feat: edit/delete terms — audited, blocked when referenced (#30)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -5,9 +5,10 @@ use axum::{
|
||||
Json, Router,
|
||||
extract::{Path, State},
|
||||
http::StatusCode,
|
||||
response::{IntoResponse, Response},
|
||||
routing::get,
|
||||
};
|
||||
use domain::{AuditActor, LocalizedLabel, NewTerm, VocabularyId};
|
||||
use domain::{AuditActor, LocalizedLabel, NewTerm, TermId, VocabularyId};
|
||||
use serde::{Deserialize, Serialize};
|
||||
use utoipa::ToSchema;
|
||||
|
||||
@@ -221,6 +222,139 @@ pub(crate) async fn add_term(
|
||||
))
|
||||
}
|
||||
|
||||
/// 409 body: how many catalogue objects still reference the entity.
|
||||
#[derive(Serialize, ToSchema)]
|
||||
pub(crate) struct InUseView {
|
||||
pub count: i64,
|
||||
}
|
||||
|
||||
#[derive(Deserialize, ToSchema)]
|
||||
pub(crate) struct UpdateTermRequest {
|
||||
pub external_uri: Option<String>,
|
||||
pub labels: Vec<LabelInput>,
|
||||
}
|
||||
|
||||
#[utoipa::path(
|
||||
patch, path = "/api/admin/vocabularies/{id}/terms/{term_id}",
|
||||
request_body = UpdateTermRequest,
|
||||
params(
|
||||
("id" = String, Path, description = "Vocabulary id (UUID)"),
|
||||
("term_id" = String, Path, description = "Term id (UUID)")
|
||||
),
|
||||
responses(
|
||||
(status = 204),
|
||||
(status = 401),
|
||||
(status = 403),
|
||||
(status = 404)
|
||||
)
|
||||
)]
|
||||
pub(crate) async fn update_term(
|
||||
auth: Authorized<EditCatalogue>,
|
||||
State(state): State<AppState>,
|
||||
Path((id, term_id)): Path<(String, String)>,
|
||||
Json(req): Json<UpdateTermRequest>,
|
||||
) -> Result<StatusCode, StatusCode> {
|
||||
let vocabulary_id = id
|
||||
.parse::<VocabularyId>()
|
||||
.map_err(|_| StatusCode::NOT_FOUND)?;
|
||||
|
||||
let term_id = term_id
|
||||
.parse::<TermId>()
|
||||
.map_err(|_| StatusCode::NOT_FOUND)?;
|
||||
|
||||
let labels: Vec<LocalizedLabel> = req
|
||||
.labels
|
||||
.into_iter()
|
||||
.map(|l| LocalizedLabel {
|
||||
lang: l.lang,
|
||||
label: l.label,
|
||||
})
|
||||
.collect();
|
||||
|
||||
let mut tx = state
|
||||
.db
|
||||
.pool()
|
||||
.begin()
|
||||
.await
|
||||
.map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
|
||||
|
||||
let existed = db::vocab::update_term(
|
||||
&mut tx,
|
||||
AuditActor::User(auth.user.id.to_uuid()),
|
||||
vocabulary_id,
|
||||
term_id,
|
||||
req.external_uri.as_deref(),
|
||||
&labels,
|
||||
)
|
||||
.await
|
||||
.map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
|
||||
|
||||
if existed {
|
||||
tx.commit()
|
||||
.await
|
||||
.map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
|
||||
|
||||
Ok(StatusCode::NO_CONTENT)
|
||||
} else {
|
||||
Err(StatusCode::NOT_FOUND)
|
||||
}
|
||||
}
|
||||
|
||||
#[utoipa::path(
|
||||
delete, path = "/api/admin/vocabularies/{id}/terms/{term_id}",
|
||||
params(
|
||||
("id" = String, Path, description = "Vocabulary id (UUID)"),
|
||||
("term_id" = String, Path, description = "Term id (UUID)")
|
||||
),
|
||||
responses(
|
||||
(status = 204),
|
||||
(status = 401),
|
||||
(status = 403),
|
||||
(status = 404),
|
||||
(status = 409, body = InUseView, description = "Referenced by catalogue objects")
|
||||
)
|
||||
)]
|
||||
pub(crate) async fn delete_term(
|
||||
auth: Authorized<EditCatalogue>,
|
||||
State(state): State<AppState>,
|
||||
Path((id, term_id)): Path<(String, String)>,
|
||||
) -> Response {
|
||||
let (Ok(vocab_id), Ok(term_id)) = (id.parse::<VocabularyId>(), term_id.parse::<TermId>())
|
||||
else {
|
||||
return StatusCode::NOT_FOUND.into_response();
|
||||
};
|
||||
|
||||
let Ok(mut tx) = state.db.pool().begin().await else {
|
||||
return StatusCode::INTERNAL_SERVER_ERROR.into_response();
|
||||
};
|
||||
|
||||
let outcome = db::vocab::delete_term(
|
||||
&mut tx,
|
||||
AuditActor::User(auth.user.id.to_uuid()),
|
||||
vocab_id,
|
||||
term_id,
|
||||
)
|
||||
.await;
|
||||
|
||||
match outcome {
|
||||
Ok(db::DeleteOutcome::Deleted) => match tx.commit().await {
|
||||
Ok(()) => StatusCode::NO_CONTENT.into_response(),
|
||||
Err(_) => StatusCode::INTERNAL_SERVER_ERROR.into_response(),
|
||||
},
|
||||
Ok(db::DeleteOutcome::InUse { count }) => {
|
||||
let _ = tx.rollback().await;
|
||||
|
||||
(StatusCode::CONFLICT, Json(InUseView { count })).into_response()
|
||||
}
|
||||
Ok(db::DeleteOutcome::NotFound) => {
|
||||
let _ = tx.rollback().await;
|
||||
|
||||
StatusCode::NOT_FOUND.into_response()
|
||||
}
|
||||
Err(_) => StatusCode::INTERNAL_SERVER_ERROR.into_response(),
|
||||
}
|
||||
}
|
||||
|
||||
pub(crate) fn routes() -> Router<AppState> {
|
||||
Router::new()
|
||||
.route(
|
||||
@@ -231,4 +365,8 @@ pub(crate) fn routes() -> Router<AppState> {
|
||||
"/api/admin/vocabularies/{id}/terms",
|
||||
get(list_terms).post(add_term),
|
||||
)
|
||||
.route(
|
||||
"/api/admin/vocabularies/{id}/terms/{term_id}",
|
||||
axum::routing::patch(update_term).delete(delete_term),
|
||||
)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user