refactor(data): simplify ownership check in delete handler

fulleni · fulleni · commit a921be965c56 · 2025-08-08T10:23:06.000+01:00
- Remove redundant ownership check logic from _handleDelete function
- Add comment about middleware handling authorization and ownership checks
- Simplify userIdForRepoCall assignment using ternary operator
- Remove unnecessary fetched item storage before deletion
diff --git a/routes/api/v1/data/[id]/index.dart b/routes/api/v1/data/[id]/index.dart
@@ -426,94 +426,17 @@ Future<Response> _handleDelete(
   User authenticatedUser,
   PermissionService permissionService,
 ) async {
-  // Authorization check is handled by authorizationMiddleware before this.
-  // This handler only needs to perform the ownership check if required.
-
-  // Determine userId for repository call based on ModelConfig (for data scoping/ownership enforcement)
-  String? userIdForRepoCall;
-  // If the model is user-owned, pass the authenticated user's ID to the repository
-  // for ownership enforcement. Otherwise, pass null.
-  if (modelConfig.getOwnerId != null &&
-      !permissionService.isAdmin(authenticatedUser)) {
-    userIdForRepoCall = authenticatedUser.id;
-  } else {
-    userIdForRepoCall = null;
-  }
-
-  // --- Handler-Level Ownership Check (for DELETE) ---
-  // For DELETE, we need to fetch the item *before* attempting deletion
-  // to perform the ownership check if required.
-  dynamic itemToDelete;
-  if (modelConfig.deletePermission.requiresOwnershipCheck &&
-      !permissionService.isAdmin(authenticatedUser)) {
-    // Ensure getOwnerId is provided for models requiring ownership check
-    if (modelConfig.getOwnerId == null) {
-      _logger.severe(
-        'Configuration Error: Model "$modelName" requires '
-        'ownership check for DELETE but getOwnerId is not provided.',
-      );
-      // Throw an exception to be caught by the errorHandler
-      throw const OperationFailedException(
-        'Internal Server Error: Model configuration error.',
-      );
-    }
-    // Fetch the item to check ownership. Use userIdForRepoCall for scoping.
-    // Repository exceptions (like NotFoundException) will propagate up to the errorHandler.
-    switch (modelName) {
-      case 'headline':
-        final repo = context.read<DataRepository<Headline>>();
-        itemToDelete = await repo.read(id: id, userId: userIdForRepoCall);
-      case 'topic':
-        final repo = context.read<DataRepository<Topic>>();
-        itemToDelete = await repo.read(id: id, userId: userIdForRepoCall);
-      case 'source':
-        final repo = context.read<DataRepository<Source>>();
-        itemToDelete = await repo.read(id: id, userId: userIdForRepoCall);
-      case 'country':
-        final repo = context.read<DataRepository<Country>>();
-        itemToDelete = await repo.read(id: id, userId: userIdForRepoCall);
-      case 'language':
-        final repo = context.read<DataRepository<Language>>();
-        itemToDelete = await repo.read(id: id, userId: userIdForRepoCall);
-      case 'user':
-        final repo = context.read<DataRepository<User>>();
-        itemToDelete = await repo.read(id: id, userId: userIdForRepoCall);
-      case 'user_app_settings': // New case for UserAppSettings
-        final repo = context.read<DataRepository<UserAppSettings>>();
-        itemToDelete = await repo.read(id: id, userId: userIdForRepoCall);
-      case 'user_content_preferences': // New case for UserContentPreferences
-        final repo = context.read<DataRepository<UserContentPreferences>>();
-        itemToDelete = await repo.read(id: id, userId: userIdForRepoCall);
-      case 'remote_config': // New case for RemoteConfig (delete by admin)
-        final repo = context.read<DataRepository<RemoteConfig>>();
-        itemToDelete = await repo.read(
-          id: id,
-          userId: userIdForRepoCall,
-        ); // userId should be null for AppConfig
-      default:
-        _logger.severe(
-          'Unsupported model type "$modelName" reached _handleDelete ownership check.',
-        );
-        // Throw an exception to be caught by the errorHandler
-        throw OperationFailedException(
-          'Unsupported model type "$modelName" reached handler.',
-        );
-    }
-
-    // Perform the ownership check if the item was found
-    if (itemToDelete != null) {
-      final itemOwnerId = modelConfig.getOwnerId!(itemToDelete);
-      if (itemOwnerId != authenticatedUser.id) {
-        // If the authenticated user is not the owner, deny access.
-        // Throw ForbiddenException to be caught by the errorHandler
-        throw const ForbiddenException(
-          'You do not have permission to delete this specific item.',
-        );
-      }
-    }
-    // If itemToDelete is null here, it means the item wasn't found during the read.
-    // The subsequent delete call will likely throw NotFoundException, which is correct.
-  }
+  // Authorization and ownership checks are handled by the middleware.
+  // The `ownershipCheckMiddleware` has already verified that the user is
+  // the owner if required. This handler's only job is to perform the deletion.
+
+  // Determine the userId for the repository call. For non-admins, this
+  // provides an additional layer of security at the database level.
+  final userIdForRepoCall =
+      (modelConfig.getOwnerId != null &&
+          !permissionService.isAdmin(authenticatedUser))
+      ? authenticatedUser.id
+      : null;
 
   // Allow repository exceptions (e.g., NotFoundException) to propagate
   // upwards to be handled by the standard error handling mechanism.
