about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--gn3/auth/authorisation/users/collections/models.py14
-rw-r--r--gn3/auth/authorisation/users/collections/views.py22
2 files changed, 35 insertions, 1 deletions
diff --git a/gn3/auth/authorisation/users/collections/models.py b/gn3/auth/authorisation/users/collections/models.py
index a0c3ebf..eaee9af 100644
--- a/gn3/auth/authorisation/users/collections/models.py
+++ b/gn3/auth/authorisation/users/collections/models.py
@@ -145,3 +145,17 @@ def get_collection(rconn: Redis, user: User, collection_id: UUID) -> dict:
         err.error_code = 513
         raise err
     return colls[0]
+
+def delete_collections(rconn: Redis,
+                       user: User,
+                       collection_ids: tuple[UUID, ...]) -> tuple[dict, ...]:
+    """
+    Delete collections with the given `collection_ids` returning the deleted
+    collections.
+    """
+    ucolls = user_collections(rconn, user)
+    save_collections(
+        rconn,
+        user,
+        tuple(coll for coll in ucolls if coll["id"] not in collection_ids))
+    return tuple(coll for coll in ucolls if coll["id"] in collection_ids)
diff --git a/gn3/auth/authorisation/users/collections/views.py b/gn3/auth/authorisation/users/collections/views.py
index dca7f45..419b460 100644
--- a/gn3/auth/authorisation/users/collections/views.py
+++ b/gn3/auth/authorisation/users/collections/views.py
@@ -13,7 +13,8 @@ from gn3.auth.authentication.users import User, user_by_id
 from gn3.auth.authentication.oauth2.resource_server import require_oauth
 
 from .models import (
-    get_collection, user_collections, save_collections, create_collection)
+    get_collection, user_collections, save_collections, create_collection,
+    delete_collections as _delete_collections)
 
 collections = Blueprint("collections", __name__)
 
@@ -128,3 +129,22 @@ def delete_anonymous() -> Response:
         return jsonify({
             "message": f"Deletion of {len(anon_colls)} was successful."
         })
+
+@collections.route("/delete", methods=["POST"])
+@require_json
+def delete_collections():
+    """Delete specified collections."""
+    with (Redis.from_url(current_app.config["REDIS_URI"],
+                         decode_responses=True) as redisconn):
+        coll_ids = tuple(UUID(cid) for cid in request.json["collection_ids"])
+        deleted = _delete_collections(
+            redisconn,
+            User(request.json["anon_id"], "anon@ymous.user", "Anonymous User"),
+            coll_ids)
+        if bool(request.headers.get("Authorization")):
+            with require_oauth.acquire("profile user") as token:
+                deleted = deleted + _delete_collections(
+                    redisconn, token.user, coll_ids)
+
+        return jsonify({
+            "message": f"Deleted {len(deleted)} collections."})