feat(phase5): docs channels - CRUD, wiki sidebar, markdown editor

This commit is contained in:
2026-06-30 11:19:32 -04:00
parent e65ce54e36
commit dbebc1f381
10 changed files with 368 additions and 8 deletions
+206
View File
@@ -0,0 +1,206 @@
package channel
import (
"context"
"encoding/json"
"net/http"
"time"
"git.dustin.coffee/hobokenchicken/dumpsterChat/internal/middleware"
"github.com/go-chi/chi/v5"
)
type document struct {
ID string `json:"id"`
ChannelID string `json:"channel_id"`
CreatorID string `json:"creator_id"`
Title string `json:"title"`
Content string `json:"content"`
CreatedAt string `json:"created_at"`
UpdatedAt string `json:"updated_at"`
}
type createDocRequest struct {
Title string `json:"title"`
Content string `json:"content"`
}
// ponytail: no version history, no lock/unlock. Add when concurrent editing arises.
func (h *Handler) registerDocRoutes(r chi.Router) {
r.Get("/{channelID}/docs", h.ListDocs)
r.Post("/{channelID}/docs", h.CreateDoc)
r.Get("/docs/{docID}", h.GetDoc)
r.Patch("/docs/{docID}", h.UpdateDoc)
r.Delete("/docs/{docID}", h.DeleteDoc)
}
func (h *Handler) ListDocs(w http.ResponseWriter, r *http.Request) {
channelID := chi.URLParam(r, "channelID")
userID, _ := middleware.UserIDFromContext(r.Context())
allowed := h.checkAccess(r.Context(), w, channelID, userID)
if !allowed {
return
}
rows, err := h.db.QueryContext(r.Context(), `
SELECT id, channel_id, creator_id, title, created_at, updated_at
FROM documents WHERE channel_id = $1
ORDER BY updated_at DESC
`, channelID)
if err != nil {
http.Error(w, `{"error":"server error"}`, http.StatusInternalServerError)
return
}
defer rows.Close()
// ponytail: list returns title-only summary, not full content
type docSummary struct {
ID string `json:"id"`
ChannelID string `json:"channel_id"`
CreatorID string `json:"creator_id"`
Title string `json:"title"`
CreatedAt string `json:"created_at"`
UpdatedAt string `json:"updated_at"`
}
docs := make([]docSummary, 0)
for rows.Next() {
var d docSummary
if err := rows.Scan(&d.ID, &d.ChannelID, &d.CreatorID, &d.Title, &d.CreatedAt, &d.UpdatedAt); err != nil {
continue
}
docs = append(docs, d)
}
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(docs)
}
func (h *Handler) CreateDoc(w http.ResponseWriter, r *http.Request) {
channelID := chi.URLParam(r, "channelID")
userID, _ := middleware.UserIDFromContext(r.Context())
allowed := h.checkAccess(r.Context(), w, channelID, userID)
if !allowed {
return
}
var req createDocRequest
if err := json.NewDecoder(r.Body).Decode(&req); err != nil || req.Title == "" {
http.Error(w, `{"error":"title required"}`, http.StatusBadRequest)
return
}
var d document
err := h.db.QueryRowContext(r.Context(), `
INSERT INTO documents (channel_id, creator_id, title, content)
VALUES ($1, $2, $3, $4)
RETURNING id, channel_id, creator_id, title, content, created_at, updated_at
`, channelID, userID, req.Title, req.Content).Scan(
&d.ID, &d.ChannelID, &d.CreatorID, &d.Title, &d.Content, &d.CreatedAt, &d.UpdatedAt,
)
if err != nil {
http.Error(w, `{"error":"failed to create doc"}`, http.StatusInternalServerError)
return
}
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(d)
}
func (h *Handler) GetDoc(w http.ResponseWriter, r *http.Request) {
docID := chi.URLParam(r, "docID")
// ponytail: check channel access via doc lookup
var channelID, creatorID, title, content, createdAt, updatedAt string
err := h.db.QueryRowContext(r.Context(), `
SELECT id, channel_id, creator_id, title, content, created_at, updated_at
FROM documents WHERE id = $1
`, docID).Scan(&docID, &channelID, &creatorID, &title, &content, &createdAt, &updatedAt)
if err != nil {
http.Error(w, `{"error":"doc not found"}`, http.StatusNotFound)
return
}
userID, _ := middleware.UserIDFromContext(r.Context())
