Ole-Morten Duesund
54d8ed22f4
Add DELETE /api/tags/:name (gated by isModerator(), which also passes for admins per the admin-implies-moderator invariant in roles.ts). The endpoint normalises the name the same way creation does so the URL casing doesn't matter, then deletes the tag and detaches it from every activity_tags row in one transaction. UI: new "Etiketter" nav entry visible to moderators + admins, opens a ModerateTags.svelte view with search-as-you-type (reusing the /api/tags suggestion endpoint) and a Slett button per row. Private tags are unaffected — they're encrypted in the activity payload and never reach the server tag table. Tests: 3 new cases on top of the admin suite — moderator can delete, plain user gets 403 (anonymous gets 401), unknown tag gets 404. |
||
|---|---|---|
| .. | ||
| activities.test.ts | ||
| admin.test.ts | ||
| auth.test.ts | ||
| crypto.test.ts | ||
| engagement.test.ts | ||
| friends.test.ts | ||
| helpers.ts | ||
| profile.test.ts | ||
| social.test.ts | ||