From 224b7e52c7a7a02d36a82c070925a2e506b7b2f4 Mon Sep 17 00:00:00 2001 From: Santo Cariotti Date: Tue, 20 Sep 2022 15:44:46 +0200 Subject: Delete model --- src/routes/model.rs | 35 +++++++++++++++++++++++++++++++++-- 1 file changed, 33 insertions(+), 2 deletions(-) (limited to 'src/routes/model.rs') diff --git a/src/routes/model.rs b/src/routes/model.rs index 3666504..4f935a9 100644 --- a/src/routes/model.rs +++ b/src/routes/model.rs @@ -1,15 +1,17 @@ use crate::{ errors::AppError, - files::upload, + files::{delete_upload, upload}, models::{ auth::Claims, model::{Model, ModelCreate, ModelUpload, ModelUser}, + user::User, }, pagination::Pagination, routes::JsonCreate, }; use axum::{ extract::{ContentLengthLimit, Multipart, Path, Query}, + http::StatusCode, routing::{get, post}, Json, Router, }; @@ -19,7 +21,7 @@ use serde::Serialize; pub fn create_route() -> Router { Router::new() .route("/", get(list_models).post(create_model)) - .route("/:id", get(get_model)) + .route("/:id", get(get_model).delete(delete_model)) .route("/:id/upload", post(upload_model_file)) } @@ -95,3 +97,32 @@ async fn upload_model_file( Err(e) => Err(e), } } + +/// The owner or a staffer can delete a model +async fn delete_model(claims: Claims, Path(model_id): Path) -> Result { + let model = match Model::find_by_id(model_id).await { + Ok(model) => model, + Err(_) => { + return Err(AppError::NotFound("Model not found".to_string())); + } + }; + + let user = User::find_by_id(claims.user_id).await?; + + let uploads: Vec = model.upload_paths().await.unwrap(); + + if model.author_id() != user.id { + if !user.is_staff.unwrap() { + return Err(AppError::Unauthorized); + } + } + + // If the model has been deleted, remove all old uploads from the file system + if Model::delete(model_id).await.is_ok() { + uploads + .iter() + .for_each(|path: &String| delete_upload(path).unwrap_or_default()); + } + + Ok(StatusCode::NO_CONTENT) +} -- cgit v1.2.3-71-g8e6c