furu04/Super-HomeworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

安全性を向上

Browse Source
This commit is contained in:
furu04
2026-01-13 16:23:55 +09:00
parent 5b10b90bf5
commit fee5d7c846
4 changed files with 244 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
internal/handler/api_handler.go
View File

@@ -7,6 +7,7 @@ import (
"homework-manager/internal/middleware"
"homework-manager/internal/service"
"homework-manager/internal/validation"
"github.com/gin-gonic/gin"
)
@@ -264,6 +265,11 @@ func (h *APIHandler) CreateAssignment(c *gin.Context) {
return
}
if err := validation.ValidateAssignmentInput(input.Title, input.Description, input.Subject, input.Priority); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
dueDate, err := parseDateString(input.DueDate)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid due_date format. Use RFC3339 or 2006-01-02T15:04"})
@@ -386,6 +392,11 @@ func (h *APIHandler) UpdateAssignment(c *gin.Context) {
return
}
if err := validation.ValidateAssignmentInput(input.Title, input.Description, input.Subject, input.Priority); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
title := input.Title
if title == "" {
title = existing.Title

22
internal/handler/assignment_handler.go
View File

@@ -9,6 +9,7 @@ import (
"homework-manager/internal/middleware"
"homework-manager/internal/models"
"homework-manager/internal/service"
"homework-manager/internal/validation"
"github.com/gin-gonic/gin"
)
@@ -126,6 +127,22 @@ func (h *AssignmentHandler) Create(c *gin.Context) {
priority := c.PostForm("priority")
dueDateStr := c.PostForm("due_date")
if err := validation.ValidateAssignmentInput(title, description, subject, priority); err != nil {
role, _ := c.Get(middleware.UserRoleKey)
name, _ := c.Get(middleware.UserNameKey)
RenderHTML(c, http.StatusOK, "assignments/new.html", gin.H{
"title": "課題登録",
"error": err.Error(),
"formTitle": title,
"description": description,
"subject": subject,
"priority": priority,
"isAdmin": role == "admin",
"userName": name,
})
return
}
reminderEnabled := c.PostForm("reminder_enabled") == "on"
reminderAtStr := c.PostForm("reminder_at")
var reminderAt *time.Time
@@ -298,6 +315,11 @@ func (h *AssignmentHandler) Update(c *gin.Context) {
priority := c.PostForm("priority")
dueDateStr := c.PostForm("due_date")
if err := validation.ValidateAssignmentInput(title, description, subject, priority); err != nil {
c.Redirect(http.StatusFound, "/assignments")
return
}
reminderEnabled := c.PostForm("reminder_enabled") == "on"
reminderAtStr := c.PostForm("reminder_at")
var reminderAt *time.Time