Display human-readable report reason in modpanel

Also fixes the "list all torrent reports" subpage

model/report.go

@@ -29,8 +29,30 @@ type TorrentReportJson struct {
 
 /* Model Conversion to Json */
 
+func getReportDescription(d string) string {
+	if d == "illegal" {
+		return "Illegal content"
+	} else if d == "spam" {
+		return "Spam / Garbage"
+	} else if d == "wrongcat" {
+		return "Wrong category"
+	} else if d == "dup" {
+		return "Duplicate / Deprecated"
+	}
+	return "???"
+}
+
 func (report *TorrentReport) ToJson() TorrentReportJson {
-	json := TorrentReportJson{report.ID, report.Description, report.Torrent.ToJSON(), report.User.ToJSON()}
+	// FIXME: report.Torrent and report.User should never be nil
+	var t TorrentJSON = TorrentJSON{}
+	if report.Torrent != nil {
+		t = report.Torrent.ToJSON()
+	}
+	var u UserJSON = UserJSON{}
+	if report.User != nil {
+		u = report.User.ToJSON()
+	}
+	json := TorrentReportJson{report.ID, getReportDescription(report.Description), t, u}
 	return json
 }
 

router/modpanel.go

@@ -32,7 +32,7 @@ func IndexModPanel(w http.ResponseWriter, r *http.Request) {
 		torrentReports, _, _ := reportService.GetAllTorrentReports(offset, 0)
 
 		languages.SetTranslationFromRequest(panelIndex, r, "en-us")
-		htv := PanelIndexVbs{torrents, torrentReports, users, comments, NewSearchForm(), currentUser, r.URL}
+		htv := PanelIndexVbs{torrents, model.TorrentReportsToJSON(torrentReports), users, comments, NewSearchForm(), currentUser, r.URL}
 		_ = panelIndex.ExecuteTemplate(w, "admin_index.html", htv)
 	} else {
 		http.Error(w, "admins only", http.StatusForbidden)

router/templateVariables.go

@@ -117,7 +117,7 @@ type UploadTemplateVariables struct {
 
 type PanelIndexVbs struct {
 	Torrents       []model.Torrent
-	TorrentReports []model.TorrentReport
+	TorrentReports []model.TorrentReportJson
 	Users          []model.User
 	Comments       []model.Comment
 	Search         SearchForm

service/report/report.go

@@ -48,7 +48,6 @@ func getTorrentReportsOrderBy(parameters *serviceBase.WhereParams, orderBy strin
 			return
 		}
 	}
-	// TODO: Vulnerable to injections. Use query builder. (is it?)
 
 	// build custom db query for performance reasons
 	dbQuery := "SELECT * FROM torrent_reports"
@@ -63,7 +62,7 @@ func getTorrentReportsOrderBy(parameters *serviceBase.WhereParams, orderBy strin
 	if limit != 0 || offset != 0 { // if limits provided
 		dbQuery = dbQuery + " LIMIT " + strconv.Itoa(limit) + " OFFSET " + strconv.Itoa(offset)
 	}
-	err = db.ORM.Preload("Torrent").Preload("User").Raw(dbQuery, params...).Find(&torrentReports).Error //fixed !!!!
+	err = db.ORM.Preload("Torrent").Preload("User").Raw(dbQuery, params...).Find(&torrentReports).Error
 	return
 }
 

templates/admin/panelindex.html

@@ -29,7 +29,7 @@
     <th class="col-xs-1">Action</th>
 </tr>
 
-<tr><td><a href="{{ genRoute "mod_tedit" }}?id={{.Torrent.ID}}">{{ .Torrent.Name }}</a></td><td>{{.UserID}}</td><td>{{.Description}}</td>
+<tr><td><a href="{{ genRoute "mod_tedit" }}?id={{.Torrent.ID}}">{{ .Torrent.Name }}</a></td><td>{{.User.Username}}</td><td>{{.Description}}</td>
 <td><a href="{{ genRoute "mod_trdelete" }}?id={{ .ID }}" class="btn btn-danger btn-lg" onclick="if (!confirm('Are you sure?')) return false;"><i class="glyphicon glyphicon-trash"></i>{{ T "delete" }}</a></td></tr>
 {{end}}
 </table>

templates/admin/torrent_report.html

@@ -6,7 +6,6 @@
     <th class="col-xs-1">User</th>
     <th class="col-xs-1">Reason</th>
     <th class="col-xs-1">Action</th>
-    <th class="col-xs-1">Action</th>
 </tr>
 
   {{ range .TorrentReports}}
@@ -14,8 +13,8 @@
       <td><a href="{{ genRoute "mod_tedit"}}?id={{.Torrent.ID}}">{{.Torrent.Name}}</a></td>
       <td>{{.User.Username}}</td>
       <td>{{.Description}}</td>
-      <td><a href="{{ genRoute "mod_tdelete" }}?id={{ .Torrent.ID }}">Delete</a></td>
-      <td><a href="{{ genRoute "mod_trdelete" }}?id={{ .ID }}">Delete Report</a></td>
+      <td><a href="{{ genRoute "mod_tdelete" }}?id={{ .Torrent.ID }}">Delete</a>
+      <a href="{{ genRoute "mod_trdelete" }}?id={{ .ID }}">Delete Report</a></td>
     </tr>
   {{end}}
 </table>