From ee436efba306edb7f0f8c4e5f5e1c9dfff0746d2 Mon Sep 17 00:00:00 2001 From: kolaente Date: Sun, 21 Mar 2021 17:49:14 +0100 Subject: [PATCH] Add endpoint to remove a list background --- pkg/models/list.go | 1 + pkg/modules/background/handler/background.go | 81 +++++++++++++++----- pkg/routes/routes.go | 1 + pkg/swagger/docs.go | 50 ++++++++++++ pkg/swagger/swagger.json | 50 ++++++++++++ pkg/swagger/swagger.yaml | 32 ++++++++ 6 files changed, 195 insertions(+), 20 deletions(-) diff --git a/pkg/models/list.go b/pkg/models/list.go index 3db5bcae11..a742402fe4 100644 --- a/pkg/models/list.go +++ b/pkg/models/list.go @@ -543,6 +543,7 @@ func CreateOrUpdateList(s *xorm.Session, list *List, auth web.Auth) (err error) "identifier", "hex_color", "is_favorite", + "background_file_id", } if list.Description != "" { colsToUpdate = append(colsToUpdate, "description") diff --git a/pkg/modules/background/handler/background.go b/pkg/modules/background/handler/background.go index 4548c07397..7e5f85a0c3 100644 --- a/pkg/modules/background/handler/background.go +++ b/pkg/modules/background/handler/background.go @@ -199,6 +199,33 @@ func (bp *BackgroundProvider) UploadBackground(c echo.Context) error { return c.JSON(http.StatusOK, list) } +func checkListBackgroundRights(s *xorm.Session, c echo.Context) (list *models.List, auth web.Auth, err error) { + auth, err = auth2.GetAuthFromClaims(c) + if err != nil { + return nil, auth, echo.NewHTTPError(http.StatusBadRequest, "Invalid auth token: "+err.Error()) + } + + listID, err := strconv.ParseInt(c.Param("list"), 10, 64) + if err != nil { + return nil, auth, echo.NewHTTPError(http.StatusBadRequest, "Invalid list ID: "+err.Error()) + } + + // Check if a background for this list exists + Rights + list = &models.List{ID: listID} + can, _, err := list.CanRead(s, auth) + if err != nil { + _ = s.Rollback() + return nil, auth, handler.HandleHTTPError(err, c) + } + if !can { + _ = s.Rollback() + log.Infof("Tried to get list background of list %d while not having the rights for it (User: %v)", listID, auth) + return nil, auth, echo.NewHTTPError(http.StatusForbidden) + } + + return +} + // GetListBackground serves a previously set background from a list // It has no knowledge of the provider that was responsible for setting the background. // @Summary Get the list background @@ -214,31 +241,14 @@ func (bp *BackgroundProvider) UploadBackground(c echo.Context) error { // @Router /lists/{id}/background [get] func GetListBackground(c echo.Context) error { - auth, err := auth2.GetAuthFromClaims(c) - if err != nil { - return echo.NewHTTPError(http.StatusBadRequest, "Invalid auth token: "+err.Error()) - } - - listID, err := strconv.ParseInt(c.Param("list"), 10, 64) - if err != nil { - return echo.NewHTTPError(http.StatusBadRequest, "Invalid list ID: "+err.Error()) - } - s := db.NewSession() defer s.Close() - // Check if a background for this list exists + Rights - list := &models.List{ID: listID} - can, _, err := list.CanRead(s, auth) + list, _, err := checkListBackgroundRights(s, c) if err != nil { - _ = s.Rollback() - return handler.HandleHTTPError(err, c) - } - if !can { - _ = s.Rollback() - log.Infof("Tried to get list background of list %d while not having the rights for it (User: %v)", listID, auth) - return echo.NewHTTPError(http.StatusForbidden) + return err } + if list.BackgroundFileID == 0 { _ = s.Rollback() return echo.NotFoundHandler(c) @@ -266,3 +276,34 @@ func GetListBackground(c echo.Context) error { // Serve the file return c.Stream(http.StatusOK, "image/jpg", bgFile.File) } + +// RemoveListBackground removes a list background, no matter the background provider +// @Summary Remove a list background +// @Description Removes a previously set list background, regardless of the list provider used to set the background. It does not throw an error if the list does not have a background. +// @tags list +// @Produce json +// @Param id path int true "List ID" +// @Security JWTKeyAuth +// @Success 200 {object} models.List "The list" +// @Failure 403 {object} models.Message "No access to this list." +// @Failure 404 {object} models.Message "The list does not exist." +// @Failure 500 {object} models.Message "Internal error" +// @Router /lists/{id}/background [delete] +func RemoveListBackground(c echo.Context) error { + s := db.NewSession() + defer s.Close() + + list, auth, err := checkListBackgroundRights(s, c) + if err != nil { + return err + } + + list.BackgroundFileID = 0 + list.BackgroundInformation = nil + err = list.Update(s, auth) + if err != nil { + return err + } + + return c.JSON(http.StatusOK, list) +} diff --git a/pkg/routes/routes.go b/pkg/routes/routes.go index 2a3a4c4590..7232fe6222 100644 --- a/pkg/routes/routes.go +++ b/pkg/routes/routes.go @@ -576,6 +576,7 @@ func registerAPIRoutes(a *echo.Group) { // List Backgrounds if config.BackgroundsEnabled.GetBool() { a.GET("/lists/:list/background", backgroundHandler.GetListBackground) + a.DELETE("/lists/:list/background", backgroundHandler.RemoveListBackground) if config.BackgroundsUploadEnabled.GetBool() { uploadBackgroundProvider := &backgroundHandler.BackgroundProvider{ Provider: func() background.Provider { diff --git a/pkg/swagger/docs.go b/pkg/swagger/docs.go index d2900bbb9e..616c9de9e5 100644 --- a/pkg/swagger/docs.go +++ b/pkg/swagger/docs.go @@ -1063,6 +1063,56 @@ var doc = `{ } } } + }, + "delete": { + "security": [ + { + "JWTKeyAuth": [] + } + ], + "description": "Removes a previously set list background, regardless of the list provider used to set the background. It does not throw an error if the list does not have a background.", + "produces": [ + "application/json" + ], + "tags": [ + "list" + ], + "summary": "Remove a list background", + "parameters": [ + { + "type": "integer", + "description": "List ID", + "name": "id", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "The list", + "schema": { + "$ref": "#/definitions/models.List" + } + }, + "403": { + "description": "No access to this list.", + "schema": { + "$ref": "#/definitions/models.Message" + } + }, + "404": { + "description": "The list does not exist.", + "schema": { + "$ref": "#/definitions/models.Message" + } + }, + "500": { + "description": "Internal error", + "schema": { + "$ref": "#/definitions/models.Message" + } + } + } } }, "/lists/{id}/backgrounds/unsplash": { diff --git a/pkg/swagger/swagger.json b/pkg/swagger/swagger.json index 79e53cb4d9..de2b6b423e 100644 --- a/pkg/swagger/swagger.json +++ b/pkg/swagger/swagger.json @@ -1046,6 +1046,56 @@ } } } + }, + "delete": { + "security": [ + { + "JWTKeyAuth": [] + } + ], + "description": "Removes a previously set list background, regardless of the list provider used to set the background. It does not throw an error if the list does not have a background.", + "produces": [ + "application/json" + ], + "tags": [ + "list" + ], + "summary": "Remove a list background", + "parameters": [ + { + "type": "integer", + "description": "List ID", + "name": "id", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "The list", + "schema": { + "$ref": "#/definitions/models.List" + } + }, + "403": { + "description": "No access to this list.", + "schema": { + "$ref": "#/definitions/models.Message" + } + }, + "404": { + "description": "The list does not exist.", + "schema": { + "$ref": "#/definitions/models.Message" + } + }, + "500": { + "description": "Internal error", + "schema": { + "$ref": "#/definitions/models.Message" + } + } + } } }, "/lists/{id}/backgrounds/unsplash": { diff --git a/pkg/swagger/swagger.yaml b/pkg/swagger/swagger.yaml index c638800941..71b7d6667e 100644 --- a/pkg/swagger/swagger.yaml +++ b/pkg/swagger/swagger.yaml @@ -1835,6 +1835,38 @@ paths: tags: - task /lists/{id}/background: + delete: + description: Removes a previously set list background, regardless of the list provider used to set the background. It does not throw an error if the list does not have a background. + parameters: + - description: List ID + in: path + name: id + required: true + type: integer + produces: + - application/json + responses: + "200": + description: The list + schema: + $ref: '#/definitions/models.List' + "403": + description: No access to this list. + schema: + $ref: '#/definitions/models.Message' + "404": + description: The list does not exist. + schema: + $ref: '#/definitions/models.Message' + "500": + description: Internal error + schema: + $ref: '#/definitions/models.Message' + security: + - JWTKeyAuth: [] + summary: Remove a list background + tags: + - list get: description: Get the list background of a specific list. **Returns json on error.** parameters: