Mikescher/SimpleCloudNotifier
1
0
Fork 0
Code Pull Requests Actions Releases Activity

Add various deleted flags to entities | Add active to subscriptions | Add DeleteUser && DeleteChannel endpoints [skip-tests]
All checks were successful
Build Docker and Deploy / Run Unit-Tests (push) Has been skipped
Details
Build Docker and Deploy / Build Docker Container (push) Successful in 43s
Details
Build Docker and Deploy / Deploy to Server (push) Successful in 16s
Details

Browse Source
This commit is contained in:
Mike Schwörer
2025-04-13 16:12:15 +02:00
parent aac34ef738
commit 8c0f0e3e8f
47 changed files with 2453 additions and 243 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
scnserver/api/handler/apiChannel.go
View File

@@ -471,3 +471,76 @@ func (h APIHandler) ListChannelMessages(pctx ginext.PreContext) ginext.HTTPRespo
})
}
// DeleteChannel swaggerdoc
//
// @Summary delete a channel (including all messages, subscriptions, etc)
// @ID api-channels-delete
// @Tags API-v2
//
// @Param uid path string true "UserID"
// @Param cid path string true "ChannelID"
//
// @Success 200 {object} models.Channel
// @Failure 400 {object} ginresp.apiError "supplied values/parameters cannot be parsed / are invalid"
// @Failure 401 {object} ginresp.apiError "user is not authorized / has missing permissions"
// @Failure 404 {object} ginresp.apiError "channel not found"
// @Failure 500 {object} ginresp.apiError "internal server error"
//
// @Router /api/v2/users/{uid}/channels/{cid} [PATCH]
func (h APIHandler) DeleteChannel(pctx ginext.PreContext) ginext.HTTPResponse {
type uri struct {
UserID models.UserID `uri:"uid" binding:"entityid"`
ChannelID models.ChannelID `uri:"cid" binding:"entityid"`
}
var u uri
ctx, g, errResp := pctx.URI(&u).Start()
if errResp != nil {
return *errResp
}
defer ctx.Cancel()
return h.app.DoRequest(ctx, g, models.TLockReadWrite, func(ctx *logic.AppContext, finishSuccess func(r ginext.HTTPResponse) ginext.HTTPResponse) ginext.HTTPResponse {
if permResp := ctx.CheckPermissionUserAdmin(u.UserID); permResp != nil {
return *permResp
}
channel, err := h.database.GetChannel(ctx, u.UserID, u.ChannelID, true)
if errors.Is(err, sql.ErrNoRows) {
return ginresp.APIError(g, 404, apierr.CHANNEL_NOT_FOUND, "Channel not found", err)
}
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to query channel", err)
}
err = h.app.Database.Primary.DeleteChannel(ctx, u.ChannelID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to delete channel", err)
}
err = h.app.Database.Primary.DeleteDeliveriesOfChannel(ctx, u.ChannelID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to delete deliveries", err)
}
err = h.app.Database.Primary.DeleteMessagesOfChannel(ctx, u.ChannelID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to delete messages", err)
}
err = h.app.Database.Primary.DeleteSubscriptionsByChannel(ctx, u.ChannelID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to delete subscriptions", err)
}
err = h.app.Database.Primary.DeleteChannelFromKeyTokens(ctx, u.ChannelID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to update keytokens", err)
}
return finishSuccess(ginext.JSON(http.StatusOK, channel))
})
}

2
scnserver/api/handler/apiMessage.go
View File

@@ -90,7 +90,7 @@ func (h APIHandler) ListMessages(pctx ginext.PreContext) ginext.HTTPResponse {
}
filter := models.MessageFilter{
ConfirmedSubscriptionBy: langext.Ptr(userid),
ConfirmedAndActiveSubscriptionBy: langext.Ptr(userid),
}
if len(q.Search) != 0 {

17
scnserver/api/handler/apiSubscription.go
View File

@@ -430,6 +430,7 @@ func (h APIHandler) UpdateSubscription(pctx ginext.PreContext) ginext.HTTPRespon
}
type body struct {
Confirmed *bool `form:"confirmed"`
Active *bool `form:"active"`
}
var u uri
@@ -460,6 +461,9 @@ func (h APIHandler) UpdateSubscription(pctx ginext.PreContext) ginext.HTTPRespon
}
if b.Confirmed != nil {
// only channel-owner can confirm|unconfirm
if subscription.ChannelOwnerUserID != userid {
return ginresp.APIError(g, 401, apierr.USER_AUTH_FAILED, "You are not authorized for this action", nil)
}
@@ -469,6 +473,19 @@ func (h APIHandler) UpdateSubscription(pctx ginext.PreContext) ginext.HTTPRespon
}
}
if b.Active != nil {
// channel-owner AND subscriber can change active
if subscription.SubscriberUserID != u.UserID && subscription.ChannelOwnerUserID != userid {
return ginresp.APIError(g, 401, apierr.USER_AUTH_FAILED, "You are not authorized for this action", nil)
}
err = h.database.UpdateSubscriptionActive(ctx, u.SubscriptionID, *b.Active)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to update subscription", err)
}
}
subscription, err = h.database.GetSubscription(ctx, u.SubscriptionID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to query subscription", err)

