Add Rename/Move/Update endpoints

.bruno/Plan Endpoints/delete plan.bru

@@ -1,7 +1,7 @@
 meta {
   name: delete plan
   type: http
-  seq: 2
+  seq: 5
 }
 
 delete {

.bruno/Plan Endpoints/move plan.bru

@@ -0,0 +1,24 @@
+meta {
+  name: move plan
+  type: http
+  seq: 4
+}
+
+put {
+  url: http://localhost:14014/api/move/[planId]
+  body: json
+  auth: inherit
+}
+
+body:json {
+  {
+    "name": "test",
+    "pin": "1234",
+    "folder": "new folder name"
+  }
+}
+
+settings {
+  encodeUrl: true
+  timeout: 0
+}

.bruno/Plan Endpoints/rename plan.bru

@@ -0,0 +1,24 @@
+meta {
+  name: rename plan
+  type: http
+  seq: 3
+}
+
+put {
+  url: http://localhost:14014/api/rename/[planId]
+  body: json
+  auth: inherit
+}
+
+body:json {
+  {
+    "name": "test",
+    "pin": "1234",
+    "planName": "new plan name"
+  }
+}
+
+settings {
+  encodeUrl: true
+  timeout: 0
+}

.bruno/Plan Endpoints/undelete plan.bru

@@ -1,7 +1,7 @@
 meta {
   name: undelete plan
   type: http
-  seq: 3
+  seq: 6
 }
 
 put {

.bruno/Plan Endpoints/update plan.bru

@@ -0,0 +1,24 @@
+meta {
+  name: update plan
+  type: http
+  seq: 2
+}
+
+put {
+  url: http://localhost:14014/api/move/[planId]
+  body: json
+  auth: inherit
+}
+
+body:json {
+  {
+    "name": "test",
+    "pin": "1234",
+    "data": "new plan data"
+  }
+}
+
+settings {
+  encodeUrl: true
+  timeout: 0
+}

README.md

@@ -47,6 +47,7 @@ The API will be a combination API and basic SSR.
     - /api/create - API Page: **POST** to save new plan to DB, requires name, **PIN**, and data (optionally folder), api will generate a nanoid for the PK
     - /api/update/[planId] - API Page: **PUT** to overwrite plan while keeping same name and id, requires **PIN** and data
     - /api/rename/[planId] - API Page: **PUT** to rename plan while keeping same data and id, requires **PIN** and name
+    - /api/move/[planId] - API Page: **PUT** to change what folder a plan is in while keeping same data, name, and id, requires **PIN** and name
     - /api/undelete/[planId] - API Page: **PUT** to unmark plan as deleted, requires **PIN**
     - /api/delete/[planId] - API Page: **DELETE** to mark plan as deleted, requires **PIN**
   - /api/auth - API Page: **POST** to check if you are who you say you are, requires username and **PIN**, returns userId and boolean of if email was set

mod.ts

@@ -104,6 +104,52 @@ Deno.serve({ port: config.api.port }, async (req) => {
             });
             if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't update DB.");
             return genericResponse(STATUS_CODE.OK, 'Plan deleted.');
+          } else if (path.startsWith('/update/')) {
+            const planId = path.replace('/update/', '');
+            const planMatch = await dbClient.query('SELECT ownerId FROM plans WHERE id = ?', [planId]).catch(() => {
+              failed = true;
+            });
+            if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't read DB.");
+            if (!planMatch.length) return genericResponse(STATUS_CODE.NotFound, 'Plan ID does not exist.');
+            if (planMatch[0].ownerId !== id) return genericResponse(STATUS_CODE.Forbidden, "You don't own this plan.");
+
+            await dbClient.execute('UPDATE plans SET data = ? WHERE id = ?', [body.data, planId]).catch(() => {
+              failed = true;
+            });
+            if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't update DB.");
+            return genericResponse(STATUS_CODE.OK, 'Plan updated.');
+          } else if (path.startsWith('/rename/')) {
+            if (body.planName.trim().length > 200) return genericResponse(STATUS_CODE.BadRequest, 'Name too long.');
+
+            const planId = path.replace('/rename/', '');
+            const planMatch = await dbClient.query('SELECT ownerId FROM plans WHERE id = ?', [planId]).catch(() => {
+              failed = true;
+            });
+            if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't read DB.");
+            if (!planMatch.length) return genericResponse(STATUS_CODE.NotFound, 'Plan ID does not exist.');
+            if (planMatch[0].ownerId !== id) return genericResponse(STATUS_CODE.Forbidden, "You don't own this plan.");
+
+            await dbClient.execute('UPDATE plans SET name = ? WHERE id = ?', [body.planName, planId]).catch(() => {
+              failed = true;
+            });
+            if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't update DB.");
+            return genericResponse(STATUS_CODE.OK, 'Plan renamed.');
+          } else if (path.startsWith('/move/')) {
+            if (body.planName.trim().length > 200) return genericResponse(STATUS_CODE.BadRequest, 'Folder name too long.');
+
+            const planId = path.replace('/move/', '');
+            const planMatch = await dbClient.query('SELECT ownerId FROM plans WHERE id = ?', [planId]).catch(() => {
+              failed = true;
+            });
+            if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't read DB.");
+            if (!planMatch.length) return genericResponse(STATUS_CODE.NotFound, 'Plan ID does not exist.');
+            if (planMatch[0].ownerId !== id) return genericResponse(STATUS_CODE.Forbidden, "You don't own this plan.");
+
+            await dbClient.execute('UPDATE plans SET folder = ? WHERE id = ?', [body.folder, planId]).catch(() => {
+              failed = true;
+            });
+            if (failed) return genericResponse(STATUS_CODE.InternalServerError, "Couldn't update DB.");
+            return genericResponse(STATUS_CODE.OK, 'Plan moved.');
           }
           break;
         case 'DELETE':