diff options
Diffstat (limited to 'db/rest/comment')
| -rw-r--r-- | db/rest/comment/api_comment.sql | 15 | ||||
| -rw-r--r-- | db/rest/comment/api_comment_delete.sql | 31 | ||||
| -rw-r--r-- | db/rest/comment/api_comment_insert.sql | 56 | ||||
| -rw-r--r-- | db/rest/comment/api_comment_update.sql | 50 |
4 files changed, 152 insertions, 0 deletions
diff --git a/db/rest/comment/api_comment.sql b/db/rest/comment/api_comment.sql new file mode 100644 index 0000000..e50ca2f --- /dev/null +++ b/db/rest/comment/api_comment.sql @@ -0,0 +1,15 @@ +CREATE VIEW api.comment AS + SELECT + c.id, + c.user_id, + c.post_id, + c.content, + c.date + FROM + admin.comment c + ORDER BY id ASC; + +GRANT SELECT ON TABLE api.comment + TO rest_anon, rest_user; +GRANT SELECT ON TABLE admin.comment + TO rest_anon, rest_user; diff --git a/db/rest/comment/api_comment_delete.sql b/db/rest/comment/api_comment_delete.sql new file mode 100644 index 0000000..d7db8a4 --- /dev/null +++ b/db/rest/comment/api_comment_delete.sql @@ -0,0 +1,31 @@ +CREATE FUNCTION _api.comment_delete() +RETURNS TRIGGER +LANGUAGE plpgsql VOLATILE +AS $BODY$ +DECLARE + _user_id INTEGER; +BEGIN + _user_id = _api.get_user_id(); + + IF OLD.user_id <> _user_id THEN + PERFORM _api.raise_deny(); + END IF; + + DELETE FROM admin.comment + WHERE user_id = _user_id + AND id = OLD.id; +END +$BODY$; + +GRANT EXECUTE ON FUNCTION _api.comment_delete() + TO rest_user; +GRANT DELETE ON TABLE api.comment + TO rest_user; +GRANT DELETE ON TABLE admin.comment + TO rest_user; + +CREATE TRIGGER api_comment_delete_trgr + INSTEAD OF DELETE + ON api.comment + FOR EACH ROW + EXECUTE PROCEDURE _api.comment_delete(); diff --git a/db/rest/comment/api_comment_insert.sql b/db/rest/comment/api_comment_insert.sql new file mode 100644 index 0000000..878e194 --- /dev/null +++ b/db/rest/comment/api_comment_insert.sql @@ -0,0 +1,56 @@ +CREATE FUNCTION _api.comment_insert() +RETURNS TRIGGER +LANGUAGE plpgsql VOLATILE +AS $BODY$ +DECLARE + _user_id INTEGER; +BEGIN + _user_id = _api.get_user_id(); + + NEW.content := _api.trim(NEW.content); + PERFORM _api.validate_text( + _text => NEW.content, + _column => 'content', + _min => 1, + _max => 1024 + ); + + PERFORM TRUE + FROM admin.post + WHERE id = NEW.post_id; + + IF NOT FOUND THEN + PERFORM _api.raise( + _msg => 'api_null_post', + _err => 400 + ); + END IF; + + INSERT INTO admin.comment ( + user_id, + post_id, + content + ) VALUES ( + _user_id, + NEW.post_id, + NEW.content + ); + + RETURN NEW; +END +$BODY$; + +GRANT EXECUTE ON FUNCTION _api.comment_insert() + TO rest_user; +GRANT INSERT ON TABLE api.comment + TO rest_user; +GRANT INSERT ON TABLE admin.comment + TO rest_user; +GRANT UPDATE ON TABLE sys.comment_id_seq + TO rest_user; + +CREATE TRIGGER api_comment_insert_trgr + INSTEAD OF INSERT + ON api.comment + FOR EACH ROW + EXECUTE PROCEDURE _api.comment_insert(); diff --git a/db/rest/comment/api_comment_update.sql b/db/rest/comment/api_comment_update.sql new file mode 100644 index 0000000..d6b4aca --- /dev/null +++ b/db/rest/comment/api_comment_update.sql @@ -0,0 +1,50 @@ +CREATE FUNCTION _api.comment_update() +RETURNS TRIGGER +LANGUAGE plpgsql VOLATILE +AS $BODY$ +DECLARE + _user_id INTEGER; + _changed BOOLEAN; +BEGIN + _user_id = _api.get_user_id(); + _changed = FALSE; + + IF OLD.user_id <> _user_id THEN + PERFORM _api.raise_deny(); + END IF; + + NEW.content = COALESCE(NEW.content, OLD.content); + NEW.content := _api.trim(NEW.content); + PERFORM _api.validate_text( + _text => NEW.content, + _column => 'content', + _min => 1, + _max => 1024 + ); + + IF NEW.content IS DISTINCT FROM OLD.content THEN + _changed = TRUE; + END IF; + + IF _changed THEN + UPDATE admin.comment + SET content = NEW.content + WHERE id = OLD.id; + END IF; + + RETURN NEW; +END +$BODY$; + +GRANT EXECUTE ON FUNCTION _api.comment_update() + TO rest_user; +GRANT UPDATE ON TABLE api.comment + TO rest_user; +GRANT UPDATE ON TABLE admin.comment + TO rest_user; + +CREATE TRIGGER api_comment_update_trgr + INSTEAD OF UPDATE + ON api.comment + FOR EACH ROW + EXECUTE PROCEDURE _api.comment_update(); |