From be324e9d064ad273b0be84b8f74a5ac34435d884 Mon Sep 17 00:00:00 2001
From: simon <simon@journeyman.cc>
Date: Sat, 15 Jul 2017 17:49:32 +0100
Subject: [PATCH] Beginnings of a working role-routing page

(also the first actual database reads)
---
 resources/sql/queries.sql                  | 14 +++++
 resources/templates/canvasser.html         | 60 ++++++++++++++++++++++
 src/clj/youyesyet/routes/authenticated.clj | 29 +++++++++--
 src/clj/youyesyet/routes/home.clj          | 35 ++++++++++---
 4 files changed, 127 insertions(+), 11 deletions(-)
 create mode 100644 resources/templates/canvasser.html

diff --git a/resources/sql/queries.sql b/resources/sql/queries.sql
index 0689475..e708a7b 100644
--- a/resources/sql/queries.sql
+++ b/resources/sql/queries.sql
@@ -66,6 +66,10 @@ WHERE id = :id
 SELECT * FROM authorities
 WHERE id = :id
 
+-- :name get-authorities :? :0
+-- :doc retrieve all authorities
+SELECT id FROM authorities
+
 -- :name delete-authority! :! :n
 -- :doc delete a authority given the id
 DELETE FROM authorities
@@ -89,6 +93,16 @@ WHERE id = :id
 SELECT * FROM canvassers
 WHERE id = :id
 
+-- :name get-canvasser-by-username :? :1
+-- :doc rerieve a canvasser given the username.
+SELECT * FROM canvassers
+WHERE username = :username
+
+-- :name get-canvasser-by-email :? :1
+-- :doc rerieve a canvasser given the email address.
+SELECT * FROM canvassers
+WHERE email = :email
+
 -- :name delete-canvasser! :! :n
 -- :doc delete a canvasser given the id
 DELETE FROM canvassers
diff --git a/resources/templates/canvasser.html b/resources/templates/canvasser.html
new file mode 100644
index 0000000..b223313
--- /dev/null
+++ b/resources/templates/canvasser.html
@@ -0,0 +1,60 @@
+{% extends "base-authenticated.html" %}
+{% block title %}
+{% endblock %}
+{% block content %}
+<form action="edit-canvasser" method="post">
+  {% if canvasser %}
+  <input type="hidden" name="id" id="id" value="{{canvasser.id}}"/>
+  {% endif %}
+  <p class="widget">
+    <label for="fullname">Full name</label>
+    <input type="text" name="fullname" id="fullname" value="{{canvasser.fullname}}"/>
+  </p>
+  <p class="widget">
+    (TODO: Not absolutely sure what I'm going to do for an elector id widget yet.)
+  </p>
+  <p class="widget">
+    <label for="address">Address</label>
+    {% if address.id %}
+    <!-- if we already have an address, just show it with a link to edit it -->
+      <span class="pseudo-widget" id="address">
+        {{address.address}}
+      </span>
+    {% else %}
+    (TODO: Some sort of address lookup widget goes here.)
+    {% endif %}
+  </p>
+  <p class="widget">
+    <label for="phone">Phone number</label>
+    <input type="tel" name="phone" id="phone" value="{{canvasser.phone}}"/>
+  </p>
+  <p class="widget">
+    <label for="email">Email address</label>
+    <input type="email" name="email" id="email" value="{{canvasser.email}}"/>
+  </p>
+  <p class="widget">
+    <label for="authority_id">Authorised by</label>
+    <select name="authority_id" id="authority_id">
+      {% for authority in authorities %}
+      <option value="{{authority.id}}"
+              {% ifequal authority.id canvasser.authority_id %}selected {% endifequal %}>
+        {{authority.id}}
+      </option>
+    </select>
+  </p>
+
+  </p>
+      id             serial,
+    username       character varying(32) NOT NULL,
+    fullname       character varying(64) NOT NULL,
+    elector_id     integer,
+    address_id     integer NOT NULL,
+    phone          character varying(16),
+    email          character varying(128),
+    authority_id   character varying(32) NOT NULL,
+    introduced_by  int references canvassers(id),
+    authorised     boolean
+
+</form>
+
+{% endblock %}
diff --git a/src/clj/youyesyet/routes/authenticated.clj b/src/clj/youyesyet/routes/authenticated.clj
index d0f4d3f..e8b1b7b 100644
--- a/src/clj/youyesyet/routes/authenticated.clj
+++ b/src/clj/youyesyet/routes/authenticated.clj
@@ -33,15 +33,34 @@
 
