Done with back for now

enshi_back/ABAC/PostsPolicies/postPolicy.go

@@ -9,6 +9,7 @@ import (
 
 const (
 	DELETE_POST      = "delete_post"
+	DELETE_POST_BLOG = "delete_post_blog"
 	UPDATE_POST      = "update_post"
 	UPDATE_POST_BLOG = "update_post_blog"
 	CREATE_POST      = "create_post"
@@ -26,6 +27,9 @@ func PostsPolicies(c *gin.Context) (bool, []error) {
 	case DELETE_POST:
 		return rules.CheckRule(c, postRules.DeleteRule)
 
+	case DELETE_POST_BLOG:
+		return rules.CheckRule(c, postRules.DeletePostFromBlogRule)
+
 	case UPDATE_POST:
 		return rules.CheckRule(c, postRules.PostUpdateRule)
 

enshi_back/ABAC/PostsPolicies/postRules/deletePostFromBlogRule.go

@@ -0,0 +1,24 @@
+package postRules
+
+import (
+	globalrules "enshi/ABAC/GlobalRules"
+	"enshi/ABAC/rules"
+
+	"github.com/gin-gonic/gin"
+)
+
+func DeletePostFromBlogRule(c *gin.Context) (bool, []error) {
+	rulesToCheck := []rules.RuleFunction{
+		globalrules.AuthorizedRule,
+		globalrules.IsOwnerOfThePostRule,
+		globalrules.IsOwnerOfTheBlogRule,
+	}
+
+	isAllowed, errors := rules.CheckRules(
+		c,
+		rulesToCheck,
+		RULES_NUMBER_TO_COMPLETE,
+	)
+
+	return isAllowed, errors
+}

enshi_back/db/queries/posts_queries.sql

@@ -33,4 +33,4 @@ WHERE post_id=$1;
 UPDATE public.posts
 SET blog_id=$2, updated_at=CURRENT_TIMESTAMP
 WHERE post_id = $1
-RETURNING *;
+RETURNING *;

enshi_back/middleware/postsMiddleware.go

@@ -10,14 +10,13 @@ import (
 
 func PostsMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
+		blogId, _ := getters.GetInt64Param(c, "blog-id")
+		postId, _ := getters.GetInt64Param(c, "post-id")
 
 		switch c.Request.Method {
 		case "DELETE":
 			c.Set("target", postspolicies.DELETE_POST)
 		case "PUT":
-			blogId, _ := getters.GetInt64Param(c, "blog-id")
-			postId, _ := getters.GetInt64Param(c, "post-id")
-
 			if postId > 0 && blogId > 0 {
 				c.Set("target", postspolicies.UPDATE_POST_BLOG)
 			} else if postId > 0 {

enshi_back/routes/postsRoutes/deletePost.go

@@ -5,8 +5,6 @@ import (
 	rest_api_stuff "enshi/REST_API_stuff"
 	db_repo "enshi/db/go_queries"
 	"enshi/db_connection"
-	"enshi/middleware/getters"
-	"fmt"
 	"strconv"
 
 	"github.com/gin-gonic/gin"
@@ -20,25 +18,7 @@ func DeletePost(c *gin.Context) {
 		return
 	}
 
-	userClaims, err := getters.GetClaimsFromContext(c)
-	if err != nil {
-		rest_api_stuff.BadRequestAnswer(c, err)
-		return
-	}
-
 	query := db_repo.New(db_connection.Dbx)
-	post, err := query.GetPostsByPostId(context.Background(), postId)
-	if err != nil {
-		rest_api_stuff.InternalErrorAnswer(c, err)
-		return
-	}
-
-	if post.UserID != userClaims.Id {
-		rest_api_stuff.UnauthorizedAnswer(c, fmt.Errorf("you are not the author"))
-		return
-	}
-
-	// TODO: Add block of code, so admin could delete anything
 
 	err = query.DeletePostByPostId(context.Background(), postId)
 	if err != nil {

enshi_back/routes/postsRoutes/deletePostBlog.go

@@ -0,0 +1,35 @@
+package postsRoutes
+
+import (
+	"context"
+	rest_api_stuff "enshi/REST_API_stuff"
+	db_repo "enshi/db/go_queries"
+	"enshi/db_connection"
+	"strconv"
+
+	"github.com/gin-gonic/gin"
+	"github.com/jackc/pgx/v5/pgtype"
+)
+
+func DeletePostBlog(c *gin.Context) {
+	var queryParams db_repo.UpdatePostBlogIdParams
+	postId, err := strconv.ParseInt(c.Param("post-id"), 10, 64)
+
+	if err != nil {
+		rest_api_stuff.BadRequestAnswer(c, err)
+		return
+	}
+
+	queryParams.BlogID = pgtype.Int8{}
+	queryParams.PostID = postId
+
+	query := db_repo.New(db_connection.Dbx)
+
+	err = query.UpdatePostBlogId(context.Background(), queryParams)
+	if err != nil {
+		rest_api_stuff.InternalErrorAnswer(c, err)
+		return
+	}
+
+	rest_api_stuff.OkAnswer(c, "post has been deleted")
+}

enshi_back/routes/routesSetup.go

@@ -61,6 +61,10 @@ func SetupRotes(g *gin.Engine) error {
 		"posts/:post-id",
 		postsRoutes.DeletePost,
 	)
+	postsGroup.DELETE(
+		"posts/:post-id/blogs",
+		postsRoutes.DeletePostBlog,
+	)
 
 	blogGroup := g.Group("/")
 	blogGroup.Use(middleware.BlogsMiddleware())