From dd174f2446d0f613b9cd86e22d6b20bb6bfacaeb Mon Sep 17 00:00:00 2001
From: Chocobozzz <me@florianbigard.com>
Date: Fri, 25 Jan 2019 17:06:57 +0100
Subject: [PATCH] Add ability to delete an event

---
 lib/mobilizon/actors/member.ex                |  2 +-
 lib/mobilizon/actors/user.ex                  |  4 +--
 lib/mobilizon/events/event.ex                 |  9 ++++++
 lib/mobilizon/events/events.ex                | 19 ++++++++++++
 lib/mobilizon_web/resolvers/event.ex          | 28 +++++++++++++++++
 lib/mobilizon_web/resolvers/group.ex          |  2 +-
 lib/mobilizon_web/schema.ex                   |  8 +++++
 .../resolvers/event_resolver_test.exs         | 30 +++++++++++++++++++
 8 files changed, 98 insertions(+), 4 deletions(-)

diff --git a/lib/mobilizon/actors/member.ex b/lib/mobilizon/actors/member.ex
index 6534a9688..5d6b85075 100644
--- a/lib/mobilizon/actors/member.ex
+++ b/lib/mobilizon/actors/member.ex
@@ -36,7 +36,7 @@ defmodule Mobilizon.Actors.Member do
     end
   end
 
-  def is_administrator(%Member{role: 2} = member) do
+  def is_administrator(%Member{role: 2}) do
     {:is_admin, true}
   end
 
diff --git a/lib/mobilizon/actors/user.ex b/lib/mobilizon/actors/user.ex
index aede05314..9fc1c6792 100644
--- a/lib/mobilizon/actors/user.ex
+++ b/lib/mobilizon/actors/user.ex
@@ -145,12 +145,12 @@ defmodule Mobilizon.Actors.User do
     {:ok, user}
   end
 
-  def owns_actor(%User{default_actor_id: default_actor_id} = user, %Actor{id: actor_id})
+  def owns_actor(%User{default_actor_id: default_actor_id}, %Actor{id: actor_id})
       when default_actor_id == actor_id do
     {:is_owned, true}
   end
 
-  def owns_actor(%User{actors: actors} = user, actor_id) do
+  def owns_actor(%User{actors: actors}, actor_id) do
     case Enum.any?(actors, fn a -> a.id == actor_id end) do
       true -> {:is_owned, true}
       _ -> {:is_owned, false}
diff --git a/lib/mobilizon/events/event.ex b/lib/mobilizon/events/event.ex
index 58fa14ac9..c8ce770ad 100644
--- a/lib/mobilizon/events/event.ex
+++ b/lib/mobilizon/events/event.ex
@@ -82,4 +82,13 @@ defmodule Mobilizon.Events.Event do
       :uuid
     ])
   end
+
+  def can_event_be_managed_by(%Event{organizer_actor_id: organizer_actor_id}, actor_id)
+      when organizer_actor_id == actor_id do
+    {:event_can_be_managed, true}
+  end
+
+  def can_event_be_managed_by(_event, _actor) do
+    {:event_can_be_managed, false}
+  end
 end
diff --git a/lib/mobilizon/events/events.ex b/lib/mobilizon/events/events.ex
index a9b0b426d..798eab90c 100644
--- a/lib/mobilizon/events/events.ex
+++ b/lib/mobilizon/events/events.ex
@@ -103,6 +103,16 @@ defmodule Mobilizon.Events do
   """
   def get_event!(id), do: Repo.get!(Event, id)
 
+  @doc """
+  Gets a single event.
+  """
+  def get_event(id) do
+    case Repo.get(Event, id) do
+      nil -> {:error, :event_not_found}
+      event -> {:ok, event}
+    end
+  end
+
   @doc """
   Gets an event by it's URL
   """
@@ -311,6 +321,15 @@ defmodule Mobilizon.Events do
     Repo.delete(event)
   end
 
+  @doc """
+  Deletes a Event.
+
+  Raises an exception if it fails.
+  """
+  def delete_event!(%Event{} = event) do
+    Repo.delete!(event)
+  end
+
   @doc """
   Returns an `%Ecto.Changeset{}` for tracking event changes.
 
