Add option to delete announcement

jacnils · jacnils · commit cf35a77a4682 · 2025-06-08T00:38:17.000+02:00
diff --git a/js/ff.js b/js/ff.js
@@ -1067,6 +1067,8 @@ function get_announcements() {
 
     w.appendChild(title);
 
+    const is_admin = get_cookie('user_type') === '1';
+
     get_json().then(data => {
        if (!data || !data.announcements || data.announcements.length === 0) {
            const description = document.createElement('description');
@@ -1082,15 +1084,17 @@ function get_announcements() {
            throw new Error('Invalid response from server: ' + JSON.stringify(data));
        }
 
-       const announcements = data.announcements;
-
-       // sort by publish_timestamp
-        announcements.sort((a, b) => b.publish_timestamp - a.publish_timestamp);
+       let announcements = data.announcements;
+       announcements = announcements.map((announcement, index) => ({
+           ...announcement,
+           index,
+       }));
 
-        announcements.forEach(announcement => {
+       announcements.sort((a, b) => b.publish_timestamp - a.publish_timestamp);
+       announcements.forEach(announcement => {
            const div = document.createElement('div');
            div.className = 'announcement_div';
-           div.id = "announcement-" + announcement.id;
+           div.id = "announcement-" + announcement.index;
            div.style.marginBottom = '10px';
            div.style.padding = '10px';
            div.style.borderRadius = '10px';
@@ -1108,6 +1112,34 @@ function get_announcements() {
                return;
            }
 
+           if (is_admin) {
+                const delete_button = document.createElement('button');
+                delete_button.innerHTML = 'Delete';
+                delete_button.className = 'delete-announcement-button';
+                delete_button.onclick = (event) => {
+                    play_click();
+                    event.stopPropagation(); // prevent the announcement from being clicked
+                    fetch('/api/delete_announcement', {
+                        method: 'POST',
+                        headers: {
+                            'Content-Type': 'application/json',
+                        },
+                        body: JSON.stringify({ announcement_id: announcement.index }),
+                    })
+                        .then(() => {
+                            const announcement_div = document.getElementById('announcement-' + announcement.index);
+                            if (announcement_div) {
+                                announcement_div.remove();
+                            }
+                        })
+                        .catch((error) => {
+                            console.error('Error:', error);
+                        });
+                }
+
+                div.appendChild(delete_button);
+           }
+
            if (announcement.title) {
                 const title = document.createElement('h1');
                 title.innerHTML = announcement.title;
@@ -1122,6 +1154,21 @@ function get_announcements() {
                 div.appendChild(title);
 
                 let shortened_text = announcement.text_html;
+
+                // remove any non p tags
+                const parser = new DOMParser();
+                const doc = parser.parseFromString(shortened_text, 'text/html');
+                const paragraphs = doc.querySelectorAll('p');
+
+                if (paragraphs.length > 0) {
+                    shortened_text = '';
+                    paragraphs.forEach((p, index) => {
+                        if (index > 0) {
+                            shortened_text += '<br/>';
+                        }
+                        shortened_text += p.innerHTML;
+                    });
+                }
                 if (shortened_text.length > 100) {
                     shortened_text = shortened_text.substring(0, 100) + '...';
                 }
diff --git a/src/ff.cpp b/src/ff.cpp
@@ -282,7 +282,7 @@ void ff::start_server() {
                 {"/api/get_profile", ff::handle_api_get_profile},
                 {"/api/create_announcement", ff::handle_api_create_announcement},
                 {"/api/get_announcements", ff::handle_api_get_announcements},
-                //{"/api/delete_announcements", ff::handle_api_delete_announcements},
+                {"/api/delete_announcement", ff::handle_api_delete_announcements},
                 {"/api/stay_logged_in", ff::handle_api_stay_logged_in},
                 {"/api/try_logout", ff::handle_api_try_logout_endpoint},
             };
diff --git a/src/path_handlers.cpp b/src/path_handlers.cpp
@@ -1801,6 +1801,182 @@ limhamn::http::server::response ff::handle_api_get_announcements(const limhamn::
     return response;
 }
 
