diff options
| author | Freya Murphy <freya@freyacat.org> | 2024-03-30 16:36:54 -0400 |
|---|---|---|
| committer | Freya Murphy <freya@freyacat.org> | 2024-03-30 16:36:54 -0400 |
| commit | 1f647374a8cdf3bc5c2d29ff8be277b027925c8c (patch) | |
| tree | 9fdf42d250edb941de13ecd1aab9185ba2b30b00 /db/rest/post | |
| parent | rename views to _views (diff) | |
| download | xssbook2-1f647374a8cdf3bc5c2d29ff8be277b027925c8c.tar.gz xssbook2-1f647374a8cdf3bc5c2d29ff8be277b027925c8c.tar.bz2 xssbook2-1f647374a8cdf3bc5c2d29ff8be277b027925c8c.zip | |
post comments, refactor post loading, hide load more btn
Diffstat (limited to 'db/rest/post')
| -rw-r--r-- | db/rest/post/api_post.sql | 15 | ||||
| -rw-r--r-- | db/rest/post/api_post_insert.sql | 2 | ||||
| -rw-r--r-- | db/rest/post/api_post_update.sql | 36 |
3 files changed, 49 insertions, 4 deletions
diff --git a/db/rest/post/api_post.sql b/db/rest/post/api_post.sql index b49289c..375f292 100644 --- a/db/rest/post/api_post.sql +++ b/db/rest/post/api_post.sql @@ -3,10 +3,21 @@ CREATE VIEW api.post AS p.id, p.user_id, p.content, - p.date + p.date, + COALESCE(c.cc, 0) + AS comment_count FROM admin.post p - ORDER BY id DESC; + LEFT JOIN ( + SELECT + COUNT(c.id) as cc, + c.post_id + FROM + admin.comment c + GROUP BY + c.post_id + ) c ON p.id = c.post_id + ORDER BY p.id DESC; GRANT SELECT ON TABLE api.post TO rest_anon, rest_user; diff --git a/db/rest/post/api_post_insert.sql b/db/rest/post/api_post_insert.sql index 02b9d8d..8b2eb48 100644 --- a/db/rest/post/api_post_insert.sql +++ b/db/rest/post/api_post_insert.sql @@ -7,6 +7,8 @@ DECLARE BEGIN _user_id = _api.get_user_id(); + NEW.content := _api.trim(NEW.content); + PERFORM _api.validate_text( _text => NEW.content, _column => 'content', diff --git a/db/rest/post/api_post_update.sql b/db/rest/post/api_post_update.sql index 915d0cd..70230d0 100644 --- a/db/rest/post/api_post_update.sql +++ b/db/rest/post/api_post_update.sql @@ -3,13 +3,45 @@ RETURNS TRIGGER LANGUAGE plpgsql VOLATILE AS $BODY$ DECLARE - _length INTEGER; + _user_id INTEGER; + _changed BOOLEAN; BEGIN + _user_id = _api.get_user_id(); + _changed = FALSE; + + IF OLD.user_id <> _user_id THEN + PERFORM _api.raise_deny(); + END IF; + + NEW.content = COALESCE(NEW.content, OLD.content); + NEW.content := _api.trim(NEW.content); + PERFORM _api.validate_text( + _text => NEW.content, + _column => 'content', + _min => 1, + _max => 4096 + ); + + IF NEW.content IS DISTINCT FROM OLD.content THEN + _changed = TRUE; + END IF; + + IF _changed THEN + UPDATE admin.post + SET content = NEW.content + WHERE id = OLD.id; + END IF; + RETURN NEW; END $BODY$; -GRANT EXECUTE ON FUNCTION _api.post_update() TO rest_user; +GRANT EXECUTE ON FUNCTION _api.post_update() + TO rest_user; +GRANT UPDATE ON TABLE api.post + TO rest_user; +GRANT UPDATE ON TABLE admin.post + TO rest_user; CREATE TRIGGER api_post_update_trgr INSTEAD OF UPDATE |