From bb4c4dfb0e2f38c35f1629755e2e835ead9360f1 Mon Sep 17 00:00:00 2001 From: kiritow <1362050620@qq.com> Date: Mon, 20 Nov 2017 14:17:24 +0800 Subject: [PATCH] Lunch commit Add editbook. Add err_parameter to jsonfail. Update design. --- design.txt | 22 ++++-- editbook.cpp | 219 +++++++++++++++++++++++++++++++++++++++++++++++++++ jsonfail.cpp | 2 + jsonfail.h | 1 + 4 files changed, 237 insertions(+), 7 deletions(-) diff --git a/design.txt b/design.txt index f027f30..e738b58 100644 --- a/design.txt +++ b/design.txt @@ -120,17 +120,25 @@ publisher pubdate status + + 错误: + 权限不足,添加失败 http://booksys.com/api/v1/editbook POST POST: book_key (唯一图书定义序号) - isbn - bookname - booktype - author - publisher - pubdate - status + + 以下所有列均为可选: 当任一列存在时将引起数据的修改 + isbn + bookname + booktype + author + publisher + pubdate + status + + 错误: + 权限不足,修改失败 http://booksys.com/api/v1/removebook POST POST: diff --git a/editbook.cpp b/editbook.cpp index e69de29..d64553b 100644 --- a/editbook.cpp +++ b/editbook.cpp @@ -0,0 +1,219 @@ +#include "Session.h" +#include "Util.h" +#include "json.hpp" +#include "jsonfail.h" +using namespace std; +using json=nlohmann::json; + +#define postval(NAME) string NAME=req.post[#NAME] +#define gpostval(NAME) NAME=new string;*NAME=req.post[#NAME] +#define tpostval(NAME) string* NAME=nullptr; do { if(postexist(#NAME)) { gpostval(NAME); } }while(0) + +int main() +{ + Request req; + Session se(req); + Response res; + json j; + + auto jsonfail=[&](int errcode,const string& detail="") + { + j["success"]=0; + j["errcode"]=errcode; + j["errmsg"]=string(GetErrMsg(errcode))+" : "+detail; + }; + + /// Used by Marco: tpostval(NAME) + auto postexist=[&](const string& key)->bool + { + return req.post.find(key)!=req.post.end(); + }; + + do + { + if(!se.isReady()) + { + jsonfail(err_session); + break; + } + if(se.isNew()||se.getUser().empty()) + { + jsonfail(err_need_login); + break; + } + + if(req.requestMethod!="POST") + { + jsonfail(err_method_not_supported); + break; + } + + if(req.post["book_key"].empty()) + { + jsonfail(err_missing_parameter); + break; + } + + postval(book_key); + int book_key_real=ParseInt(book_key); + if(book_key_real<0) + { + jsonfail(err_parameter,"Book Key Parse Error"); + break; + } + + DBInfo db; + MySQLConn conn; + if(db.readConfig()<0) + { + jsonfail(err_config); + break; + } + + if(db.connectProxy(conn)<0) + { + jsonfail(err_connect); + break; + } + + /// Check Permission + int permission_level; + if(conn.exec(make_str("select permission_level from bs_user where username='", + se.getUser(), + "'"), + [&](MySQLResult& res) + { + res.stepRow([&](char** val,unsigned long* len) + { + permission_level=ParseInt(val[0]); + }); + })<0) + { + jsonfail(err_sql,"Step 1"); + break; + } + + if(permission_level>1) + { + /// Permission Denied. + jsonfail(err_permission_denied); + break; + } + + /// Try to verify book_key (class_id) + int count_class_id_val; + if(conn.exec(make_str("select count(class_id) from bs_book where class_id=", + book_key_real), + [&](MySQLResult& res) + { + res.stepRow([&](char** val,unsigned long* len) + { + count_class_id_val=ParseInt(val[0]); + }); + })<0) + { + jsonfail(err_sql,"Step 2"); + break; + } + + if(count_class_id_val!=1) + { + /// Failed to verify + jsonfail(err_data,"Cannot verify book key."); + break; + } + + /// Try to fetch values. + tpostval(isbn); + tpostval(bookname); + tpostval(booktype); + tpostval(author); + tpostval(publisher); + tpostval(pubdate); + tpostval(status); + + if(status!=nullptr) + { + int _in_status=ParseInt(*status); + if(_in_status<0) + { + jsonfail(err_parameter,"Status parse failed."); + break; + } + + /// Verify status + int status_cnt; + if(conn.exec(make_str("select count(status) from bs_meta_book where status=", + _in_status), + [&](MySQLResult& res) + { + res.stepRow([&](char** val,unsigned long* len) + { + status_cnt=ParseInt(val[0]); + }); + })<0) + { + jsonfail(err_sql,"Step 3"); + break; + } + + if(status_cnt!=1) + { + jsonfail(err_data,"Cannot verify status"); + break; + } + + if(conn.exec(make_str("update bs_book set status=",_in_status),nullptr)<0) + { + jsonfail(err_sql,"Step 4 status"); + break; + } + + if(conn.getAffectedRows()!=1) + { + jsonfail(err_sql_logic,"status"); + break; + } + } + + #define doUpdate(NAME,SETNAME) \ + if(NAME!=nullptr) \ + {\ + if((*NAME).empty()) \ + {\ + *NAME="null";\ + }\ + else\ + {\ + *NAME=make_str("'",(*NAME),"'");\ + }\ + if(conn.exec(make_str("update bs_book set ",SETNAME,"=",\ + *NAME,\ + " where class_id=",\ + book_key_real),nullptr)<0)\ + {\ + jsonfail(err_sql,make_str("Step 4 ",SETNAME));\ + break;\ + }\ + if(conn.getAffectedRows()!=1)\ + {\ + jsonfail(err_sql_logic,SETNAME);\ + break;\ + }\ + } + + doUpdate(isbn,"isbn"); + doUpdate(bookname,"name"); + doUpdate(booktype,"book_type"); + doUpdate(author,"author"); + doUpdate(publisher,"publisher"); + doUpdate(pubdate,"publish_time"); + + j["success"]=1; + }while(0); + + res.content.append(j.dump()); + res.show(); + + return 0; +} diff --git a/jsonfail.cpp b/jsonfail.cpp index 0434920..6b21924 100644 --- a/jsonfail.cpp +++ b/jsonfail.cpp @@ -26,6 +26,8 @@ const char* GetErrMsg(int errcode) return "Session Error"; case err_general: return "General error"; + case err_parameter: + return "Parameter error"; default: return "Unknown error"; } diff --git a/jsonfail.h b/jsonfail.h index 152520a..afc9a4f 100644 --- a/jsonfail.h +++ b/jsonfail.h @@ -11,5 +11,6 @@ #define err_data 9 #define err_session 10 #define err_general 11 +#define err_parameter 12 const char* GetErrMsg(int errcode);