focalboard/server/api/content_blocks.go

package api

import (
	"net/http"

	"github.com/gorilla/mux"
	"github.com/mattermost/focalboard/server/model"
	"github.com/mattermost/focalboard/server/services/audit"
)

func (a *API) registerContentBlocksRoutes(r *mux.Router) {
	// Blocks APIs
	r.HandleFunc("/content-blocks/{blockID}/moveto/{where}/{dstBlockID}", a.sessionRequired(a.handleMoveBlockTo)).Methods("POST")
}

func (a *API) handleMoveBlockTo(w http.ResponseWriter, r *http.Request) {
	// swagger:operation POST /content-blocks/{blockID}/move/{where}/{dstBlockID} moveBlockTo
	//
	// Move a block after another block in the parent card
	//
	// ---
	// produces:
	// - application/json
	// parameters:
	// - name: blockID
	//   in: path
	//   description: Block ID
	//   required: true
	//   type: string
	// - name: where
	//   in: path
	//   description: Relative location respect destination block (after or before)
	//   required: true
	//   type: string
	// - name: dstBlockID
	//   in: path
	//   description: Destination Block ID
	//   required: true
	//   type: string
	// security:
	// - BearerAuth: []
	// responses:
	//   '200':
	//     description: success
	//     schema:
	//       type: array
	//       items:
	//         "$ref": "#/definitions/Block"
	//   '404':
	//     description: board or block not found
	//   default:
	//     description: internal error
	//     schema:
	//       "$ref": "#/definitions/ErrorResponse"

	blockID := mux.Vars(r)["blockID"]
	dstBlockID := mux.Vars(r)["dstBlockID"]
	where := mux.Vars(r)["where"]
	userID := getUserID(r)

	block, err := a.app.GetBlockByID(blockID)
	if err != nil {
		a.errorResponse(w, r, err)
		return
	}

	dstBlock, err := a.app.GetBlockByID(dstBlockID)
	if err != nil {
		a.errorResponse(w, r, err)
		return
	}

	if where != "after" && where != "before" {
		a.errorResponse(w, r, model.NewErrBadRequest("invalid where parameter, use before or after"))
		return
	}

	if userID == "" {
		a.errorResponse(w, r, model.NewErrUnauthorized("access denied to board"))
		return
	}

	if !a.permissions.HasPermissionToBoard(userID, block.BoardID, model.PermissionManageBoardCards) {
		a.errorResponse(w, r, model.NewErrPermission("access denied to modify board cards"))
		return
	}

	auditRec := a.makeAuditRecord(r, "moveBlockTo", audit.Fail)
	defer a.audit.LogRecord(audit.LevelModify, auditRec)
	auditRec.AddMeta("blockID", blockID)
	auditRec.AddMeta("dstBlockID", dstBlockID)

	err = a.app.MoveContentBlock(block, dstBlock, where, userID)
	if err != nil {
		a.errorResponse(w, r, err)
		return
	}

	// response
	jsonStringResponse(w, http.StatusOK, "{}")

	auditRec.Success()
}
Adding the new blocks based editor (#3825) * Working in the new content block editor * Moving blocksEditor content block into its own component * Initial integration with quick development flow * More WIP * Adding drag and drop support with server side help * Some extra work around the styles * Adding image support * Adding video and attachments, and fixing edit * Putting everything behind a feature flag * Adding support for download attachments * Fixing compilation error * Fixing linter errors * Fixing javascript tests * Fixing a typescript error * Moving the move block to an action with undo support * Fixing ci * Fixing post merge errors * Moving to more specific content-blocks api * Apply suggestions from code review Co-authored-by: Doug Lauder <wiggin77@warpmail.net> * Fixing the behavior of certain blocks * Fixing linter error * Fixing javascript linter errors * Adding permission testing for the new move content block api * Adding some unit tests * Improving a bit the tests * Adding more unit tests to the backend * Fixed PR suggestion * Adding h1, h2 and h3 tests * Adding image tests * Adding video tests * Adding attachment tests * Adding quote block tests * Adding divider tests * Adding checkbox tests * Adding list item block tests * Adding text block tests * Reorganizing a bit the code to support deveditor eagain * Fixing dark theme on editor view * Fixing linter errors * Fixing tests and removing unneeded data-testid * Adding root input tests * Fixing some merge problems * Fixing text/text.test.tsx test * Adding more unit tests to the blocks editor * Fix linter error * Adding blocksEditor tests * Fixing linter errors * Adding tests for blockContent * Update webapp/src/components/blocksEditor/blockContent.test.tsx Fix linter warning * Update webapp/src/components/blocksEditor/blockContent.test.tsx Fix linter warning * Update webapp/src/components/blocksEditor/blockContent.test.tsx Fix linter error * Fixing test * Removing unneeded TODO Co-authored-by: Doug Lauder <wiggin77@warpmail.net> 2022-11-15 16:59:07 +01:00			`package api`

