        'displayURL' => self::displayURL(),
        'databases' => $databases
      ]);
    } else {
@ -26,43 +31,80 @@ class Controller extends BaseController
  }

  public function createDatabase(Request $request) {
    if(session('user_id')) {
    if(!session('user_id'))
      return redirect('/');

    if($request->input('name') == '') {
      $request->session()->flash('create-error', 'Enter a name.');
      return redirect('/');
    }

    // Only alphanumeric chars are allowed
    if(preg_replace('/[^a-zA-Z0-9]/', '', $request->input('name')) != $request->input('name')) {
      $request->session()->flash('create-error', 'Only alphanumeric characters are allowed.');
      $request->session()->flash('database-name', preg_replace('/[^a-zA-Z0-9]/','',$request->input('name')));
      return redirect('/');
    }

      if($request->input('name') == '') {
        return redirect('/');
      }

      // Only alphanumeric chars are allowed
      if(preg_replace('/[^a-zA-Z0-9]/', '', $request->input('name')) != $request->input('name')) {
        $request->session()->flash('error', 'Only alphanumeric characters are allowed.');
        $request->session()->flash('database-name', preg_replace('/[^a-zA-Z0-9]/','',$request->input('name')));
        return redirect('/');
      }

      // Check for conflicts
      $db = DB::select('SELECT * FROM `databases` WHERE name = ?', [$request->input('name')]);
      if(count($db) == 0) {

        // Create the database records
        $id = DB::table('databases')->insertGetId([
          'name' => $request->input('name'),
          'created_by' => session('user_id'),
          'created_at' => date('Y-m-d H:i:s')
        ]);
        DB::table('database_users')->insert([
          'database_id' => $id,
          'user_id' => session('user_id'),
          'created_at' => date('Y-m-d H:i:s')
        ]);

      } else {
        $request->session()->flash('error', 'That database name is already in use.');
        $request->session()->flash('database-name', $request->input('name'));
        return redirect('/');
      }
    // Check for conflicts
    $db = DB::select('SELECT * FROM `databases` WHERE name = ?', [$request->input('name')]);
    if(count($db) == 0) {

      // Create the database records
      $id = DB::table('databases')->insertGetId([
        'name' => $request->input('name'),
        'read_token' => str_random(40),
        'write_token' => str_random(40),
        'created_by' => session('user_id'),
        'created_at' => date('Y-m-d H:i:s')
      ]);
      DB::table('database_users')->insert([
        'database_id' => $id,
        'user_id' => session('user_id'),
        'created_at' => date('Y-m-d H:i:s')
      ]);
      return redirect('/');

    } else {
      $request->session()->flash('create-error', 'That database name is already in use.');
      $request->session()->flash('database-name', $request->input('name'));
      return redirect('/');
    }
  }

  public function map(Request $request, $name) {
    if(!session('user_id'))
      return redirect('/');

    // Verify this user has access to the database
    $check = DB::select('SELECT * 
      FROM `databases` d
      JOIN database_users u ON d.id = u.database_id
      WHERE u.user_id = ? AND d.name = ?', [session('user_id'), $name]);
    if(count($check) == 0) {
      return redirect('/');
    }



  }

  public function settings(Request $request, $name) {
    if(!session('user_id'))
      return redirect('/');

    // Only the person that created the database can modify it
    $db = DB::select('SELECT * 
      FROM `databases`
      WHERE created_by = ? AND name = ?', [session('user_id'), $name]);
    if(count($db) == 0) {
      return redirect('/');
    }

    return view('settings', [
      'displayURL' => self::displayURL(),
      'database' => $db[0]
    ]);
  }

 }
--- a/compass/app/Http/routes.php
+++ b/compass/app/Http/routes.php
@ -18,4 +18,6 @@ $app->get('/auth/callback', 'IndieAuth@callback');
 $app->get('/auth/github', 'IndieAuth@github');
 $app->get('/auth/logout', 'IndieAuth@logout');

 $app->get('/map/{name:[A-Za-z0-9]+}', 'Controller@map');
 $app->get('/settings/{name:[A-Za-z0-9]+}', 'Controller@settings');
 $app->post('/database/create', 'Controller@createDatabase');
--- a/compass/resources/views/dashboard.blade.php
+++ b/compass/resources/views/dashboard.blade.php
@ -2,12 +2,7 @@

@section('content')

 <div class="corner-logo"><img src="/assets/compass.svg" height="40"/></div>

 <div class="logged-in">
  <span>{{ $displayURL }}</span>
  <span><a href="/auth/logout">sign out</a></span>
 </div>
@include('partials/logged-in')

 <div class="dashboard">

@ -17,11 +12,11 @@
    <li class="db"><a href="/map/{{ $database->name }}">{{ $database->name }}</a></li>
    @endforeach
    <li>
      <a href="javascript:$('.databases .create').removeClass('hidden');$('.create-link').addClass('hidden');" class="pure-button create-link {{ session('error') ? 'hidden' : '' }}">create database</a>
      @if(session('error'))
        <div class="error">{{ session('error') }}</div>
      <a href="javascript:$('.databases .create').removeClass('hidden');$('.create-link').addClass('hidden');" class="pure-button create-link {{ session('create-error') ? 'hidden' : '' }}">create database</a>
      @if(session('create-error'))
        <div class="error">{{ session('create-error') }}</div>
      @endif
      <span class="create {{ session('error') ? '' : 'hidden' }}">
      <span class="create {{ session('create-error') ? '' : 'hidden' }}">
        <form action="/database/create" method="post" class="pure-form">
          <input type="text" name="name" value="{{ session('database-name') }}">
          <button type="submit" class="pure-button pure-button-primary">Create</button>
--- a/compass/resources/views/partials/logged-in.blade.php
+++ b/compass/resources/views/partials/logged-in.blade.php
@ -0,0 +1,6 @@
 <div class="corner-logo"><img src="/assets/compass.svg" height="40"/></div>

 <div class="logged-in">
  <span>{{ $displayURL }}</span>
  <span><a href="/auth/logout">sign out</a></span>
 </div>
--- a/compass/resources/views/settings.blade.php
+++ b/compass/resources/views/settings.blade.php
@ -0,0 +1,12 @@
@extends('layouts.master')

@section('content')

@include('partials/logged-in')

 <div class="dashboard">


 </div>

@endsection