diff options
Diffstat (limited to 'lib')
| -rwxr-xr-x | lib/Travelynx.pm | 61 | ||||
| -rwxr-xr-x | lib/Travelynx/Controller/Traveling.pm | 33 |
2 files changed, 88 insertions, 6 deletions
diff --git a/lib/Travelynx.pm b/lib/Travelynx.pm index 6bdc133..25d45d3 100755 --- a/lib/Travelynx.pm +++ b/lib/Travelynx.pm @@ -348,6 +348,19 @@ sub startup { } ); $self->attr( + drop_journey_query => sub { + my ($self) = @_; + + return $self->app->dbh->prepare( + qq{ + delete from user_actions + where user_id = ? + and (id = ? or id = ?) + } + ); + } + ); + $self->attr( get_userid_query => sub { my ($self) = @_; @@ -493,7 +506,9 @@ qq{select * from pending_mails where email = ? and num_tries > 1;} }, ); - $self->helper(sendmail => sub { state $sendmail = Travelynx::Helper::Sendmail->new; }); + $self->helper( + sendmail => sub { state $sendmail = Travelynx::Helper::Sendmail->new; } + ); $self->helper( 'get_departures' => sub { @@ -892,6 +907,50 @@ qq{select * from pending_mails where email = ? and num_tries > 1;} ); $self->helper( + 'delete_journey' => sub { + my ( $self, $checkin_id, $checkout_id, $checkin_epoch, + $checkout_epoch ) + = @_; + my $uid = $self->current_user->{id}; + + my @journeys = $self->get_user_travels( + uid => $uid, + checkout_id => $checkout_id + ); + if ( @journeys == 0 ) { + return 'Journey not found'; + } + my $journey = $journeys[0]; + + # Double-check (comparing both ID and action epoch) to make sure we + # are really deleting the right journey and the user isn't just + # playing around with POST requests. + if ( $journey->{ids}[0] != $checkin_id + or $journey->{ids}[1] != $checkout_id + or $journey->{checkin}->epoch != $checkin_epoch + or $journey->{checkout}->epoch != $checkout_epoch ) + { + return 'Invalid journey data'; + } + my $query = $self->app->drop_journey_query; + my $success = $query->execute( $uid, $checkin_id, $checkout_id ); + if ($success) { + if ( $query->rows == 2 ) { + return undef; + } + else { + return + sprintf( 'Deleted %d rows, expected 2', $query->rows ); + } + } + my $err = $self->app->drop_journey_query->errstr; + $self->app->log->error( + "Delete($uid, $checkin_id, $checkout_id): DELETE failed: $err"); + return 'DELETE failed: ' . $err; + } + ); + + $self->helper( 'get_user_travels' => sub { my ( $self, %opt ) = @_; diff --git a/lib/Travelynx/Controller/Traveling.pm b/lib/Travelynx/Controller/Traveling.pm index bf61741..a83adb0 100755 --- a/lib/Travelynx/Controller/Traveling.pm +++ b/lib/Travelynx/Controller/Traveling.pm @@ -175,6 +175,26 @@ sub log_action { ); } } + elsif ( $params->{action} eq 'delete' ) { + my ( $from, $to ) = split( qr{,}, $params->{ids} ); + my $error = $self->delete_journey( $from, $to, $params->{checkin}, + $params->{checkout} ); + if ($error) { + $self->render( + json => { + success => 0, + error => $error, + }, + ); + } + else { + $self->render( + json => { + success => 1, + }, + ); + } + } else { $self->render( json => { @@ -312,7 +332,7 @@ sub journey_details { my ($self) = @_; my ( $uid, $checkout_id ) = split( qr{-}, $self->stash('id') ); - if ( not ($uid == $self->current_user->{id} and $checkout_id)) { + if ( not( $uid == $self->current_user->{id} and $checkout_id ) ) { $self->render( 'journey', error => 'notfound', @@ -322,11 +342,14 @@ sub journey_details { } my @journeys = $self->get_user_travels( - uid => $uid, - checkout_id => $checkout_id, - verbose => 1, + uid => $uid, + checkout_id => $checkout_id, + verbose => 1, ); - if ( @journeys == 0 or not $journeys[0]{completed} or $journeys[0]{ids}[1] != $checkout_id) { + if ( @journeys == 0 + or not $journeys[0]{completed} + or $journeys[0]{ids}[1] != $checkout_id ) + { $self->render( 'journey', error => 'notfound', |