allowed := h.checkAccess(r.Context(), w, channelID, userID)
if !allowed {
return
}
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(document{
ID: docID, ChannelID: channelID, CreatorID: creatorID,
Title: title, Content: content, CreatedAt: createdAt, UpdatedAt: updatedAt,
})
}
func (h *Handler) UpdateDoc(w http.ResponseWriter, r *http.Request) {
docID := chi.URLParam(r, "docID")
userID, _ := middleware.UserIDFromContext(r.Context())
// get channel_id first for access check
var channelID, creatorID string
err := h.db.QueryRowContext(r.Context(), `SELECT channel_id, creator_id FROM documents WHERE id = $1`, docID).Scan(&channelID, &creatorID)
if err != nil {
http.Error(w, `{"error":"doc not found"}`, http.StatusNotFound)
return
}
allowed := h.checkAccess(r.Context(), w, channelID, userID)
if !allowed {
return
}
var req createDocRequest
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, `{"error":"invalid request"}`, http.StatusBadRequest)
return
}
var d document
err = h.db.QueryRowContext(r.Context(), `
UPDATE documents SET title = COALESCE(NULLIF($2, ''), title), content = $3, updated_at = $4
WHERE id = $1
RETURNING id, channel_id, creator_id, title, content, created_at, updated_at
`, docID, req.Title, req.Content, time.Now().UTC().Format(time.RFC3339)).Scan(
&d.ID, &d.ChannelID, &d.CreatorID, &d.Title, &d.Content, &d.CreatedAt, &d.UpdatedAt,
)
if err != nil {
http.Error(w, `{"error":"failed to update doc"}`, http.StatusInternalServerError)
return
}
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(d)
}
func (h *Handler) DeleteDoc(w http.ResponseWriter, r *http.Request) {
docID := chi.URLParam(r, "docID")
userID, _ := middleware.UserIDFromContext(r.Context())
var channelID, creatorID string
err := h.db.QueryRowContext(r.Context(), `SELECT channel_id, creator_id FROM documents WHERE id = $1`, docID).Scan(&channelID, &creatorID)
if err != nil {
http.Error(w, `{"error":"doc not found"}`, http.StatusNotFound)
return
}
allowed := h.checkAccess(r.Context(), w, channelID, userID)
if !allowed {
return
}
_, err = h.db.ExecContext(r.Context(), `DELETE FROM documents WHERE id = $1`, docID)
if err != nil {
http.Error(w, `{"error":"failed to delete doc"}`, http.StatusInternalServerError)
return
}
w.WriteHeader(http.StatusNoContent)
}
// ponytail: shared access check, reuses isMember. No permission fine-tuning.
func (h *Handler) checkAccess(ctx context.Context, w http.ResponseWriter, channelID, userID string) bool {
serverID, err := h.serverIDForChannel(ctx, channelID)
if err != nil {
http.Error(w, `{"error":"channel not found"}`, http.StatusNotFound)
return false
}
ok, _ := h.isMember(ctx, userID, serverID)
if !ok {
http.Error(w, `{"error":"forbidden"}`, http.StatusForbidden)
return false
}
return true
}
+1
View File
@@ -32,6 +32,7 @@ func (h *Handler) RegisterRoutes(r chi.Router) {
r.Patch("/threads/{threadID}", h.UpdateThread)
h.registerForumRoutes(r)
h.registerCalendarRoutes(r)
h.registerDocRoutes(r)
h.registerOverrideRoutes(r)
}
+13
View File
@@ -408,6 +408,19 @@ CREATE TABLE IF NOT EXISTS event_rsvps (
CREATE INDEX IF NOT EXISTS idx_event_rsvps_event ON event_rsvps(event_id);
-- Documents (wiki/docs channels)
CREATE TABLE IF NOT EXISTS documents (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
channel_id UUID NOT NULL REFERENCES channels(id) ON DELETE CASCADE,
creator_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
title VARCHAR(255) NOT NULL,
content TEXT NOT NULL DEFAULT '',
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);
CREATE INDEX IF NOT EXISTS idx_documents_channel ON documents(channel_id, updated_at DESC);
-- Message full-text search
ALTER TABLE messages ADD COLUMN IF NOT EXISTS search_vector tsvector;
CREATE INDEX IF NOT EXISTS idx_messages_search ON messages USING GIN(search_vector);