diff --git a/lib/mobilizon_web/resolvers/event.ex b/lib/mobilizon_web/resolvers/event.ex
index 99c6da25a..b11ba3831 100644
--- a/lib/mobilizon_web/resolvers/event.ex
+++ b/lib/mobilizon_web/resolvers/event.ex
@@ -5,6 +5,7 @@ defmodule MobilizonWeb.Resolvers.Event do
   alias Mobilizon.Service.ActivityPub
   alias Mobilizon.Activity
   alias Mobilizon.Events.Event
+  alias Mobilizon.Actors.User
 
   # We limit the max number of events that can be retrieved
   @event_max_limit 100
@@ -94,4 +95,31 @@ defmodule MobilizonWeb.Resolvers.Event do
   def create_event(_parent, _args, _resolution) do
     {:error, "You need to be logged-in to create events"}
   end
+
+  @doc """
+  Delete an event
+  """
+  def delete_event(_parent, %{event_id: event_id, actor_id: actor_id}, %{
+        context: %{current_user: user}
+      }) do
+    with {:ok, %Event{} = event} <- Mobilizon.Events.get_event(event_id),
+         {:is_owned, true} <- User.owns_actor(user, actor_id),
+         {:event_can_be_managed, true} <- Event.can_event_be_managed_by(event, actor_id),
+         event <- Mobilizon.Events.delete_event!(event) do
+      {:ok, %{id: event.id}}
+    else
+      {:error, :event_not_found} ->
+        {:error, "Event not found"}
+
+      {:is_owned, false} ->
+        {:error, "Actor id is not owned by authenticated user"}
+
+      {:event_can_be_managed, false} ->
+        {:error, "You cannot delete this event"}
+    end
+  end
+
+  def delete_event(_parent, _args, _resolution) do
+    {:error, "You need to be logged-in to delete an event"}
+  end
 end
diff --git a/lib/mobilizon_web/resolvers/group.ex b/lib/mobilizon_web/resolvers/group.ex
index d5f9ea31e..8a045c590 100644
--- a/lib/mobilizon_web/resolvers/group.ex
+++ b/lib/mobilizon_web/resolvers/group.ex
@@ -89,7 +89,7 @@ defmodule MobilizonWeb.Resolvers.Group do
       {:ok, %{id: group.id}}
     else
       {:error, :group_not_found} ->
-        {:error, "Group with preferred username not found"}
+        {:error, "Group not found"}
 
       {:is_owned, false} ->
         {:error, "Actor id is not owned by authenticated user"}
diff --git a/lib/mobilizon_web/schema.ex b/lib/mobilizon_web/schema.ex
index ff8f094a3..48edd79da 100644
--- a/lib/mobilizon_web/schema.ex
+++ b/lib/mobilizon_web/schema.ex
@@ -217,6 +217,14 @@ defmodule MobilizonWeb.Schema do
       resolve(&Resolvers.Event.create_event/3)
     end
 
+    @desc "Delete an event"
+    field :delete_event, :deleted_object do
+      arg(:event_id, non_null(:integer))
+      arg(:actor_id, non_null(:integer))
+
+      resolve(&Resolvers.Event.delete_event/3)
+    end
+
     @desc "Create a comment"
     field :create_comment, type: :comment do
       arg(:text, non_null(:string))
diff --git a/test/mobilizon_web/resolvers/event_resolver_test.exs b/test/mobilizon_web/resolvers/event_resolver_test.exs
index d98124444..2659cefb7 100644
--- a/test/mobilizon_web/resolvers/event_resolver_test.exs
+++ b/test/mobilizon_web/resolvers/event_resolver_test.exs
@@ -306,5 +306,35 @@ defmodule MobilizonWeb.Resolvers.EventResolverTest do
       assert json_response(res, 200)["errors"] |> hd |> Map.get("message") ==
                "Event with UUID #{event.uuid} not found"
     end
+
+    test "delete_event/3 deletes an event", %{conn: conn, user: user, actor: actor} do
+      event = insert(:event, organizer_actor: actor)
+
+      mutation = """
+          mutation {
+            deleteEvent(
+              actor_id: #{actor.id},
+              event_id: #{event.id}
+            ) {
+                id
+              }
+            }
+      """
+
+      res =
+        conn
+        |> auth_conn(user)
+        |> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
+
+      assert json_response(res, 200)["errors"] == nil
+      assert json_response(res, 200)["data"]["deleteEvent"]["id"] == event.id
+
+      res =
+        conn
+        |> auth_conn(user)
+        |> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
+
+      assert hd(json_response(res, 200)["errors"])["message"] =~ "not found"
+    end
   end
 end