Delete post route

2024-03-22 22:44:57 +01:00 · 2024-03-22 22:44:57 +01:00 · 70ba521aa5
commit 70ba521aa5
parent ea25fa9489
3 changed files with 67 additions and 5 deletions
--- a/server/.sqlx/query-149c876947c5df3c5397a9aab0534c55acfc9521301399c47fcf5466bc2d58bc.json
+++ b/server/.sqlx/query-149c876947c5df3c5397a9aab0534c55acfc9521301399c47fcf5466bc2d58bc.json
@ -0,0 +1,15 @@
+{
+  "db_name": "PostgreSQL",
+  "query": "DELETE FROM posts WHERE id = $1 AND user_id = (SELECT id FROM users WHERE username = $2)",
+  "describe": {
+    "columns": [],
+    "parameters": {
+      "Left": [
+        "Int8",
+        "Text"
+      ]
+    },
+    "nullable": []
+  },
+  "hash": "149c876947c5df3c5397a9aab0534c55acfc9521301399c47fcf5466bc2d58bc"
+}
--- a/server/src/main.rs
+++ b/server/src/main.rs
@ -19,7 +19,7 @@ use state::CaptchaState;
 use state::ServerState;
 use util::hex_string;

-use crate::routes::{engage_post, get_engagements};
+use crate::routes::{delete_post, engage_post, get_engagements};

 #[actix_web::main]
 async fn main() -> std::io::Result<()> {
@ -66,6 +66,7 @@ async fn main() -> std::io::Result<()> {
                scope("/api")
                    .service(get_posts)
                    .service(new_post)
+                    .service(delete_post)
                    .service(new_comment)
                    .service(get_comments)
                    .service(engage_post)
--- a/server/src/routes/post.rs
+++ b/server/src/routes/post.rs
@ -4,7 +4,7 @@ use crate::types::{NewPost, PostQueryParams};
 use crate::ServerState;

 use actix_web::web::{Data, Path, Query};
-use actix_web::HttpRequest;
+use actix_web::{delete, HttpRequest};
 use actix_web::{get, post, web::Json, HttpResponse, Responder, Result};
 use log::info;

@ -102,7 +102,10 @@ pub async fn engage_post(
    }

    // Get engagement count
-    let q = sqlx::query!("SELECT COUNT(*) FROM engagements WHERE post_id = $1", post_id)
+    let q = sqlx::query!(
+        "SELECT COUNT(*) FROM engagements WHERE post_id = $1",
+        post_id
+    )
    .fetch_one(&state.pool)
    .await;

@ -115,6 +118,49 @@ pub async fn engage_post(
    }
 }

+#[delete("/posts/{id}")]
+pub async fn delete_post(
+    path: Path<i64>,
+    state: Data<ServerState>,
+    auth: Data<Authentication>,
+    req: HttpRequest,
+) -> Result<impl Responder> {
+    let post_id = path.into_inner();
+    let token = req
+        .headers()
+        .get("Authorization")
+        .unwrap()
+        .to_str()
+        .unwrap();
+
+    // Remove the Bearer prefix
+    let token = token.replace("Bearer ", "");
+    let claims = auth.decode(&token);
+
+    if let Err(e) = claims {
+        info!("Error validating token: {}", e);
+        return Ok(HttpResponse::BadRequest().json("Error"));
+    }
+
+    let username = claims.unwrap().sub;
+
+    let q = sqlx::query!(
+        "DELETE FROM posts WHERE id = $1 AND user_id = (SELECT id FROM users WHERE username = $2)",
+        post_id,
+        username
+    )
+    .execute(&state.pool)
+    .await;
+
+    match q {
+        Ok(_) => Ok(HttpResponse::Ok().json("Deleted")),
+        Err(e) => {
+            info!("Error deleting post: {}", e);
+            Ok(HttpResponse::InternalServerError().json("Error"))
+        }
+    }
+}
+
 #[get("/posts/{id}/engage")]
 pub async fn get_engagements(path: Path<i64>, state: Data<ServerState>) -> Result<impl Responder> {
    let id = path.into_inner();