tag delete

src/api/mod.rs

@@ -1,7 +1,7 @@
 use axum::{
     Router,
     response::{IntoResponse, Response},
-    routing::{get, post},
+    routing::{delete, get, post},
 };
 
 use crate::{
@@ -36,6 +36,7 @@ pub fn api_router() -> Router {
         .route("/api/tags", get(tags::get_all))
         .route("/api/tags", post(tags::create))
         .route("/api/tags/{id}", get(tags::get_by_id))
+        .route("/api/tags/{id}", delete(tags::delete))
         .route("/api/tags/#{name}", get(tags::get_by_name))
 }
 

src/api/tags.rs

@@ -18,6 +18,8 @@ use crate::{
 };
 
 const CANT_MAKE_TAGS: &str = "You don't have permission to create new tags.";
+const CANT_DEL_TAGS: &str = "You don't have permission to delete tags.";
+const TAG_DELETED: &str = "Tag deleted successfully.";
 
 pub async fn get_all(headers: HeaderMap) -> Result<Response, CompositeError> {
     User::authenticate(&headers)?.required()?;
@@ -54,3 +56,12 @@ pub async fn create(
     }
     Ok(Json(Tag::create(form.name)?).into_response())
 }
+
+pub async fn delete(Path(id): Path<Uuid>, headers: HeaderMap) -> Result<Response, CompositeError> {
+    let u = User::authenticate(&headers)?.required()?;
+    if !u.has_permission(Permission::DeleteTags)? {
+        return Ok((StatusCode::FORBIDDEN, CANT_DEL_TAGS).into_response());
+    }
+    Tag::get_by_id(id)?.delete()?;
+    Ok((StatusCode::OK, TAG_DELETED).into_response())
+}

src/tags.rs

@@ -69,6 +69,12 @@ impl Tag {
             .execute((id, &name))?;
         Ok(Tag { id, name })
     }
+    pub fn delete(self) -> Result<(), TagError> {
+        database::conn()?
+            .prepare("DELETE FROM tags WHERE id = ?1")?
+            .execute((self.id,))?;
+        Ok(())
+    }
 }
 
 #[derive(Debug, thiserror::Error)]

src/users/permissions.rs

@@ -12,6 +12,7 @@ pub enum Permission {
     ChangeOthersHandles,
     ManuallyCreateUsers,
     CreateTags,
+    DeleteTags,
 }
 
 impl User {