Add: insert review

pkg/api/api.go

@@ -92,6 +92,8 @@ func NewAPI(config Config) (*API, error) {
 	apiMux.HandleFunc("/delete_tag_on_file", api.HandleDeleteTagOnFile)
 	// folder
 	apiMux.HandleFunc("/update_foldername", api.HandleUpdateFoldername)
+	// review
+	apiMux.HandleFunc("/insert_review", api.HandleInsertReview)
 	// below needs token
 	apiMux.HandleFunc("/walk", api.HandleWalk)
 	apiMux.HandleFunc("/reset", api.HandleReset)

pkg/api/handle_error.go

@@ -11,6 +11,7 @@ var (
 	ErrNotLoggedIn = errors.New("not logged in")
 	ErrNotAdmin = errors.New("not admin")
 	ErrEmpty = errors.New("Empty field detected, please fill in all fields")
+	ErrAnonymous = errors.New("Anonymous user detected, please login")
 )
 
 type Error struct {

pkg/api/handle_review.go

@@ -0,0 +1,42 @@
+package api
+
+import (
+	"net/http"
+	"msw-open-music/pkg/database"
+	"encoding/json"
+	"time"
+)
+
+// review.FileId, review.Content
+func (api *API) HandleInsertReview(w http.ResponseWriter, r *http.Request) {
+	review := &database.Review{}
+
+	err := json.NewDecoder(r.Body).Decode(review)
+	if err != nil {
+		api.HandleError(w, r, err)
+		return
+	}
+
+	// check not anonymous
+	err = api.CheckNotAnonymous(w, r)
+	if err != nil {
+		api.HandleError(w, r, err)
+		return
+	}
+
+	review.UserId, err = api.GetUserID(w, r)
+	if err != nil {
+		api.HandleError(w, r, err)
+		return
+	}
+
+	review.CreatedAt = time.Now().Unix()
+
+	err = api.Db.InsertReview(review)
+	if err != nil {
+		api.HandleError(w, r, err)
+		return
+	}
+
+	api.HandleOK(w, r)
+}

pkg/api/handle_user.go

@@ -165,6 +165,25 @@ func (api *API) CheckAdmin(w http.ResponseWriter, r *http.Request) error {
 	return nil
 }
 
+func (api *API) CheckNotAnonymous(w http.ResponseWriter, r *http.Request) error {
+	session, _ := api.store.Get(r, api.defaultSessionName)
+	userId, ok := session.Values["userId"]
+	if !ok {
+		return ErrNotLoggedIn
+	}
+
+	user, err := api.Db.GetUserById(userId.(int64))
+	if err != nil {
+		return err
+	}
+
+	if user.Role == database.RoleAnonymous {
+		return ErrAnonymous
+	}
+
+	return nil
+}
+
 func (api *API) GetUserID(w http.ResponseWriter, r *http.Request) (int64, error) {
 	session, _ := api.store.Get(r, api.defaultSessionName)
 	userId, ok := session.Values["userId"]