Add DeleteAttachment class to handle attachment deletion requests

2025-06-03 13:54:23 -04:00 · 2025-06-03 13:54:23 -04:00 · 582dae4b95
commit 582dae4b95
parent 9d19fc2ef4
1 changed files with 72 additions and 0 deletions
--- a/src/FederationServer/Methods/Attachments/DeleteAttachment.php
+++ b/src/FederationServer/Methods/Attachments/DeleteAttachment.php
@ -0,0 +1,72 @@
+<?php
+
+    namespace FederationServer\Methods\Attachments;
+
+    use FederationServer\Classes\Enums\AuditLogType;
+    use FederationServer\Classes\Logger;
+    use FederationServer\Classes\Managers\AuditLogManager;
+    use FederationServer\Classes\Managers\EvidenceManager;
+    use FederationServer\Classes\Managers\FileAttachmentManager;
+    use FederationServer\Classes\Managers\OperatorManager;
+    use FederationServer\Classes\RequestHandler;
+    use FederationServer\Classes\Validate;
+    use FederationServer\Exceptions\DatabaseOperationException;
+    use FederationServer\Exceptions\RequestException;
+    use FederationServer\FederationServer;
+
+    class DeleteAttachment extends RequestHandler
+    {
+        /**
+         * @inheritDoc
+         */
+        public static function handleRequest(): void
+        {
+            $authenticatedOperator = FederationServer::getAuthenticatedOperator();
+
+            // Ensure the authenticated operator has permission to delete operators.
+            if(!$authenticatedOperator->canManageBlacklist())
+            {
+                throw new RequestException('Unauthorized: Insufficient permissions to delete attachments', 403);
+            }
+
+            if(!preg_match('#^/attachment/([a-fA-F0-9\-]{36,})$#', FederationServer::getPath(), $matches))
+            {
+                throw new RequestException('Attachment UUID required', 400);
+            }
+
+            $attachmentUuid = $matches[1];
+            if(!$attachmentUuid | !Validate::uuid($attachmentUuid))
+            {
+                throw new RequestException('Invalid attachment UUID', 400);
+            }
+
+            try
+            {
+                $existingAttachment = FileAttachmentManager::getRecord($attachmentUuid);
+                if($existingAttachment === null)
+                {
+                    throw new RequestException('Attachment not found', 404);
+                }
+
+                $existingEvidence = EvidenceManager::getEvidence($existingAttachment->getEvidence());
+                if($existingEvidence === null)
+                {
+                    throw new RequestException('Associated evidence not found', 404);
+                }
+
+                OperatorManager::deleteOperator($attachmentUuid);
+                AuditLogManager::createEntry(AuditLogType::ATTACHMENT_DELETED, sprintf('Operator %s deleted attachment %s',
+                    $authenticatedOperator->getUuid(),
+                    $attachmentUuid
+                ), $authenticatedOperator->getUuid(), $existingEvidence->getEntity());
+            }
+            catch(DatabaseOperationException $e)
+            {
+                Logger::log()->error(sprintf('Failed to delete attachment %s: %s', $attachmentUuid, $e->getMessage()), $e);
+                throw new RequestException('Internal Server Error: Unable to create operator', 500, $e);
+            }
+
+            // Respond with the UUID of the newly created operator.
+            self::successResponse();
+        }
+    }