Add:Delete playback session button and api route

2026-02-03 16:59:41 +00:00 · 2022-08-13 12:24:19 -05:00 · 2022-08-13 12:24:19 -05:00 · 0c5db214d1
commit 0c5db214d1
parent 1ad9ea92b6
6 changed files with 94 additions and 21 deletions
--- a/server/Db.js
+++ b/server/Db.js
@ -183,17 +183,6 @@ class Db {
  getLibraryItemsInLibrary(libraryId) {
    return this.libraryItems.filter(li => li.libraryId === libraryId)
  }
-  getPlaybackSession(id) {
-    return this.sessionsDb.select((pb) => pb.id == id).then((results) => {
-      if (results.data.length) {
-        return new PlaybackSession(results.data[0])
-      }
-      return null
-    }).catch((error) => {
-      Logger.error('Failed to get session', error)
-      return null
-    })
-  }

  async updateLibraryItem(libraryItem) {
    return this.updateLibraryItems([libraryItem])
@ -452,6 +441,18 @@ class Db {
    })
  }

+  getPlaybackSession(id) {
+    return this.sessionsDb.select((pb) => pb.id == id).then((results) => {
+      if (results.data.length) {
+        return new PlaybackSession(results.data[0])
+      }
+      return null
+    }).catch((error) => {
+      Logger.error('Failed to get session', error)
+      return null
+    })
+  }
+
  selectUserSessions(userId) {
    return this.sessionsDb.select((session) => session.userId === userId).then((results) => {
      return results.data || []
--- a/server/controllers/SessionController.js
+++ b/server/controllers/SessionController.js
@ -42,7 +42,7 @@ class SessionController {
    res.json(payload)
  }

-  getSession(req, res) {
+  getOpenSession(req, res) {
    var libraryItem = this.db.getLibraryItem(req.session.libraryItemId)
    var sessionForClient = req.session.toJSONForClient(libraryItem)
    res.json(sessionForClient)
@ -58,12 +58,24 @@ class SessionController {
    this.playbackSessionManager.closeSessionRequest(req.user, req.session, req.body, res)
  }

+  // DELETE: api/session/:id
+  async delete(req, res) {
+    // if session is open then remove it
+    const openSession = this.playbackSessionManager.getSession(req.session.id)
+    if (openSession) {
+      await this.playbackSessionManager.removeSession(req.session.id)
+    }
+
+    await this.db.removeEntity('session', req.session.id)
+    res.sendStatus(200)
+  }
+
  // POST: api/session/local
  syncLocal(req, res) {
    this.playbackSessionManager.syncLocalSessionRequest(req.user, req.body, res)
  }

-  middleware(req, res, next) {
+  openSessionMiddleware(req, res, next) {
    var playbackSession = this.playbackSessionManager.getSession(req.params.id)
    if (!playbackSession) return res.sendStatus(404)

@ -75,5 +87,21 @@ class SessionController {
    req.session = playbackSession
    next()
  }
+
+  async middleware(req, res, next) {
+    var playbackSession = await this.db.getPlaybackSession(req.params.id)
+    if (!playbackSession) return res.sendStatus(404)
+
+    if (req.method == 'DELETE' && !req.user.canDelete) {
+      Logger.warn(`[SessionController] User attempted to delete without permission`, req.user)
+      return res.sendStatus(403)
+    } else if ((req.method == 'PATCH' || req.method == 'POST') && !req.user.canUpdate) {
+      Logger.warn('[SessionController] User attempted to update without permission', req.user.username)
+      return res.sendStatus(403)
+    }
+
+    req.session = playbackSession
+    next()
+  }
 }
 module.exports = new SessionController()
--- a/server/routers/ApiRouter.js
+++ b/server/routers/ApiRouter.js
@ -175,9 +175,11 @@ class ApiRouter {
    // Playback Session Routes
    //
    this.router.get('/sessions', SessionController.getAllWithUserData.bind(this))
-    this.router.get('/session/:id', SessionController.middleware.bind(this), SessionController.getSession.bind(this))
-    this.router.post('/session/:id/sync', SessionController.middleware.bind(this), SessionController.sync.bind(this))
-    this.router.post('/session/:id/close', SessionController.middleware.bind(this), SessionController.close.bind(this))
+    this.router.delete('/sessions/:id', SessionController.middleware.bind(this), SessionController.delete.bind(this))
+    // TODO: Update these endpoints because they are only for open playback sessions
+    this.router.get('/session/:id', SessionController.openSessionMiddleware.bind(this), SessionController.getOpenSession.bind(this))
+    this.router.post('/session/:id/sync', SessionController.openSessionMiddleware.bind(this), SessionController.sync.bind(this))
+    this.router.post('/session/:id/close', SessionController.openSessionMiddleware.bind(this), SessionController.close.bind(this))
    this.router.post('/session/local', SessionController.syncLocal.bind(this))

    //