From 3d01f3c2afa968bb61446028aab8739f3e7b23c2 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Tue, 27 Aug 2019 13:47:11 +0100
Subject: [PATCH] Confirm screen for deleting posts

---
 daemon.py       | 54 +++++++++++++++++++++++++++++++++++++------------
 webinterface.py | 45 ++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 85 insertions(+), 14 deletions(-)

diff --git a/daemon.py b/daemon.py
index 1155e7a9..0e8d73fe 100644
--- a/daemon.py
+++ b/daemon.py
@@ -76,6 +76,7 @@ from roles import setRole
 from roles import clearModeratorStatus
 from skills import outboxSkills
 from availability import outboxAvailability
+from webinterface import htmlDeletePost
 from webinterface import htmlAbout
 from webinterface import htmlRemoveSharedItem
 from webinterface import htmlInboxDMs
@@ -1022,19 +1023,19 @@ class PubServer(BaseHTTPRequestHandler):
                 self.postToNickname=getNicknameFromActor(actor)
                 if not self.server.session:
                     self.server.session= \
-                        createSession(self.server.domain,self.server.port,self.server.useTor)
-                deleteActor=self.server.httpPrefix+'://'+self.server.domainFull+'/users/'+self.postToNickname
-                deleteJson= {
-                    "@context": "https://www.w3.org/ns/activitystreams",
-                    'actor': actor,
-                    'object': deleteUrl,
-                    'to': ['https://www.w3.org/ns/activitystreams#Public',actor],
-                    'cc': [actor+'/followers'],
-                    'type': 'Delete'
-                }
-                if self.server.debug:
-                    pprint(deleteJson)
-                self._postToOutbox(deleteJson)
+                        createSession(self.server.domain,self.server.port, \
+                                      self.server.useTor)
+
+                deleteStr= \
+                    htmlDeletePost(self.server.session,self.server.baseDir, \
+                                   deleteUrl,self.server.httpPrefix, \
+                                   __version__,self.server.cachedWebfingers, \
+                                   self.server.personCache)
+                if deleteStr:
+                    self._set_headers('text/html',len(deleteStr),cookie)
+                    self.wfile.write(deleteStr)
+                    self.server.GETbusy=False
+                    return
             self.server.GETbusy=False
             self._redirect_headers(actor+'/inbox',cookie)
             return
@@ -2579,6 +2580,33 @@ class PubServer(BaseHTTPRequestHandler):
             self.server.POSTbusy=False
             return
 
+        # removes a post
+        if authorized and self.path.endswith('/rmpost'):
+            originPathStr=self.path.split('/rmpost')[0]
+            length = int(self.headers['Content-length'])
+            removePostConfirmParams=self.rfile.read(length).decode('utf-8')
+            if '&submitYes=' in removePostConfirmParams:
+                removePostConfirmParams=removePostConfirmParams.replace('%3A',':').replace('%2F','/')
+                removeMessageId=removePostConfirmParams.split('messageId=')[1]
+                if '&' in removeMessageId:
+                    removeMessageId=removeMessageId.split('&')[0]
+                if '/statuses/' in removeMessageId:
+                    removePostActor=removeMessageId.split('/statuses/')[0]
+                deleteJson= {
+                    "@context": "https://www.w3.org/ns/activitystreams",
+                    'actor': removePostActor,
+                    'object': removeMessageId,
+                    'to': ['https://www.w3.org/ns/activitystreams#Public',removePostActor],
+                    'cc': [removePostActor+'/followers'],
+                    'type': 'Delete'
+                }
+                if self.server.debug:
+                    pprint(deleteJson)
+                self._postToOutbox(deleteJson)                    
+            self._redirect_headers(originPathStr+'/outbox',cookie)
+            self.server.POSTbusy=False
+            return
+
         # decision to follow in the web interface is confirmed
         if authorized and self.path.endswith('/followconfirm'):
             originPathStr=self.path.split('/followconfirm')[0]
diff --git a/webinterface.py b/webinterface.py
index 65f2dfe1..0bf66b94 100644
--- a/webinterface.py
+++ b/webinterface.py
@@ -1658,7 +1658,50 @@ def htmlRemoveSharedItem(baseDir: str,actor: str,shareName: str) -> str:
     sharesStr+='</div>'
     sharesStr+=htmlFooter()
     return sharesStr
-    
+
+def htmlDeletePost(session,baseDir: str,messageId: str, \
+                   httpPrefix: str,projectVersion: str, \
+                   wfRequest: {},personCache: {}) -> str:
+    """Shows a screen asking to confirm the deletion of a post
+    """
+    if '/statuses/' not in messageId:
+        return None
+
+    actor=messageId.split('/statuses/')[0]
+    nickname=getNicknameFromActor(actor)
+    domain,port=getDomainFromActor(actor)
+
+    postFilename=locatePost(baseDir,nickname,domain,messageId)
+    if not postFilename:
+        return None
+    with open(postFilename, 'r') as fp:
+        postJsonObject=commentjson.load(fp)
+
+    if os.path.isfile(baseDir+'/img/delete-background.png'):
+        if not os.path.isfile(baseDir+'/accounts/delete-background.png'):
+            copyfile(baseDir+'/img/delete-background.png',baseDir+'/accounts/delete-background.png')
+
+    with open(baseDir+'/epicyon-follow.css', 'r') as cssFile:
+        profileStyle = cssFile.read()
+    deletePostStr=htmlHeader(profileStyle)
+    deletePostStr+= \
+        individualPostAsHtml(baseDir,session,wfRequest,personCache, \
+                             nickname,domain,port,postJsonObject, \
+                             None,True,False, \
+                             httpPrefix,projectVersion, \
+                             False,False)    
+    deletePostStr+='<center>'
+    deletePostStr+='  <p class="followText">Delete this post?</p>'
+    deletePostStr+= \
+        '  <form method="POST" action="'+actor+'/rmpost">' \
+        '    <input type="hidden" name="messageId" value="'+messageId+'">' \
+        '    <button type="submit" class="button" name="submitYes">Yes</button>' \
+        '    <a href="'+actor+'/inbox'+'"><button class="button">No</button></a>' \
+        '  </form>'
+    deletePostStr+='</center>'
+    deletePostStr+=htmlFooter()
+    return deletePostStr
+
 def htmlFollowConfirm(baseDir: str,originPathStr: str,followActor: str,followProfileUrl: str) -> str:
     """Asks to confirm a follow
     """