From b23cb8915ccf50ae0c3db0cb48648423abf0e571 Mon Sep 17 00:00:00 2001
From: Moriz Wahl <moriz.wahl@gmx.de>
Date: Wed, 9 Mar 2022 19:06:15 +0100
Subject: [PATCH 1/3] set roles and rights

---
 backend/src/auth/RIGHTS.ts | 1 +
 backend/src/auth/ROLES.ts  | 1 +
 2 files changed, 2 insertions(+)

diff --git a/backend/src/auth/RIGHTS.ts b/backend/src/auth/RIGHTS.ts
index a18f0132a..fa9dda805 100644
--- a/backend/src/auth/RIGHTS.ts
+++ b/backend/src/auth/RIGHTS.ts
@@ -19,6 +19,7 @@ export enum RIGHTS {
   UPDATE_USER_INFOS = 'UPDATE_USER_INFOS',
   HAS_ELOPAGE = 'HAS_ELOPAGE',
   CREATE_TRANSACTION_LINK = 'CREATE_TRANSACTION_LINK',
+  DELETE_TRANSACTION_LINK = 'DELETE_TRANSACTION_LINK',
   // Admin
   SEARCH_USERS = 'SEARCH_USERS',
   CREATE_PENDING_CREATION = 'CREATE_PENDING_CREATION',
diff --git a/backend/src/auth/ROLES.ts b/backend/src/auth/ROLES.ts
index 37a4e3a67..2a86b5bab 100644
--- a/backend/src/auth/ROLES.ts
+++ b/backend/src/auth/ROLES.ts
@@ -19,6 +19,7 @@ export const ROLE_USER = new Role('user', [
   RIGHTS.UPDATE_USER_INFOS,
   RIGHTS.HAS_ELOPAGE,
   RIGHTS.CREATE_TRANSACTION_LINK,
+  RIGHTS.DELETE_TRANSACTION_LINK,
 ])
 export const ROLE_ADMIN = new Role('admin', Object.values(RIGHTS)) // all rights
 

From 4784fc23abc954eba76ee87a2fcf7548dd3f1260 Mon Sep 17 00:00:00 2001
From: Moriz Wahl <moriz.wahl@gmx.de>
Date: Wed, 9 Mar 2022 19:30:31 +0100
Subject: [PATCH 2/3] delete transaction link mutation

---
 .../resolver/TransactionLinkResolver.ts       | 30 ++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

diff --git a/backend/src/graphql/resolver/TransactionLinkResolver.ts b/backend/src/graphql/resolver/TransactionLinkResolver.ts
index d60146096..9f9f5e493 100644
--- a/backend/src/graphql/resolver/TransactionLinkResolver.ts
+++ b/backend/src/graphql/resolver/TransactionLinkResolver.ts
@@ -1,7 +1,7 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
 /* eslint-disable @typescript-eslint/explicit-module-boundary-types */
 
-import { Resolver, Args, Authorized, Ctx, Mutation } from 'type-graphql'
+import { Resolver, Args, Arg, Authorized, Ctx, Mutation } from 'type-graphql'
 import { getCustomRepository } from '@dbTools/typeorm'
 import { TransactionLink } from '@model/TransactionLink'
 import { TransactionLink as dbTransactionLink } from '@entity/TransactionLink'
@@ -67,4 +67,32 @@ export class TransactionLinkResolver {
 
     return new TransactionLink(transactionLink, new User(user))
   }
+
+  @Authorized([RIGHTS.DELETE_TRANSACTION_LINK])
+  @Mutation(() => Date, { nullable: true })
+  async deleteTransactionLink(
+    @Arg('id') id: number,
+    @Ctx() context: any,
+  ): Promise<Date | null | undefined> {
+    const userRepository = getCustomRepository(UserRepository)
+    const user = await userRepository.findByPubkeyHex(context.pubKey)
+
+    const transactionLink = await dbTransactionLink.findOne({ id })
+    if (!transactionLink) {
+      throw new Error('Transaction Link not found!')
+    }
+
+    // TODO: admin can delete links?
+    if (transactionLink.userId !== user.id) {
+      throw new Error('Transaction Link cannot be deleted!')
+    }
+
+    if (transactionLink.redeemedBy) {
+      throw new Error('Transaction Link already redeemed!')
+    }
+
+    await transactionLink.softRemove()
+    const newLink = await dbTransactionLink.findOne({ id }, { withDeleted: true })
+    return newLink ? newLink.deletedAt : null
+  }
 }

From cb4e6da31725cd01c4d392f2e44f0b34f9e97a65 Mon Sep 17 00:00:00 2001
From: Moriz Wahl <moriz.wahl@gmx.de>
Date: Thu, 10 Mar 2022 18:25:54 +0100
Subject: [PATCH 3/3] deleteTransactionLink mutation returns boolean, no more
 to does

---
 .../graphql/resolver/TransactionLinkResolver.ts  | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/backend/src/graphql/resolver/TransactionLinkResolver.ts b/backend/src/graphql/resolver/TransactionLinkResolver.ts
index 9f9f5e493..a3a044ded 100644
--- a/backend/src/graphql/resolver/TransactionLinkResolver.ts
+++ b/backend/src/graphql/resolver/TransactionLinkResolver.ts
@@ -69,11 +69,8 @@ export class TransactionLinkResolver {
   }
 
   @Authorized([RIGHTS.DELETE_TRANSACTION_LINK])
-  @Mutation(() => Date, { nullable: true })
-  async deleteTransactionLink(
-    @Arg('id') id: number,
-    @Ctx() context: any,
-  ): Promise<Date | null | undefined> {
+  @Mutation(() => Boolean)
+  async deleteTransactionLink(@Arg('id') id: number, @Ctx() context: any): Promise<boolean> {
     const userRepository = getCustomRepository(UserRepository)
     const user = await userRepository.findByPubkeyHex(context.pubKey)
 
@@ -82,7 +79,6 @@ export class TransactionLinkResolver {
       throw new Error('Transaction Link not found!')
     }
 
-    // TODO: admin can delete links?
     if (transactionLink.userId !== user.id) {
       throw new Error('Transaction Link cannot be deleted!')
     }
@@ -91,8 +87,10 @@ export class TransactionLinkResolver {
       throw new Error('Transaction Link already redeemed!')
     }
 
-    await transactionLink.softRemove()
-    const newLink = await dbTransactionLink.findOne({ id }, { withDeleted: true })
-    return newLink ? newLink.deletedAt : null
+    await transactionLink.softRemove().catch(() => {
+      throw new Error('Transaction Link could not be deleted!')
+    })
+
+    return true
   }
 }