From 582dae4b95b4da544760b422320959e44247672b Mon Sep 17 00:00:00 2001
From: netkas <netkas.nosial@gmail.com>
Date: Tue, 3 Jun 2025 13:54:23 -0400
Subject: [PATCH] Add DeleteAttachment class to handle attachment deletion
 requests

---
 .../Methods/Attachments/DeleteAttachment.php  | 72 +++++++++++++++++++
 1 file changed, 72 insertions(+)
 create mode 100644 src/FederationServer/Methods/Attachments/DeleteAttachment.php

diff --git a/src/FederationServer/Methods/Attachments/DeleteAttachment.php b/src/FederationServer/Methods/Attachments/DeleteAttachment.php
new file mode 100644
index 0000000..ec31262
--- /dev/null
+++ b/src/FederationServer/Methods/Attachments/DeleteAttachment.php
@@ -0,0 +1,72 @@
+<?php
+
+    namespace FederationServer\Methods\Attachments;
+
+    use FederationServer\Classes\Enums\AuditLogType;
+    use FederationServer\Classes\Logger;
+    use FederationServer\Classes\Managers\AuditLogManager;
+    use FederationServer\Classes\Managers\EvidenceManager;
+    use FederationServer\Classes\Managers\FileAttachmentManager;
+    use FederationServer\Classes\Managers\OperatorManager;
+    use FederationServer\Classes\RequestHandler;
+    use FederationServer\Classes\Validate;
+    use FederationServer\Exceptions\DatabaseOperationException;
+    use FederationServer\Exceptions\RequestException;
+    use FederationServer\FederationServer;
+
+    class DeleteAttachment extends RequestHandler
+    {
+        /**
+         * @inheritDoc
+         */
+        public static function handleRequest(): void
+        {
+            $authenticatedOperator = FederationServer::getAuthenticatedOperator();
+
+            // Ensure the authenticated operator has permission to delete operators.
+            if(!$authenticatedOperator->canManageBlacklist())
+            {
+                throw new RequestException('Unauthorized: Insufficient permissions to delete attachments', 403);
+            }
+
+            if(!preg_match('#^/attachment/([a-fA-F0-9\-]{36,})$#', FederationServer::getPath(), $matches))
+            {
+                throw new RequestException('Attachment UUID required', 400);
+            }
+
+            $attachmentUuid = $matches[1];
+            if(!$attachmentUuid | !Validate::uuid($attachmentUuid))
+            {
+                throw new RequestException('Invalid attachment UUID', 400);
+            }
+
+            try
+            {
+                $existingAttachment = FileAttachmentManager::getRecord($attachmentUuid);
+                if($existingAttachment === null)
+                {
+                    throw new RequestException('Attachment not found', 404);
+                }
+
+                $existingEvidence = EvidenceManager::getEvidence($existingAttachment->getEvidence());
+                if($existingEvidence === null)
+                {
+                    throw new RequestException('Associated evidence not found', 404);
+                }
+
+                OperatorManager::deleteOperator($attachmentUuid);
+                AuditLogManager::createEntry(AuditLogType::ATTACHMENT_DELETED, sprintf('Operator %s deleted attachment %s',
+                    $authenticatedOperator->getUuid(),
+                    $attachmentUuid
+                ), $authenticatedOperator->getUuid(), $existingEvidence->getEntity());
+            }
+            catch(DatabaseOperationException $e)
+            {
+                Logger::log()->error(sprintf('Failed to delete attachment %s: %s', $attachmentUuid, $e->getMessage()), $e);
+                throw new RequestException('Internal Server Error: Unable to create operator', 500, $e);
+            }
+
+            // Respond with the UUID of the newly created operator.
+            self::successResponse();
+        }
+    }
\ No newline at end of file