Add API endpoint to delete message. Part of #5

A better view system is probably needed to add the actual button/other header information planned.
t2bot · Feb 14, 2017 · 82d4a71 · 82d4a71
1 parent 0815d8c
commit 82d4a71
Show file tree

Hide file tree

Showing 3 changed files with 57 additions and 6 deletions.
diff --git a/config/default.json b/config/default.json
@@ -13,7 +13,8 @@
       "allow_from": ["[email protected]"],
       "deny_from": ["[email protected]"],
       "message_format": "$subject: <a href='https://email.t2bot.io/m/$id'>Click to view</a>",
-      "skip_db": false
+      "skip_db": false,
+      "delete_key": "YOUR_SECRET_KEY_HERE"
     }
   },
   "room_defaults": {

diff --git a/database.js b/database.js
@@ -5,10 +5,24 @@ var db = new sqlite3.Database("db/" + (process.env.NODE_ENV || "development") +
 
 function init() {
     db.serialize(function () {
+        // TODO: Proper migration scripts
         db.run("CREATE TABLE IF NOT EXISTS captured_emails (id TEXT PRIMARY KEY NOT NULL, email_id TEXT NOT NULL, from_email TEXT NOT NULL, from_name TEXT NOT NULL, to_email TEXT NOT NULL, to_name TEXT NOT NULL, subject TEXT NOT NULL, body TEXT NOT NULL, is_html TINYINT NOT NULL, received_timestamp DATETIME)");
+        db.all("PRAGMA table_info(captured_emails)", function (err, rows) {
+            var addTargetRoomCol = true;
+            for (var i = 0; i < rows.length; i++) {
+                var row = rows[i];
+                if (row.name == "target_room") {
+                    addTargetRoomCol = false;
+                    break;
+                }
+            }
+
+            if (addTargetRoomCol)
+                db.run("ALTER TABLE captured_emails ADD COLUMN target_room TEXT NOT NULL DEFAULT 'Unknown'");
+        });
     });
 }
-function prepareMessage(emailId, fromEmail, fromName, toEmail, toName, subject, body, isHtml) {
+function prepareMessage(emailId, fromEmail, fromName, toEmail, toName, subject, body, isHtml, targetRoom) {
     return {
         email_id: emailId,
         from_name: fromName,
@@ -17,14 +31,15 @@ function prepareMessage(emailId, fromEmail, fromName, toEmail, toName, subject,
         to_email: toEmail,
         subject: subject,
         body: body,
-        is_html: isHtml
+        is_html: isHtml,
+        target_room: targetRoom
     };
 }
 
 function writeMessage(message) {
     var id = uuid.v4();
-    db.run("INSERT INTO captured_emails (id, email_id, from_name, from_email, to_name, to_email, subject, body, is_html, received_timestamp) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, CURRENT_TIMESTAMP)",
-        id, message.email_id, message.from_name, message.from_email, message.to_name, message.to_email, message.subject, message.body, message.is_html ? 1 : 0);
+    db.run("INSERT INTO captured_emails (id, email_id, from_name, from_email, to_name, to_email, subject, body, is_html, received_timestamp, target_room) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, CURRENT_TIMESTAMP, ?)",
+        id, message.email_id, message.from_name, message.from_email, message.to_name, message.to_email, message.subject, message.body, message.is_html ? 1 : 0, message.target_room);
     return id;
 }
 
@@ -40,10 +55,17 @@ function hasEmailMessage(emailId, callback) {
     });
 }
 
+function deleteMessage(id, callback) {
+    db.run("DELETE FROM captured_emails WHERE email_id = ?", id, function (err) {
+        callback(err ? false : true);
+    });
+}
+
 module.exports = {
     init: init,
     writeMessage: writeMessage,
     prepareMessage: prepareMessage,
     getMessage: getMessage,
-    hasEmailMessage: hasEmailMessage
+    hasEmailMessage: hasEmailMessage,
+    deleteMessage: deleteMessage
 };
diff --git a/web.js b/web.js
@@ -26,6 +26,34 @@ app.get('/m/:id', function (request, response) {
     });
 });
 
+app.delete('/m/:id', function (request, response) {
+    db.getMessage(request.params.id, function (msg) {
+        if (!msg) {
+            response.status(404);
+            response.json({error: "message not found "});
+        } else {
+            var roomConfig = config.rules[msg.target_room];
+            if (!roomConfig) {
+                response.status(401);
+                response.json({error: "Invalid secret "});
+            } else if (roomConfig.delete_key != request.params.deleteKey) {
+                response.status(401);
+                response.json({error: "Invalid secret "});
+            } else {
+                db.deleteMessage(msg.id, function (success) {
+                    if (success) {
+                        response.status(200);
+                        response.json({message: "Message deleted "});
+                    } else {
+                        response.status(500);
+                        response.json({error: "Internal Server Error"});
+                    }
+                });
+            }
+        }
+    });
+});
+
 function init() {
     app.set("view engine", "pug");
     app.listen(config.get("web.port"), config.get("web.bind_ip"));