Merge branch 'feature/delete-venet' into 'master'

Add ability to delete an event See merge request framasoft/mobilizon!51
2019-01-26 21:39:55 +01:00 · 2019-01-26 21:39:55 +01:00 · 47aa03b1f2
commit 47aa03b1f2
parent b6f905313a dd174f2446
8 changed files with 98 additions and 4 deletions
--- a/lib/mobilizon/actors/member.ex
+++ b/lib/mobilizon/actors/member.ex
@ -36,7 +36,7 @@ defmodule Mobilizon.Actors.Member do
    end
  end

-  def is_administrator(%Member{role: 2} = member) do
+  def is_administrator(%Member{role: 2}) do
    {:is_admin, true}
  end

--- a/lib/mobilizon/actors/user.ex
+++ b/lib/mobilizon/actors/user.ex
@ -145,12 +145,12 @@ defmodule Mobilizon.Actors.User do
    {:ok, user}
  end

-  def owns_actor(%User{default_actor_id: default_actor_id} = user, %Actor{id: actor_id})
+  def owns_actor(%User{default_actor_id: default_actor_id}, %Actor{id: actor_id})
      when default_actor_id == actor_id do
    {:is_owned, true}
  end

-  def owns_actor(%User{actors: actors} = user, actor_id) do
+  def owns_actor(%User{actors: actors}, actor_id) do
    case Enum.any?(actors, fn a -> a.id == actor_id end) do
      true -> {:is_owned, true}
      _ -> {:is_owned, false}
--- a/lib/mobilizon/events/event.ex
+++ b/lib/mobilizon/events/event.ex
@ -82,4 +82,13 @@ defmodule Mobilizon.Events.Event do
      :uuid
    ])
  end
+
+  def can_event_be_managed_by(%Event{organizer_actor_id: organizer_actor_id}, actor_id)
+      when organizer_actor_id == actor_id do
+    {:event_can_be_managed, true}
+  end
+
+  def can_event_be_managed_by(_event, _actor) do
+    {:event_can_be_managed, false}
+  end
 end
--- a/lib/mobilizon/events/events.ex
+++ b/lib/mobilizon/events/events.ex
@ -103,6 +103,16 @@ defmodule Mobilizon.Events do
  """
  def get_event!(id), do: Repo.get!(Event, id)

+  @doc """
+  Gets a single event.
+  """
+  def get_event(id) do
+    case Repo.get(Event, id) do
+      nil -> {:error, :event_not_found}
+      event -> {:ok, event}
+    end
+  end
+
  @doc """
  Gets an event by it's URL
  """
@ -311,6 +321,15 @@ defmodule Mobilizon.Events do
    Repo.delete(event)
  end

+  @doc """
+  Deletes a Event.
+
+  Raises an exception if it fails.
+  """
+  def delete_event!(%Event{} = event) do
+    Repo.delete!(event)
+  end
+
  @doc """
  Returns an `%Ecto.Changeset{}` for tracking event changes.

--- a/lib/mobilizon_web/resolvers/event.ex
+++ b/lib/mobilizon_web/resolvers/event.ex
@ -5,6 +5,7 @@ defmodule MobilizonWeb.Resolvers.Event do
  alias Mobilizon.Service.ActivityPub
  alias Mobilizon.Activity
  alias Mobilizon.Events.Event
+  alias Mobilizon.Actors.User

  # We limit the max number of events that can be retrieved
  @event_max_limit 100
@ -94,4 +95,31 @@ defmodule MobilizonWeb.Resolvers.Event do
  def create_event(_parent, _args, _resolution) do
    {:error, "You need to be logged-in to create events"}
  end
+
+  @doc """
+  Delete an event
+  """
+  def delete_event(_parent, %{event_id: event_id, actor_id: actor_id}, %{
+        context: %{current_user: user}
+      }) do
+    with {:ok, %Event{} = event} <- Mobilizon.Events.get_event(event_id),
+         {:is_owned, true} <- User.owns_actor(user, actor_id),
+         {:event_can_be_managed, true} <- Event.can_event_be_managed_by(event, actor_id),
+         event <- Mobilizon.Events.delete_event!(event) do
+      {:ok, %{id: event.id}}
+    else
+      {:error, :event_not_found} ->
+        {:error, "Event not found"}
+
+      {:is_owned, false} ->
+        {:error, "Actor id is not owned by authenticated user"}
+
+      {:event_can_be_managed, false} ->
+        {:error, "You cannot delete this event"}
+    end
+  end
+
+  def delete_event(_parent, _args, _resolution) do
+    {:error, "You need to be logged-in to delete an event"}
+  end
 end
--- a/lib/mobilizon_web/resolvers/group.ex
+++ b/lib/mobilizon_web/resolvers/group.ex
@ -89,7 +89,7 @@ defmodule MobilizonWeb.Resolvers.Group do
      {:ok, %{id: group.id}}
    else
      {:error, :group_not_found} ->
-        {:error, "Group with preferred username not found"}
+        {:error, "Group not found"}

      {:is_owned, false} ->
        {:error, "Actor id is not owned by authenticated user"}
--- a/lib/mobilizon_web/schema.ex
+++ b/lib/mobilizon_web/schema.ex
@ -217,6 +217,14 @@ defmodule MobilizonWeb.Schema do
      resolve(&Resolvers.Event.create_event/3)
    end

+    @desc "Delete an event"
+    field :delete_event, :deleted_object do
+      arg(:event_id, non_null(:integer))
+      arg(:actor_id, non_null(:integer))
+
+      resolve(&Resolvers.Event.delete_event/3)
+    end
+
    @desc "Create a comment"
    field :create_comment, type: :comment do
      arg(:text, non_null(:string))
--- a/test/mobilizon_web/resolvers/event_resolver_test.exs
+++ b/test/mobilizon_web/resolvers/event_resolver_test.exs
@ -306,5 +306,35 @@ defmodule MobilizonWeb.Resolvers.EventResolverTest do
      assert json_response(res, 200)["errors"] |> hd |> Map.get("message") ==
               "Event with UUID #{event.uuid} not found"
    end
+
+    test "delete_event/3 deletes an event", %{conn: conn, user: user, actor: actor} do
+      event = insert(:event, organizer_actor: actor)
+
+      mutation = """
+          mutation {
+            deleteEvent(
+              actor_id: #{actor.id},
+              event_id: #{event.id}
+            ) {
+                id
+              }
+            }
+      """
+
+      res =
+        conn
+        |> auth_conn(user)
+        |> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
+
+      assert json_response(res, 200)["errors"] == nil
+      assert json_response(res, 200)["data"]["deleteEvent"]["id"] == event.id
+
+      res =
+        conn
+        |> auth_conn(user)
+        |> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
+
+      assert hd(json_response(res, 200)["errors"])["message"] =~ "not found"
+    end
  end
 end