photoprism/internal/api/file_delete.go
Michael Mayer 0e4d81853c API: Add .well-known/oauth-authorization-server route handler #808 #3943
This commit also adds an /api/v1/oauth/logout endpoint that allows
clients to delete their sessions (access tokens) as needed.

Signed-off-by: Michael Mayer <michael@photoprism.app>
2024-01-08 14:53:39 +01:00

104 lines
2.6 KiB
Go

package api
import (
"net/http"
"path/filepath"
"github.com/gin-gonic/gin"
"github.com/photoprism/photoprism/internal/acl"
"github.com/photoprism/photoprism/internal/event"
"github.com/photoprism/photoprism/internal/get"
"github.com/photoprism/photoprism/internal/i18n"
"github.com/photoprism/photoprism/internal/photoprism"
"github.com/photoprism/photoprism/internal/query"
"github.com/photoprism/photoprism/pkg/clean"
)
// DeleteFile removes a file from storage.
//
// The request parameters are:
//
// - uid: string Photo UID as returned by the API
// - file_uid: string File UID as returned by the API
//
// DELETE /api/v1/photos/:uid/files/:file_uid
func DeleteFile(router *gin.RouterGroup) {
router.DELETE("/photos/:uid/files/:file_uid", func(c *gin.Context) {
s := Auth(c, acl.ResourceFiles, acl.ActionDelete)
if s.Abort(c) {
return
}
conf := get.Config()
if conf.ReadOnly() || !conf.Settings().Features.Edit {
Abort(c, http.StatusForbidden, i18n.ErrReadOnly)
return
}
photoUid := clean.UID(c.Param("uid"))
fileUid := clean.UID(c.Param("file_uid"))
file, err := query.FileByUID(fileUid)
// Found?
if err != nil {
log.Errorf("files: %s (delete)", err)
AbortEntityNotFound(c)
return
}
// Primary file?
if file.FilePrimary {
log.Errorf("files: cannot delete primary file")
AbortDeleteFailed(c)
return
}
// Compose storage filename.
fileName := photoprism.FileName(file.FileRoot, file.FileName)
baseName := filepath.Base(fileName)
mediaFile, err := photoprism.NewMediaFile(fileName)
if err != nil {
log.Errorf("files: %s (delete %s)", err, clean.Log(baseName))
AbortEntityNotFound(c)
return
}
// Report file deletion.
event.AuditWarn([]string{ClientIP(c), s.UserName, "delete", file.FileName})
// Remove file from storage.
if err = mediaFile.Remove(); err != nil {
log.Errorf("files: %s (delete %s from folder)", err, clean.Log(baseName))
} else {
log.Infof("files: deleted %s", clean.Log(baseName))
}
// Remove file from index.
if err = file.Delete(true); err != nil {
log.Errorf("files: %s (delete %s from index)", err, clean.Log(baseName))
AbortDeleteFailed(c)
return
} else {
log.Debugf("files: removed %s from index", clean.Log(baseName))
}
// Notify clients by publishing events.
PublishPhotoEvent(StatusUpdated, photoUid, c)
// Show translated success message.
event.SuccessMsg(i18n.MsgFileDeleted)
if p, err := query.PhotoPreloadByUID(photoUid); err != nil {
AbortEntityNotFound(c)
return
} else {
c.JSON(http.StatusOK, p)
}
})
}