From bfbd9cbdc79d0af254ee387ae840efe4702b2b3e Mon Sep 17 00:00:00 2001
From: Joe Robinson <joe@mumsnet.com>
Date: Mon, 21 Jul 2014 10:20:48 +0100
Subject: Check if user is an admin or added the poll to allow them to remove
 one

---
 blavote.go |  2 +-
 poll.go    | 28 +++++++++++++++++++---------
 user.go    |  6 +++---
 3 files changed, 23 insertions(+), 13 deletions(-)

diff --git a/blavote.go b/blavote.go
index 48e1ae2..5beb48c 100644
--- a/blavote.go
+++ b/blavote.go
@@ -75,7 +75,7 @@ func main() {
             fmt.Println(err)
         }
     } else if (opts.Remove > 0) {
-        deletePoll(db, opts.Remove)
+        deletePoll(db, opts.Remove, opts.Username)
 
         if (err == nil) {
             fmt.Print("Poll removed with ID ")
diff --git a/poll.go b/poll.go
index 9ca9aeb..803cf6c 100644
--- a/poll.go
+++ b/poll.go
@@ -1,9 +1,10 @@
 package main
 
 import "github.com/mxk/go-sqlite/sqlite3"
+import "fmt"
 
 type Poll struct {
-    id int
+    id int64
     title string
     userId int64
 }
@@ -60,7 +61,7 @@ func getPollFromTitle(db *sqlite3.Conn, title string) Poll {
     row := make(sqlite3.RowMap)
     
     for ; err == nil ; err = s.Next() {
-        var rowid int
+        var rowid int64
         s.Scan(&rowid, row)     // Assigns 1st column to rowid, the rest to row
 
         poll := Poll{id:rowid, title:row["title"].(string), userId:row["user_id"].(int64)}
@@ -80,7 +81,7 @@ func getPollFromId(db *sqlite3.Conn, id int) Poll {
     row := make(sqlite3.RowMap)
     
     for ; err == nil ; err = s.Next() {
-        var rowid int
+        var rowid int64
         s.Scan(&rowid, row)     // Assigns 1st column to rowid, the rest to row
 
         poll := Poll{id:rowid, title:row["title"].(string), userId:row["user_id"].(int64)}
@@ -92,16 +93,25 @@ func getPollFromId(db *sqlite3.Conn, id int) Poll {
 
 }
 
-func deletePoll(db *sqlite3.Conn, id int) error {
+func deletePoll(db *sqlite3.Conn, id int, nick string) error {
 
+    user := getUserForName(db, nick)
     poll := getPollFromId(db, id)
 
-    if (poll.id == 0) {
-        return nil
+
+    if (user.isAdmin || poll.userId == user.id) {
+        if (poll.id == 0) {
+            return nil
+        } else {
+            sql := "DELETE FROM polls WHERE id = $a"
+            args := sqlite3.NamedArgs{"$a": id}
+            db.Exec(sql, args)
+            return nil
+        }
     } else {
-        sql := "DELETE FROM polls WHERE id = $a"
-        args := sqlite3.NamedArgs{"$a": id}
-        db.Exec(sql, args)
+        fmt.Println("denied")
         return nil
     }
+
+
 }
\ No newline at end of file
diff --git a/user.go b/user.go
index d1ed261..b686f74 100644
--- a/user.go
+++ b/user.go
@@ -3,7 +3,7 @@ package main
 import "github.com/mxk/go-sqlite/sqlite3"
 
 type User struct {
-    id int
+    id int64
     name string
     isAdmin bool
 }
@@ -28,7 +28,7 @@ func getUserForId(db *sqlite3.Conn, id int) User {
     row := make(sqlite3.RowMap)
     
     for ; err == nil ; err = s.Next() {
-        var rowid int
+        var rowid int64
         s.Scan(&rowid, row)     // Assigns 1st column to rowid, the rest to row
 
         user := User{id:rowid, name:row["name"].(string), isAdmin:row["admin"].(bool)}
@@ -48,7 +48,7 @@ func getUserForName(db *sqlite3.Conn, name string) User {
     row := make(sqlite3.RowMap)
     
     for ; err == nil ; err = s.Next() {
-        var rowid int
+        var rowid int64
         s.Scan(&rowid, row)
 
         user := User{id:rowid, name:row["name"].(string), isAdmin:row["admin"].(bool)}
-- 
cgit v1.2.3