+limhamn::http::server::response ff::handle_api_delete_announcements(const limhamn::http::server::request& request, database& db) {
+    limhamn::http::server::response response{};
+    response.content_type = "application/json";
+
+    const auto get_username = [&request]() -> std::string {
+        if (request.session.find("username") != request.session.end()) {
+            return request.session.at("username");
+        }
+
+        try {
+            const auto json = nlohmann::json::parse(request.body);
+            if (json.find("username") != json.end() && json.at("username").is_string()) {
+                return json.at("username").get<std::string>();
+            }
+        } catch (const std::exception&) {
+            // ignore
+        }
+
+        return "";
+    };
+
+    const auto get_key = [&request]() -> std::string {
+        if (request.session.find("key") != request.session.end()) {
+            return request.session.at("key");
+        }
+
+        try {
+            const auto json = nlohmann::json::parse(request.body);
+            if (json.find("key") != json.end() && json.at("key").is_string()) {
+                return json.at("key").get<std::string>();
+            }
+        } catch (const std::exception&) {
+            // ignore
+        }
+
+        return "";
+    };
+
+    const std::string username{get_username()};
+    const std::string key{get_key()};
+
+    if (username.empty() || key.empty()) {
+#ifdef FF_DEBUG
+        logger.write_to_log(limhamn::logger::type::notice, "Username or key is empty.\n");
+#endif
+        nlohmann::json json;
+        json["error_str"] = "Username or key is empty.";
+        json["error"] = "FF_INVALID_CREDENTIALS";
+        response.http_status = 400;
+        response.body = json.dump();
+        return response;
+    }
+
+    if (!ff::verify_key(db, username, key)) {
+#ifdef FF_DEBUG
+        logger.write_to_log(limhamn::logger::type::notice, "Invalid credentials.\n");
+#endif
+        nlohmann::json json;
+        json["error_str"] = "Invalid credentials.";
+        json["error"] = "FF_INVALID_CREDENTIALS";
+        response.http_status = 400;
+        response.body = json.dump();
+        return response;
+    }
+
+    if (ff::get_user_type(db, username) != ff::UserType::Administrator) {
+        nlohmann::json json;
+        json["error"] = "FF_NOT_AUTHORIZED";
+        json["error_str"] = "You are not authorized to access this endpoint.";
+        response.http_status = 403;
+        response.body = json.dump();
+        return response;
+    }
+
+    if (request.body.empty()) {
+#ifdef FF_DEBUG
+        logger.write_to_log(limhamn::logger::type::notice, "No body.\n");
+#endif
+        nlohmann::json json;
+        json["error_str"] = "No body.";
+        json["error"] = "FF_NO_BODY";
+        response.http_status = 400;
+        response.body = json.dump();
+        return response;
+    }
+    if (request.method != "POST") {
+#ifdef FF_DEBUG
+        logger.write_to_log(limhamn::logger::type::notice, "Not a POST request.\n");
+#endif
+        nlohmann::json json;
+        json["error_str"] = "Not a POST request.";
+        json["error"] = "FF_INVALID_METHOD";
+        response.http_status = 400;
+        response.body = json.dump();
+        return response;
+    }
+
+    nlohmann::json input;
+    try {
+        input = nlohmann::json::parse(request.body);
+    } catch (const std::exception&) {
+#ifdef FF_DEBUG
+        logger.write_to_log(limhamn::logger::type::notice, "Failed to parse JSON.\n");
+#endif
+        nlohmann::json json;
+        json["error_str"] = "Invalid JSON received";
+        json["error"] = "FF_INVALID_JSON";
+        response.http_status = 400;
+        response.body = json.dump();
+        return response;
+    }
+
+    if (input.find("announcement_id") == input.end() || !input.at("announcement_id").is_number_integer()) {
+        nlohmann::json json;
+        json["error"] = "FF_INVALID_JSON";
+        json["error_str"] = "Invalid JSON received";
+        response.http_status = 400;
+        response.body = json.dump();
+        return response;
+    }
+
+    const auto query = db.query("SELECT * FROM general WHERE id=1;");
+    if (query.empty()) {
+        nlohmann::json ret;
+        ret["error"] = "FF_SERVER_ERROR";
+        ret["error_str"] = "Server failed, no idea why. general is empty";
+
+        response.content_type = "application/json";
+        response.http_status = 400;
+        response.body = ret.dump();
+        return response;
+    }
+
+    if (query.at(0).find("json") == query.at(0).end()) {
+        nlohmann::json ret;
+        ret["error"] = "FF_SERVER_ERROR";
+        ret["error_str"] = "Server failed, no idea why.";
+
+        response.content_type = "application/json";
+        response.http_status = 400;
+        response.body = ret.dump();
+        return response;
+    }
+
+    try {
+        auto json = nlohmann::json::parse(query.at(0).at("json"));
+        if (json.contains("announcements") && json.at("announcements").is_array()) {
+            auto& announcements = json["announcements"];
+            const int announcement_id = input.at("announcement_id").get<int>();
+            if (announcement_id < 0 || announcement_id >= static_cast<int>(announcements.size())) {
+                nlohmann::json ret;
+                ret["error"] = "FF_INVALID_JSON";
+                ret["error_str"] = "Invalid announcement_id.";
+                response.http_status = 400;
+                response.body = ret.dump();
+                return response;
+            }
+            announcements.erase(announcements.begin() + announcement_id);
+        }
+        db.exec("UPDATE general SET json = ? WHERE id = 1", json.dump());
+        response.http_status = 204;
+        return response;
+    } catch (const std::exception&) {
+        nlohmann::json ret;
+        ret["error"] = "FF_SERVER_ERROR";
+        ret["error_str"] = "Server failed, no idea why.";
+
+        response.content_type = "application/json";
+        response.http_status = 400;
+        response.body = ret.dump();
+
+        return response;
+    }
+}
+
+
 limhamn::http::server::response ff::handle_api_rate_file_endpoint(const limhamn::http::server::request& request, database& db) {
     limhamn::http::server::response response{};
     response.content_type = "application/json";
