1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
package cvetool
import (
"glsamaker/pkg/app/handler/authentication"
"glsamaker/pkg/app/handler/authentication/utils"
"glsamaker/pkg/database/connection"
"glsamaker/pkg/logger"
"glsamaker/pkg/models/cve"
"encoding/json"
"glsamaker/pkg/models/users"
"net/http"
"time"
)
// Show renders a template to show the landing page of the application
func AddComment(w http.ResponseWriter, r *http.Request) {
user := utils.GetAuthenticatedUser(r)
if !user.Permissions.CVETool.Comment {
authentication.AccessDenied(w, r)
return
}
id, comment, err := getParams(r)
newComment, err := addNewCommment(id, user, comment)
if err != nil {
logger.Info.Println("Err")
logger.Info.Println(err)
w.Write([]byte("err"))
return
}
newCommentString, _ := json.Marshal(newComment)
w.Write(newCommentString)
}
func addNewCommment(id string, user *users.User, comment string) (cve.Comment, error) {
cveItem := &cve.DefCveItem{Id: id}
err := connection.DB.Select(cveItem)
if err != nil {
return cve.Comment{}, err
}
newComment := cve.Comment{
CVEId: id,
UserId: user.Id,
User: user,
Message: comment,
Date: time.Now(),
}
//cveItem.Comments = append(cveItem.Comments, newComment)
//_, err = connection.DB.Model(cveItem).Column("comments").WherePK().Update()
_, err = connection.DB.Model(&newComment).Insert()
return newComment, err
}
func getParams(r *http.Request) (string, string, error) {
err := r.ParseForm()
if err != nil {
return "", "", err
}
id := r.Form.Get("cveid")
comment := r.Form.Get("comment")
return id, comment, err
}
|
GitWeb
