commento/api/domain_delete.go

package main

import (
	"net/http"
)

func domainDelete(domain string) error {
	if domain == "" {
		return errorMissingField
	}

	statement := `
		DELETE FROM
		domains
		WHERE domain = $1;
	`
	_, err := db.Exec(statement, domain)
	if err != nil {
		return errorNoSuchDomain
	}

	statement = `
		DELETE FROM votes
		USING comments
		WHERE comments.commentHex = votes.commentHex AND comments.domain = $1;
	`
	_, err = db.Exec(statement, domain)
	if err != nil {
		logger.Errorf("cannot delete votes: %v", err)
		return errorInternal
	}

	statement = `
		DELETE FROM views
		WHERE views.domain = $1;
	`
	_, err = db.Exec(statement, domain)
	if err != nil {
		logger.Errorf("cannot delete views: %v", err)
		return errorInternal
	}

	statement = `
		DELETE FROM moderators
		WHERE moderators.domain = $1;
	`
	_, err = db.Exec(statement, domain)
	if err != nil {
		logger.Errorf("cannot delete domain moderators: %v", err)
		return errorInternal
	}

	statement = `
		DELETE FROM comments
		WHERE comments.domain = $1;
	`
	_, err = db.Exec(statement, domain)
	if err != nil {
		logger.Errorf(statement, domain)
		return errorInternal
	}

	return nil
}

func domainDeleteHandler(w http.ResponseWriter, r *http.Request) {
	type request struct {
		OwnerToken *string `json:"ownerToken"`
		Domain     *string `json:"domain"`
	}

	var x request
	if err := unmarshalBody(r, &x); err != nil {
		writeBody(w, response{"success": false, "message": err.Error()})
		return
	}

	o, err := ownerGetByOwnerToken(*x.OwnerToken)
	if err != nil {
		writeBody(w, response{"success": false, "message": err.Error()})
		return
	}

	domain := stripDomain(*x.Domain)
	isOwner, err := domainOwnershipVerify(o.OwnerHex, domain)
	if err != nil {
		writeBody(w, response{"success": false, "message": err.Error()})
		return
	}

	if !isOwner {
		writeBody(w, response{"success": false, "message": errorNotAuthorised.Error()})
		return
	}

	if err = domainDelete(*x.Domain); err != nil {
		writeBody(w, response{"success": false, "message": err.Error()})
		return
	}

	writeBody(w, response{"success": true})
}
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`package main`

domain_delete: delete moderator data 2018-06-03 23:27:08 +08:00			`import (`
			`"net/http"`
			`)`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00
			`func domainDelete(domain string) error {`
			`if domain == "" {`
			`return errorMissingField`
			`}`

			statement := `
			`DELETE FROM`
			`domains`
			`WHERE domain = $1;`
			`
			`_, err := db.Exec(statement, domain)`
			`if err != nil {`
			`return errorNoSuchDomain`
			`}`

			statement = `
			`DELETE FROM votes`
			`USING comments`
			`WHERE comments.commentHex = votes.commentHex AND comments.domain = $1;`
			`
			`_, err = db.Exec(statement, domain)`
			`if err != nil {`
			`logger.Errorf("cannot delete votes: %v", err)`
			`return errorInternal`
			`}`

			statement = `
			`DELETE FROM views`
			`WHERE views.domain = $1;`
			`
			`_, err = db.Exec(statement, domain)`
			`if err != nil {`
			`logger.Errorf("cannot delete views: %v", err)`
			`return errorInternal`
			`}`

domain_delete: delete moderator data 2018-06-03 23:27:08 +08:00			statement = `
			`DELETE FROM moderators`
			`WHERE moderators.domain = $1;`
			`
			`_, err = db.Exec(statement, domain)`
			`if err != nil {`
			`logger.Errorf("cannot delete domain moderators: %v", err)`
			`return errorInternal`
			`}`

api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			statement = `
			`DELETE FROM comments`
			`WHERE comments.domain = $1;`
			`
			`_, err = db.Exec(statement, domain)`
			`if err != nil {`
			`logger.Errorf(statement, domain)`
			`return errorInternal`
			`}`

			`return nil`
			`}`
domain_delete: delete moderator data 2018-06-03 23:27:08 +08:00
			`func domainDeleteHandler(w http.ResponseWriter, r *http.Request) {`
			`type request struct {`
everywhere: use different session cookie names If the user is hosting the dashboard in the same domain as their blog (with a nginx suburi, for example), the two session cookies clash; logging into one service logs you out of the other. With this patch, both have separate names. Fixes https://gitlab.com/commento/commento-ce/issues/49 2018-06-20 11:29:55 +08:00			OwnerToken *string `json:"ownerToken"`
api: run go fmt 2018-06-20 11:50:11 +08:00			Domain *string `json:"domain"`
domain_delete: delete moderator data 2018-06-03 23:27:08 +08:00			`}`

			`var x request`
			`if err := unmarshalBody(r, &x); err != nil {`
			`writeBody(w, response{"success": false, "message": err.Error()})`
			`return`
			`}`

everywhere: use different session cookie names If the user is hosting the dashboard in the same domain as their blog (with a nginx suburi, for example), the two session cookies clash; logging into one service logs you out of the other. With this patch, both have separate names. Fixes https://gitlab.com/commento/commento-ce/issues/49 2018-06-20 11:29:55 +08:00			`o, err := ownerGetByOwnerToken(*x.OwnerToken)`
domain_delete: delete moderator data 2018-06-03 23:27:08 +08:00			`if err != nil {`
			`writeBody(w, response{"success": false, "message": err.Error()})`
			`return`
			`}`

			`domain := stripDomain(*x.Domain)`
			`isOwner, err := domainOwnershipVerify(o.OwnerHex, domain)`
			`if err != nil {`
			`writeBody(w, response{"success": false, "message": err.Error()})`
			`return`
			`}`

			`if !isOwner {`
			`writeBody(w, response{"success": false, "message": errorNotAuthorised.Error()})`
			`return`
			`}`

			`if err = domainDelete(*x.Domain); err != nil {`
			`writeBody(w, response{"success": false, "message": err.Error()})`
			`return`
			`}`

			`writeBody(w, response{"success": true})`
			`}`