feat: allow mods to actually delete albums

2025-01-18 17:21:33 +00:00 · 2022-05-05 13:58:54 +07:00 · 2022-05-05 13:58:54 +07:00 · 450bf72e7a
commit 450bf72e7a
parent a0adefc740
3 changed files with 91 additions and 18 deletions
--- a/controllers/albumsController.js
+++ b/controllers/albumsController.js
@ -236,6 +236,7 @@ self.create = async (req, res, next) => {

 self.delete = async (req, res, next) => {
  // Map /delete requests to /disable route
+  req.body.del = true
  return self.disable(req, res, next)
 }

@ -243,8 +244,11 @@ self.disable = async (req, res, next) => {
  try {
    const user = await utils.authorize(req)

+    const ismoderator = perms.is(user, 'moderator')
+
    const id = req.body.id
    const purge = req.body.purge
+    const del = ismoderator ? req.body.del : false
    if (!Number.isFinite(id)) throw new ClientError('No album specified.')

    if (purge) {
@ -262,24 +266,30 @@ self.disable = async (req, res, next) => {
      utils.invalidateStatsCache('uploads')
    }

-    await db.table('albums')
-      .where({
-        id,
-        userid: user.id
-      })
-      .update('enabled', 0)
-    utils.invalidateAlbumsCache([id])
-    utils.invalidateStatsCache('albums')
-
+    const filter = {
+      id,
+      userid: user.id
+    }
    const identifier = await db.table('albums')
      .select('identifier')
-      .where({
-        id,
-        userid: user.id
-      })
+      .where(filter)
      .first()
      .then(row => row.identifier)

+    if (del) {
+      await db.table('albums')
+        .where(filter)
+        .first()
+        .del()
+    } else {
+      await db.table('albums')
+        .where(filter)
+        .first()
+        .update('enabled', 0)
+    }
+    utils.invalidateAlbumsCache([id])
+    utils.invalidateStatsCache('albums')
+
    try {
      await paths.unlink(path.join(paths.zips, `${identifier}.zip`))
    } catch (error) {
--- a/controllers/authController.js
+++ b/controllers/authController.js
@ -308,8 +308,6 @@ self.deleteUser = async (req, res, next) => {
      }
    }

-    // TODO: Figure out why can't we just just delete the albums from DB
-    // DISCLAIMER: Upstream always had it coded this way for some reason
    const albums = await db.table('albums')
      .where('userid', id)
      .where('enabled', 1)
--- a/src/js/dashboard.js
+++ b/src/js/dashboard.js
@ -386,6 +386,8 @@ page.domClick = event => {
      return page.editAlbum(id)
    case 'disable-album':
      return page.disableAlbum(id)
+    case 'delete-album':
+      return page.deleteAlbum(id)
    case 'view-album-uploads':
      return page.viewAlbumUploads(id, element)
    // Manage users
@ -1683,7 +1685,7 @@ page.getAlbums = (params = {}) => {
          </a>
          <a class="button is-small is-dangerish is-outlined" title="Bulk disable (WIP)" data-action="bulk-disable-albums" disabled>
            <span class="icon">
-              <i class="icon-trash"></i>
+              <i class="icon-cancel"></i>
            </span>
            ${!params.all ? '<span>Bulk disable</span>' : ''}
          </a>
@ -1840,9 +1842,16 @@ page.getAlbums = (params = {}) => {
          </a>
          <a class="button is-small is-dangerish is-outlined" title="Disable album" data-action="disable-album"${enabled ? '' : ' disabled'}>
            <span class="icon is-small">
-              <i class="icon-trash"></i>
+              <i class="icon-cancel"></i>
            </span>
          </a>
+          ${params.all
+            ? `<a class="button is-small is-danger is-outlined" title="Delete album" data-action="delete-album">
+              <span class="icon is-small">
+                <i class="icon-trash"></i>
+              </span>
+            </a>`
+            : ''}
        </td>
      `

@ -2043,7 +2052,63 @@ page.disableAlbum = id => {
        }
      }

-      swal('Disabled!', 'Your album has been disabled.', 'success', {
+      swal('Disabled!', 'The album has been disabled.', 'success', {
+        buttons: false,
+        timer: 1500
+      })
+
+      page.getAlbumsSidebar()
+      // Reload albums list
+      // eslint-disable-next-line compat/compat
+      page.getAlbums(Object.assign(page.views[page.currentView], {
+        autoPage: true
+      }))
+    }).catch(page.onAxiosError)
+  })
+}
+
+page.deleteAlbum = id => {
+  swal({
+    title: 'Are you sure?',
+    text: 'You won\'t be able to recover this album!\n' +
+      'This also won\'t delete the uploads associated with the album!',
+    icon: 'warning',
+    dangerMode: true,
+    buttons: {
+      cancel: true,
+      confirm: {
+        text: 'Yes, delete it!',
+        closeModal: false
+      },
+      purge: {
+        text: 'Umm, delete the uploads, please?',
+        value: 'purge',
+        className: 'swal-button--danger',
+        closeModal: false
+      }
+    }
+  }).then(proceed => {
+    if (!proceed) return
+
+    axios.post('api/albums/delete', {
+      id,
+      purge: proceed === 'purge'
+    }).then(response => {
+      if (response.data.success === false) {
+        const failed = Array.isArray(response.data.failed)
+          ? response.data.failed
+          : []
+
+        if (response.data.description === 'No token provided') {
+          return page.verifyToken(page.token)
+        } else if (failed.length) {
+          return swal('An error occurred!', `Unable to delete ${failed.length} of the album's upload${failed.length === 1 ? '' : 's'}.`, 'error')
+        } else {
+          return swal('An error occurred!', response.data.description, 'error')
+        }
+      }
+
+      swal('Disabled!', 'The album has been deleted.', 'success', {
        buttons: false,
        timer: 1500
      })