-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathapi.rb
executable file
·126 lines (114 loc) · 2.65 KB
/
api.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#!/usr/bin/env ruby
require 'json'
require 'openssl'
require 'pg'
require 'redis'
require 'sinatra'
helpers do
def db(user_name)
redis = Redis.new(url: ENV["REDIS_URI"])
connection_string = redis.get(user_name)
PG.connect(connection_string)
end
def user_name(req)
docs_session = req.cookies["docs_session"]
user_name, split, origin_sign = docs_session.rpartition("--")
sign = OpenSSL::HMAC.hexdigest("sha1", ENV["DOCS_SECRET"], user_name)
if origin_sign != sign
raise "Invalid session"
end
user_name
end
end
get '/users' do
begin
db = db(user_name(request))
res = db.exec("select id, login, org from users order by id desc limit 100")
{:users => res.to_a}.to_json
rescue => e
status 400
{:error => e.message}.to_json
end
end
put '/users/:id' do |user_id|
begin
db = db(user_name(request))
data = JSON.parse request.body.read
res = db.exec(
"update users \
set org = '#{data["org"]}' \
where id = '#{user_id}' \
returning id, login, org"
)
status 204
rescue => e
status 400
{:error => e.message}.to_json
end
end
get '/docs' do
begin
db = db(user_name(request))
res = db.exec(
"select \
*, (select login || '@' || org as owner_login from users where id = owner), \
(select array_agg(x) from (select (select login || '@' || org from users as u where u.id = uid) as x from unnest(shares) as tmp(uid)) as xx) as shares_logins \
from docs
order by id desc"
)
{:docs => res.to_a}.to_json
rescue => e
status 400
{:error => e.message}.to_json
end
end
post '/docs' do
begin
db = db(user_name(request))
data = JSON.parse request.body.read
res = db.exec(
"insert into docs (title, shares) values \
('#{data["title"]}', '{#{data["shares"].join(",")}}') \
returning id"
)
status 201
{:id => res[0]["id"]}.to_json
rescue => e
status 400
{:error => e.message}.to_json
end
end
get '/contents/:id' do |doc_id|
begin
db = db(user_name(request))
res = db.exec(
"select data
from contents
where doc_id = '#{doc_id}'"
)
if res.num_tuples > 0
res[0]["data"]
else
status 403
end
rescue => e
status 400
{:error => e.message}.to_json
end
end
post '/contents' do
begin
db = db(user_name(request))
data = JSON.parse request.body.read
res = db.exec(
"insert into contents (doc_id, data) values \
('#{data["doc_id"]}', '#{data["data"]}') \
returning id"
)
status 201
{:id => res[0]["id"]}.to_json
rescue => e
status 400
{:error => e.message}.to_json
end
end