From 339d5a709c2a47d3c6beeb45d3c285bea52d4c67 Mon Sep 17 00:00:00 2001 From: miaurizius Date: Mon, 8 Jun 2026 14:46:52 +0200 Subject: [PATCH] dashboard locations and projects will now show items --- handlers/account.go | 2 +- handlers/api.go | 52 +++++++++++++++++++++++++++++++-------------- 2 files changed, 37 insertions(+), 17 deletions(-) diff --git a/handlers/account.go b/handlers/account.go index 5d7944c..5d2fb09 100644 --- a/handlers/account.go +++ b/handlers/account.go @@ -289,5 +289,5 @@ func UserInfo(w http.ResponseWriter, r *http.Request) { log.Println("GET [api/userinfo] " + r.RemoteAddr + ": " + err.Error()) return } - log.Println("GET [api/userinfo] " + r.RemoteAddr + ": Successfully retrieved user info") + log.Println("GET [api/userinfo] " + r.RemoteAddr + ": Successfully retrieved user info of " + user.Username + " (" + user.ID + ")") } diff --git a/handlers/api.go b/handlers/api.go index 85d56d1..5873d68 100644 --- a/handlers/api.go +++ b/handlers/api.go @@ -21,14 +21,20 @@ func Location(w http.ResponseWriter, r *http.Request) { contentMode := r.URL.Query().Get("content") if idStr != "" && contentMode == "true" { - _, _ = strconv.Atoi(idStr) + locationID, err := strconv.Atoi(idStr) + if err != nil { + http.Error(w, "Invalid location ID", http.StatusBadRequest) + return + } + query := ` - SELECT s.item_id, i.name, s.quantity - FROM stock s - JOIN items i ON s.item_id = i.id - WHERE s.location_id = ? AND s.quantity > 0 - ` - rows, err := storage.DB.Query(query) + SELECT s.item_id, i.name, s.quantity + FROM stock s + JOIN items i ON s.item_id = i.id + WHERE s.location_id = ? AND s.quantity > 0 + ` + + rows, err := storage.DB.Query(query, locationID) if err != nil { http.Error(w, "Database error", http.StatusInternalServerError) return @@ -38,9 +44,13 @@ func Location(w http.ResponseWriter, r *http.Request) { var contents []models.LocationContent for rows.Next() { var c models.LocationContent - rows.Scan(&c.ItemID, &c.ItemName, &c.Quantity) + if err := rows.Scan(&c.ItemID, &c.ItemName, &c.Quantity); err != nil { + http.Error(w, "Row scan error", http.StatusInternalServerError) + return + } contents = append(contents, c) } + json.NewEncoder(w).Encode(map[string]interface{}{"contents": contents}) return } @@ -348,14 +358,20 @@ func Project(w http.ResponseWriter, r *http.Request) { detailsMode := r.URL.Query().Get("details") if idStr != "" && detailsMode == "true" { - _, _ = strconv.Atoi(idStr) + projectID, err := strconv.Atoi(idStr) + if err != nil { + http.Error(w, "Invalid project ID", http.StatusBadRequest) + return + } + query := ` - SELECT pi.item_id, i.name, pi.quantity - FROM project_items pi - JOIN items i ON pi.item_id = i.id - WHERE pi.project_id = ? - ` - rows, err := storage.DB.Query(query) + SELECT pi.item_id, i.name, pi.quantity + FROM project_items pi + JOIN items i ON pi.item_id = i.id + WHERE pi.project_id = ? + ` + + rows, err := storage.DB.Query(query, projectID) if err != nil { http.Error(w, "Database error", http.StatusInternalServerError) return @@ -365,9 +381,13 @@ func Project(w http.ResponseWriter, r *http.Request) { var details []models.ProjectDetailItem for rows.Next() { var d models.ProjectDetailItem - rows.Scan(&d.ItemID, &d.ItemName, &d.Quantity) + if err := rows.Scan(&d.ItemID, &d.ItemName, &d.Quantity); err != nil { + http.Error(w, "Row scan error", http.StatusInternalServerError) + return + } details = append(details, d) } + json.NewEncoder(w).Encode(map[string]interface{}{"items": details}) return }