Purge user's files

2 files changed, 42 insertions, 0 deletions

diff --git a/src/api/routes/admin/userPurge.js b/src/api/routes/admin/userPurge.js
new file mode 100644
index 0000000..90f6ec9
--- /dev/null
+++ b/src/api/routes/admin/userPurge.js
@@ -0,0 +1,26 @@
+const Route = require('../../structures/Route');
+const Util = require('../../utils/Util');
+
+class userDemote extends Route {
+	constructor() {
+		super('/admin/users/purge', 'post', { adminOnly: true });
+	}
+
+	async run(req, res) {
+		if (!req.body) return res.status(400).json({ message: 'No body provided' });
+		const { id } = req.body;
+		if (!id) return res.status(400).json({ message: 'No id provided' });
+
+		try {
+			await Util.deleteAllFilesFromUser(id);
+		} catch (error) {
+			return super.error(res, error);
+		}
+
+		return res.json({
+			message: 'Successfully deleted the user\'s files'
+		});
+	}
+}
+
+module.exports = userDemote;
diff --git a/src/api/utils/Util.js b/src/api/utils/Util.js
index 26edf4b..9e9753c 100644
--- a/src/api/utils/Util.js
+++ b/src/api/utils/Util.js
@@ -90,6 +90,10 @@ class Util {
 	}
 
 	static constructFilePublicLink(file) {
+		/*
+			TODO: This wont work without a reverse proxy serving both
+			the site and the API under the same domain. Pls fix.
+		*/
 		file.url = `${process.env.DOMAIN}/${file.name}`;
 		const thumb = this.getFileThumbnail(file.name);
 		if (thumb) {
@@ -175,6 +179,18 @@ class Util {
 		}
 	}
 
+	static async deleteAllFilesFromUser(id) {
+		try {
+			const files = await db.table('files').where({ userId: id });
+			for (const file of files) {
+				await jetpack.removeAsync(path.join(__dirname, '..', '..', '..', process.env.UPLOAD_FOLDER, file));
+			}
+			await db.table('files').where({ userId: id }).delete();
+		} catch (error) {
+			log.error(error);
+		}
+	}
+
 	static isAuthorized(req) {
 		if (!req.headers.authorization) return false;
 		const token = req.headers.authorization.split(' ')[1];