			`import (`
			`"net/http"`

			`"github.com/gorilla/mux"`
			`"github.com/mattermost/focalboard/server/model"`
			`"github.com/mattermost/focalboard/server/services/audit"`
			`)`

			`func (a API) registerContentBlocksRoutes(r mux.Router) {`
			`// Blocks APIs`
			`r.HandleFunc("/content-blocks/{blockID}/moveto/{where}/{dstBlockID}", a.sessionRequired(a.handleMoveBlockTo)).Methods("POST")`
			`}`

			`func (a API) handleMoveBlockTo(w http.ResponseWriter, r http.Request) {`
			`// swagger:operation POST /content-blocks/{blockID}/move/{where}/{dstBlockID} moveBlockTo`
			`//`
			`// Move a block after another block in the parent card`
			`//`
			`// ---`
			`// produces:`
			`// - application/json`
			`// parameters:`
			`// - name: blockID`
			`// in: path`
			`// description: Block ID`
			`// required: true`
			`// type: string`
			`// - name: where`
			`// in: path`
			`// description: Relative location respect destination block (after or before)`
			`// required: true`
			`// type: string`
			`// - name: dstBlockID`
			`// in: path`
			`// description: Destination Block ID`
			`// required: true`
			`// type: string`
			`// security:`
			`// - BearerAuth: []`
			`// responses:`
			`// '200':`
			`// description: success`
			`// schema:`
			`// type: array`
			`// items:`
			`// "$ref": "#/definitions/Block"`
			`// '404':`
			`// description: board or block not found`
			`// default:`
			`// description: internal error`
			`// schema:`
			`// "$ref": "#/definitions/ErrorResponse"`

			`blockID := mux.Vars(r)["blockID"]`
			`dstBlockID := mux.Vars(r)["dstBlockID"]`
			`where := mux.Vars(r)["where"]`
			`userID := getUserID(r)`

			`block, err := a.app.GetBlockByID(blockID)`
			`if err != nil {`
			`a.errorResponse(w, r, err)`
			`return`
			`}`

			`dstBlock, err := a.app.GetBlockByID(dstBlockID)`
			`if err != nil {`
			`a.errorResponse(w, r, err)`
			`return`
			`}`

			`if where != "after" && where != "before" {`
			`a.errorResponse(w, r, model.NewErrBadRequest("invalid where parameter, use before or after"))`
			`return`
			`}`

			`if userID == "" {`
			`a.errorResponse(w, r, model.NewErrUnauthorized("access denied to board"))`
			`return`
			`}`

			`if !a.permissions.HasPermissionToBoard(userID, block.BoardID, model.PermissionManageBoardCards) {`
			`a.errorResponse(w, r, model.NewErrPermission("access denied to modify board cards"))`
			`return`
			`}`

			`auditRec := a.makeAuditRecord(r, "moveBlockTo", audit.Fail)`
			`defer a.audit.LogRecord(audit.LevelModify, auditRec)`
			`auditRec.AddMeta("blockID", blockID)`
			`auditRec.AddMeta("dstBlockID", dstBlockID)`

			`err = a.app.MoveContentBlock(block, dstBlock, where, userID)`
			`if err != nil {`
			`a.errorResponse(w, r, err)`
			`return`
			`}`

			`// response`
			`jsonStringResponse(w, http.StatusOK, "{}")`

			`auditRec.Success()`
			`}`