Implement a command-line interface to the running webserver, and a way to get/set...

[ndcode_site.git] / api / globals / set.json.jst

let logjson = (await import('@ndcode/logjson')).default
let XDate = require('xdate')

return async env => {
  let post_request = await _require('/_lib/post_request.jst')
  let session_cookie = await _require('/_lib/session_cookie.jst')
  let Problem = await _require('/_lib/Problem.jst')

  await post_request(
    // env
    env,
    // handler
    async globals => {
      // coerce and/or validate
      globals = {
        site_url: globals.site_url.slice(0, 1024),
        site_title: globals.site_title.slice(0, 1024),
        contact_from: globals.contact_from.slice(0, 1024),
        contact_to: globals.contact_to.slice(0, 1024),
        feedback_from: globals.feedback_from.slice(0, 1024),
        feedback_to: globals.feedback_to.slice(0, 1024),
        noreply_from: globals.noreply_from.slice(0, 1024),
        noreply_signature: globals.noreply_signature.slice(0, 1024),
        copyright: globals.copyright.slice(0, 1024)
      }

      let transaction = await env.site.database.Transaction()
      try {
        // initialize env.session_key, set cookie in env.response
        await session_cookie(env, transaction)
        if (env.signed_in_as === null)
          throw new Problem('Unauthorized', 'Please sign in first.', 401)

        let root = await transaction.get({})
        let account = await (
          await root.get('accounts', {})
        ).get(env.signed_in_as)
        if (
          !await logjson.logjson_to_json(
            await account.get('administrator')
          )
        )
          throw new Problem('Unauthorized', 'Not administrator.', 401)

        root.set('globals', transaction.json_to_logjson(globals))
        await transaction.commit()
      }
      catch (error) {
        transaction.rollback()
        throw error
      }
    }
  )
}