91
scnserver/api/handler/apiUser.go
View File

@@ -274,3 +274,94 @@ func (h APIHandler) UpdateUser(pctx ginext.PreContext) ginext.HTTPResponse {
return finishSuccess(ginext.JSON(http.StatusOK, user.PreMarshal()))
})
}
// DeleteUser swaggerdoc
//
// @Summary (Self-)Deletes a user (including all entities - all messages, channels, clients, .....)
//
// @ID api-user-delete
// @Tags API-v2
//
// @Param uid path string true "UserID"
//
// @Success 200 {object} models.User
// @Failure 400 {object} ginresp.apiError "supplied values/parameters cannot be parsed / are invalid"
// @Failure 401 {object} ginresp.apiError "user is not authorized / has missing permissions"
// @Failure 404 {object} ginresp.apiError "user not found"
// @Failure 500 {object} ginresp.apiError "internal server error"
//
// @Router /api/v2/users/{uid} [PATCH]
func (h APIHandler) DeleteUser(pctx ginext.PreContext) ginext.HTTPResponse {
type uri struct {
UserID models.UserID `uri:"uid" binding:"entityid"`
}
var u uri
ctx, g, errResp := pctx.URI(&u).Start()
if errResp != nil {
return *errResp
}
defer ctx.Cancel()
return h.app.DoRequest(ctx, g, models.TLockReadWrite, func(ctx *logic.AppContext, finishSuccess func(r ginext.HTTPResponse) ginext.HTTPResponse) ginext.HTTPResponse {
if permResp := ctx.CheckPermissionUserAdmin(u.UserID); permResp != nil {
return *permResp
}
user, err := h.database.GetUser(ctx, u.UserID)
if errors.Is(err, sql.ErrNoRows) {
return ginresp.APIError(g, 404, apierr.USER_NOT_FOUND, "User not found", err)
}
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to query user", err)
}
err = h.app.Database.Primary.DeleteUser(ctx, u.UserID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to delete user", err)
}
err = h.app.Database.Primary.DeleteChannelsOfUser(ctx, u.UserID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to delete channels", err)
}
err = h.app.Database.Primary.DeleteClientsOfUser(ctx, u.UserID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to delete clients", err)
}
err = h.app.Database.Primary.DeleteDeliveriesOfUser(ctx, u.UserID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to delete deliveries", err)
}
err = h.app.Database.Primary.DeleteKeyTokensOfUser(ctx, u.UserID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to delete tokens", err)
}
err = h.app.Database.Primary.DeleteMessagesOfUserBySenderUserID(ctx, u.UserID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to delete messages", err)
}
err = h.app.Database.Primary.DeleteMessagesOfUserByChannelOwnerUserID(ctx, u.UserID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to delete messages", err)
}
err = h.app.Database.Primary.DeleteSubscriptionsOfUserBySubscriber(ctx, u.UserID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to delete subscriptions", err)
}
err = h.app.Database.Primary.DeleteSubscriptionsOfUserByChannelOwner(ctx, u.UserID)
if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to delete subscriptions", err)
}
return finishSuccess(ginext.JSON(http.StatusOK, user.PreMarshal()))
})
}

2
scnserver/api/router.go
View File

@@ -125,6 +125,7 @@ func (r *Router) Init(e *ginext.GinWrapper) error {
apiv2.POST("/users").Handle(r.apiHandler.CreateUser)
apiv2.GET("/users/:uid").Handle(r.apiHandler.GetUser)
apiv2.PATCH("/users/:uid").Handle(r.apiHandler.UpdateUser)
apiv2.DELETE("/users/:uid").Handle(r.apiHandler.DeleteUser)
apiv2.GET("/users/:uid/keys").Handle(r.apiHandler.ListUserKeys)
apiv2.POST("/users/:uid/keys").Handle(r.apiHandler.CreateUserKey)
@@ -143,6 +144,7 @@ func (r *Router) Init(e *ginext.GinWrapper) error {
apiv2.POST("/users/:uid/channels").Handle(r.apiHandler.CreateChannel)
apiv2.GET("/users/:uid/channels/:cid").Handle(r.apiHandler.GetChannel)
apiv2.PATCH("/users/:uid/channels/:cid").Handle(r.apiHandler.UpdateChannel)
apiv2.DELETE("/users/:uid/channels/:cid").Handle(r.apiHandler.DeleteChannel)
apiv2.GET("/users/:uid/channels/:cid/messages").Handle(r.apiHandler.ListChannelMessages)
apiv2.GET("/users/:uid/channels/:cid/subscriptions").Handle(r.apiHandler.ListChannelSubscriptions)