2 files changed, 43 insertions, 4 deletions

diff --git a/src/routes/admin.rs b/src/routes/admin.rs
index ccca2de..7ba63ac 100644
--- a/src/routes/admin.rs
+++ b/src/routes/admin.rs
@@ -19,7 +19,7 @@ pub async fn get_dashboard(session: &Session, critch: Data<&Critch>) -> Result<R
     if let Some(true) = session.get("is_admin") {
         let comments = critch.db.comments().read_all().await?;
         let artworks = critch.db.artworks().read_all().await?;
-        return Ok(render!(templates::admin_dashboard_html).into_response());
+        return Ok(render!(templates::admin_dashboard_html, artworks).into_response());
     } else {
         return Ok(Redirect::see_other("/admin/login").into_response());
     }
diff --git a/src/routes/artworks.rs b/src/routes/artworks.rs
index 556265f..fae7a10 100644
--- a/src/routes/artworks.rs
+++ b/src/routes/artworks.rs
@@ -1,10 +1,49 @@
-use poem::{handler, web::Path};
+use poem::web::{Data, Multipart, Redirect};
+use poem::IntoResponse;
+use poem::{handler, session::Session, web::Path, Response};
+
+use crate::artist::Artist;
+use crate::db::artworks::Artwork;
+use crate::error::Error;
+use crate::file::File;
+use crate::{Critch, Result};
 
 pub mod comments;
 
 #[handler]
-pub async fn post() {
-    todo!()
+pub async fn post(
+    session: &Session,
+    mut multipart: Multipart,
+    critch: Data<&Critch>,
+) -> Result<Response> {
+    if let Some(true) = session.get("is_admin") {
+        let (mut title, mut handle, mut url_source, mut description, mut files) =
+            (None, None, None, None, Vec::new());
+        while let Some(field) = multipart.next_field().await? {
+            match field.name() {
+                Some("title") => title = Some(field.text().await?),
+                Some("artist") => handle = Some(field.text().await?),
+                Some("url") => url_source = Some(field.text().await?),
+                Some("description") => description = Some(field.text().await?),
+                Some("file") => {
+                    let content_type = field.content_type().ok_or(Error::BadRequest)?.to_owned();
+                    let file_data = field.bytes().await?;
+                    let file = File::new(&content_type)?;
+                    let file_name = format!("{}.{}", file.file_id(), file.extension());
+                    critch.save_file(&file_name, file_data).await?;
+                    files.push(file);
+                }
+                _ => return Err(Error::BadRequest),
+            }
+        }
+        let artist = Artist::new(handle.ok_or(Error::BadRequest)?);
+        let artwork = Artwork::new(title, description, url_source, artist, files);
+        critch.db.artworks().create(artwork).await?;
+        println!("saved file");
+        return Ok(Redirect::see_other("/admin").into_response());
+    } else {
+        return Err(Error::Unauthorized);
+    }
 }
 
 #[handler]