Add various deleted flags to entities | Add active to subscriptions | Add DeleteUser && DeleteChannel endpoints [skip-tests]

scnserver/api/handler/apiSubscription.go

@@ -430,6 +430,7 @@ func (h APIHandler) UpdateSubscription(pctx ginext.PreContext) ginext.HTTPRespon
 	}
 	type body struct {
 		Confirmed *bool `form:"confirmed"`
+		Active    *bool `form:"active"`
 	}
 
 	var u uri
@@ -460,6 +461,9 @@ func (h APIHandler) UpdateSubscription(pctx ginext.PreContext) ginext.HTTPRespon
 		}
 
 		if b.Confirmed != nil {
+
+			// only channel-owner can confirm|unconfirm
+
 			if subscription.ChannelOwnerUserID != userid {
 				return ginresp.APIError(g, 401, apierr.USER_AUTH_FAILED, "You are not authorized for this action", nil)
 			}
@@ -469,6 +473,19 @@ func (h APIHandler) UpdateSubscription(pctx ginext.PreContext) ginext.HTTPRespon
 			}
 		}
 
+		if b.Active != nil {
+
+			// channel-owner AND subscriber can change active
+
+			if subscription.SubscriberUserID != u.UserID && subscription.ChannelOwnerUserID != userid {
+				return ginresp.APIError(g, 401, apierr.USER_AUTH_FAILED, "You are not authorized for this action", nil)
+			}
+			err = h.database.UpdateSubscriptionActive(ctx, u.SubscriptionID, *b.Active)
+			if err != nil {
+				return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to update subscription", err)
+			}
+		}
+
 		subscription, err = h.database.GetSubscription(ctx, u.SubscriptionID)
 		if err != nil {
 			return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to query subscription", err)