 ;;; This code adapted from http://www.luminusweb.net/docs#accessing_the_database
 
-(defn canvasser-page
+(defn post?
+  "Return true if the argument is a ring request which is a post request"
   [request]
-  (if
+  true)
+
+(defn canvasser-page
+  "Process this canvasser request, and render the canvasser page"
+  [request]
+  (let [canvasser (if
     (:params request)
     (let [params (:params request)]
       (if (:id params)
-        (db/update-canvasser! params)
-        (db/create-canvasser! params))
-      )))
+        (if (post? request)
+          (db/update-canvasser! params)
+          (db/create-canvasser! params))
+        (db/get-canvasser (:id params)))
+      ))]
+    (layout/render
+      "canvasser.html"
+      {:title (if canvasser
+                (str
+                  "Edit canvasser "
+                  (:fullname canvasser)
+                  " "
+                  (:email canvasser))
+                "Add new canvasser")
+       :canvasser canvasser
+       :address (if (:address_id canvasser) (db/get-address (:address_id canvasser)))})))
 
 (defn routing-page
   "Render the routing page, which offers routes according to the user's roles"
diff --git a/src/clj/youyesyet/routes/home.clj b/src/clj/youyesyet/routes/home.clj
index 90f2f12..77ef2f0 100644
--- a/src/clj/youyesyet/routes/home.clj
+++ b/src/clj/youyesyet/routes/home.clj
@@ -48,28 +48,51 @@
                     ;; TODO: Issues need to be fetched from the database
                     :concerns nil})))
 
+
+(defn roles-page [request]
+  (let
+    [session (:session request)
+     username (:user session)
+     user (if username (db-core/get-canvasser-by-username db-core/*db* {:username username}))
+     roles (if user (db-core/get-roles-by-canvasser db-core/*db* {:canvasser (:id user)}))]
+    (cond
+      roles (layout/render "roles.html"
+                           {:title (str "Welcome " (:fullname user))
+                            :roles roles})
+      true (assoc (response/found "/login") :session (dissoc session :user))
+      )))
+
+
 (defn home-page []
   (layout/render "home.html" {:title "You Yes Yet?"}))
 
+
 (defn login-page
   "This is very temporary. We're going to do authentication by oauth."
   [request]
   (let [params (keywordize-keys (:form-params request))
         session (:session request)
         username (:username params)
+        user (if username (db-core/get-canvasser-by-username db-core/*db* {:username username}))
         password (:password params)
-        redirect-to (or (:redirect-to params) "app")]
-    (if
-     (and (= username "test") (= password "test"))
-     (do
-       (assoc (response/found redirect-to) :session (assoc session :user username)))
-     (layout/render "login.html" {:title "Please log in" :redirect-to redirect-to}))))
+        redirect-to (or (:redirect-to params) "roles")]
+    (cond
+      ;; this is obviously, ABSURDLY, insecure. I don't want to put just-about-good-enough,
+      ;; it-will-do-for-now security in place; instead, I want this to be test code only
+      ;; until we have o-auth properly working.
+      (and user (= username password))
+      (assoc (response/found redirect-to) :session (assoc session :user username))
+      user
+      (layout/render "login.html" {:title (str "User " username " is unknown") :redirect-to redirect-to})
+      true
+      (layout/render "login.html" {:title "Please log in" :redirect-to redirect-to}))))
 
 
 (defroutes home-routes
   (GET "/" [] (home-page))
   (GET "/home" [] (home-page))
   (GET "/about" [] (about-page))
+  (GET "/roles" request (route/restricted (roles-page request)))
   (GET "/app" [] (route/restricted (app-page)))
   (GET "/call-me" [] (call-me-page nil))
   (POST "/call-me" request (call-me-page request))