Implement asset deletion and fix redirect logic

srv/src/api/api.go

@@ -5,6 +5,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"html/template"
 	"net"
 	"net/http"
 	"net/http/httputil"
@@ -101,6 +102,8 @@ type API interface {
 type api struct {
 	params Params
 	srv    *http.Server
+
+	redirectTpl *template.Template
 }
 
 // New initializes and returns a new API instance, including setting up all
@@ -122,6 +125,8 @@ func New(params Params) (API, error) {
 		params: params,
 	}
 
+	a.redirectTpl = a.mustParseTpl("redirect.html")
+
 	a.srv = &http.Server{Handler: a.handler()}
 
 	go func() {
@@ -201,11 +206,13 @@ func (a *api) handler() http.Handler {
 		v2Mux := http.NewServeMux()
 		v2Mux.Handle("/follow.html", a.renderDumbHandler("follow.html"))
 		v2Mux.Handle("/posts/", a.renderPostHandler())
-		v2Mux.Handle("/assets", apiutil.MethodMux(map[string]http.Handler{
+		v2Mux.Handle("/assets/", http.StripPrefix("/assets",
-			"GET":  a.renderPostAssetsIndexHandler(),
+			apiutil.MethodMux(map[string]http.Handler{
-			"POST": formMiddleware(a.uploadPostAssetHandler()),
+				"GET":    a.getPostAssetHandler(),
-		}))
+				"POST":   formMiddleware(a.postPostAssetHandler()),
-		v2Mux.Handle("/assets/", a.servePostAssetHandler())
+				"DELETE": formMiddleware(a.deletePostAssetHandler()),
+			}),
+		))
 		v2Mux.Handle("/", a.renderIndexHandler())
 
 		mux.Handle("/v2/", http.StripPrefix("/v2", v2Mux))

srv/src/api/apiutil/apiutil.go

@@ -121,7 +121,13 @@ func MethodMux(handlers map[string]http.Handler) http.Handler {
 
 	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
 
-		handler, ok := handlers[strings.ToUpper(r.Method)]
+		method := strings.ToUpper(r.FormValue("method"))
+
+		if method == "" {
+			method = strings.ToUpper(r.Method)
+		}
+
+		handler, ok := handlers[method]
 
 		if !ok {
 			http.Error(rw, "Method not allowed", http.StatusMethodNotAllowed)

srv/src/api/assets.go

@@ -50,12 +50,19 @@ func resizeImage(out io.Writer, in io.Reader, maxWidth float64) error {
 	}
 }
 
-func (a *api) servePostAssetHandler() http.Handler {
+func (a *api) getPostAssetHandler() http.Handler {
+
+	renderHandler := a.renderPostAssetsIndexHandler()
 
 	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
 
 		id := filepath.Base(r.URL.Path)
 
+		if id == "/" {
+			renderHandler.ServeHTTP(rw, r)
+			return
+		}
+
 		maxWidth, err := apiutil.StrToInt(r.FormValue("w"), 0)
 		if err != nil {
 			apiutil.BadRequest(rw, r, fmt.Errorf("invalid w parameter: %w", err))
@@ -112,9 +119,7 @@ func (a *api) servePostAssetHandler() http.Handler {
 	})
 }
 
-func (a *api) uploadPostAssetHandler() http.Handler {
+func (a *api) postPostAssetHandler() http.Handler {
-
-	renderIndex := a.renderPostAssetsIndexHandler()
 
 	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
 
@@ -136,6 +141,33 @@ func (a *api) uploadPostAssetHandler() http.Handler {
 			return
 		}
 
-		renderIndex.ServeHTTP(rw, r)
+		a.executeRedirectTpl(rw, r, "assets/")
+	})
+}
+
+func (a *api) deletePostAssetHandler() http.Handler {
+
+	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+
+		id := filepath.Base(r.URL.Path)
+
+		if id == "" {
+			apiutil.BadRequest(rw, r, errors.New("id is required"))
+			return
+		}
+
+		err := a.params.PostAssetStore.Delete(id)
+
+		if errors.Is(err, post.ErrAssetNotFound) {
+			http.Error(rw, "Asset not found", 404)
+			return
+		} else if err != nil {
+			apiutil.InternalServerError(
+				rw, r, fmt.Errorf("deleting asset with id %q: %w", id, err),
+			)
+			return
+		}
+
+		a.executeRedirectTpl(rw, r, "assets/")
 	})
 }

srv/src/api/render.go

@@ -20,21 +20,29 @@ import (
 //go:embed tpl
 var tplFS embed.FS
 
-func (a *api) mustParseTpl(name string) *template.Template {
+func mustReadTplFile(fileName string) string {
+	path := filepath.Join("tpl", fileName)
 
