-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixed add, delete, and edit markers functionality #45
Conversation
b5c8d10
to
a566c68
Compare
Can you confirm to me if we do a validation on the backend that only the owner can modify their own sites? |
@cintiadr My bad! The backend only checks whether the user is authenticated. However, the edit button for a marker wouldn't appear to a user if he isn't the owner. Would you like me to add a check in the backend to see whether the username dictated by a request is the same as that of the authenticated user? |
a566c68
to
bc42b35
Compare
@cintiadr I made the check by modifying the sql being executed when a modification request is called. Is that alright? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Look, I know nothing of javascript or frontend, so it looks fine.
views/index.ejs
Outdated
@@ -119,6 +114,22 @@ | |||
userName = $('#user-name').val().trim(); | |||
userEmail = $('#user-email').val().trim(); | |||
|
|||
if(currentUser != "/") { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm a little bit confused here, how is that possible that the currentUser would be '/'?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@cintiadr When I printed out currentUser onto the console it turned out to be "/" when no user was logged in. Then again, I've no idea why it ended up like that in the first place. :/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Super weird. I wouldn't bother for now, but I suppose at some point you might discover why is that and try to clean that up.
Can you at least add a comment here? Maybe even a TODO comment.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@cintiadr I just had a look at it. When no 'user' parameter is being passed to the page, value of hidden form element '#user-id' becomes "/" instead of "" as I had set it (maybe it is some representation of a blank string?). Should I set currentUser to "visitor" or something like that, if no user is logged in? Line 113 aims to do it I think, so maybe I edit my code to do that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@cintiadr I changed the code to set currentUser as "visitor" when the user is logged, as there are a lot of places in the code where "visitor" is being used. I tested stuff to see if everything worked and so far nothing seems to have broken.
aeec7f1
to
b9dd689
Compare
d44dc5a
to
5cf5339
Compare
dcf9b0d
to
b49d0d6
Compare
b49d0d6
to
68fa42b
Compare
What needs to be done to merge this pull request? I'd rather not add new functionality to this one, but rather raise another PR later with any new features. Is there any code improvements pending? |
@cintiadr Since the improvements required changes to one of the 4 files, I pushed them in here. I'll make new PRs from now on. I don't think there are pending code improvements. |
I've tested this locally and it seems to be working, so merged. Thanks @HelioStrike! |
Fixed add, delete, and edit markers functionality. Here's a video of the atlas in its current state.