-	mustRead := func(fileName string) string {
+	b, err := fs.ReadFile(tplFS, path)
-		path := filepath.Join("tpl", fileName)
+	if err != nil {
-
+		panic(fmt.Errorf("reading file %q from tplFS: %w", path, err))
-		b, err := fs.ReadFile(tplFS, path)
-		if err != nil {
-			panic(fmt.Errorf("reading file %q from tplFS: %w", path, err))
-		}
-
-		return string(b)
 	}
 
+	return string(b)
+}
+
+func (a *api) mustParseTpl(name string) *template.Template {
+
 	blogURL := func(path string) string {
-		return filepath.Join(a.params.PathPrefix, "/v2", path)
+
+		trailingSlash := strings.HasSuffix(path, "/")
+		path = filepath.Join(a.params.PathPrefix, "/v2", path)
+
+		if trailingSlash {
+			path += "/"
+		}
+
+		return path
 	}
 
 	tpl := template.New("").Funcs(template.FuncMap{
@@ -45,12 +53,17 @@ func (a *api) mustParseTpl(name string) *template.Template {
 		},
 	})
 
-	tpl = template.Must(tpl.Parse(mustRead(name)))
+	tpl = template.Must(tpl.Parse(mustReadTplFile(name)))
-	tpl = template.Must(tpl.New("base.html").Parse(mustRead("base.html")))
 
 	return tpl
 }
 
+func (a *api) mustParseBasedTpl(name string) *template.Template {
+	tpl := a.mustParseTpl(name)
+	tpl = template.Must(tpl.New("base.html").Parse(mustReadTplFile("base.html")))
+	return tpl
+}
+
 type tplData struct {
 	Payload   interface{}
 	CSRFToken string
@@ -84,9 +97,19 @@ func executeTemplate(
 	}
 }
 
+func (a *api) executeRedirectTpl(
+	rw http.ResponseWriter, r *http.Request, path string,
+) {
+	executeTemplate(rw, r, a.redirectTpl, struct {
+		Path string
+	}{
+		Path: path,
+	})
+}
+
 func (a *api) renderIndexHandler() http.Handler {
 
-	tpl := a.mustParseTpl("index.html")
+	tpl := a.mustParseBasedTpl("index.html")
 	const pageCount = 10
 
 	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
@@ -135,7 +158,7 @@ func (a *api) renderIndexHandler() http.Handler {
 
 func (a *api) renderPostHandler() http.Handler {
 
-	tpl := a.mustParseTpl("post.html")
+	tpl := a.mustParseBasedTpl("post.html")
 
 	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
 
@@ -208,7 +231,7 @@ func (a *api) renderPostHandler() http.Handler {
 
 func (a *api) renderDumbHandler(tplName string) http.Handler {
 
-	tpl := a.mustParseTpl(tplName)
+	tpl := a.mustParseBasedTpl(tplName)
 
 	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
 		if err := tpl.Execute(rw, nil); err != nil {
@@ -222,7 +245,7 @@ func (a *api) renderDumbHandler(tplName string) http.Handler {
 
 func (a *api) renderPostAssetsIndexHandler() http.Handler {
 
-	tpl := a.mustParseTpl("admin-assets.html")
+	tpl := a.mustParseBasedTpl("assets.html")
 
 	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
 

srv/src/api/tpl/assets.html

@@ -1,5 +1,7 @@
 {{ define "body" }}
 
+{{ $csrfFormInput := .CSRFFormInput }}
+
 <h2>Upload Asset</h2>
 
 <p>
@@ -7,8 +9,8 @@
   overwritten.
 </p>
 
-<form action={{ BlogURL "assets" }} method="POST" enctype="multipart/form-data">
+<form action="{{ BlogURL "assets/" }}" method="POST" enctype="multipart/form-data">
-  {{ .CSRFFormInput }}
+  {{ $csrfFormInput }}
   <div class="row">
     <div class="four columns">
       <input type="text" placeholder="Unique ID" name="id" />
@@ -30,7 +32,10 @@
     <tr>
       <td><a href="{{ AssetURL . }}" target="_blank">{{ . }}</a></td>
       <td>
-        Delete (TODO)
+        <form action="{{ BlogURL "assets/" }}{{ . }}?method=delete" method="POST">
+          {{ $csrfFormInput }}
+          <input type="submit" value="Delete" />
+        </form>
       </td>
     </tr>
   {{ end }}

srv/src/api/tpl/redirect.html

@@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta http-equiv="refresh" content="0; url='{{ BlogURL .Payload.Path }}'" />
+  </head>
+  <body>
+    <p>Redirecting...</p>
+  </body>
+</html>