feat(move-thread): add api route for moving thread

lib/epochtalk_server_web/controllers/thread.ex

@@ -512,6 +512,68 @@ defmodule EpochtalkServerWeb.Controllers.Thread do
     end
   end
 
+
+  @doc """
+  Used to move a `Thread`
+  """
+  def move(conn, attrs) do
+    with user <- Guardian.Plug.current_resource(conn),
+         thread_id <- Validate.cast(attrs, "thread_id", :integer, required: true),
+         board_id <- Validate.cast(attrs, "board_id", :integer, required: true),
+         :ok <- ACL.allow!(conn, "threads.move"),
+         user_priority <- ACL.get_user_priority(conn),
+         {:can_read, {:ok, true}} <-
+           {:can_read, Board.get_read_access_by_thread_id(thread_id, user_priority)},
+         {:can_write, {:ok, true}} <-
+           {:can_write, Board.get_write_access_by_thread_id(thread_id, user_priority)},
+         {:is_active, true} <-
+           {:is_active, User.is_active?(user.id)},
+         {:board_banned, {:ok, false}} <-
+           {:board_banned, BoardBan.banned_from_board?(user, thread_id: thread_id)},
+         {:bypass_thread_owner, true} <-
+           {:bypass_thread_owner, can_authed_user_bypass_owner_on_thread_move(user, thread_id)},
+         {:ok, old_board_data} <- Thread.move(thread_id, board_id) do
+      render(conn, :move, old_board_data: old_board_data)
+    else
+      {:can_read, {:ok, false}} ->
+        ErrorHelpers.render_json_error(
+          conn,
+          403,
+          "Unauthorized, you do not have permission to read"
+        )
+
+      {:can_write, {:ok, false}} ->
+        ErrorHelpers.render_json_error(
+          conn,
+          403,
+          "Unauthorized, you do not have permission to write"
+        )
+
+      {:bypass_thread_owner, false} ->
+        ErrorHelpers.render_json_error(
+          conn,
+          403,
+          "Unauthorized, you do not have permission to move another user's thread"
+        )
+
+      {:board_banned, {:ok, true}} ->
+        ErrorHelpers.render_json_error(conn, 403, "Unauthorized, you are banned from this board")
+
+      {:is_active, false} ->
+        ErrorHelpers.render_json_error(
+          conn,
+          400,
+          "Account must be active to move thread"
+        )
+
+      {:error, data} ->
+        ErrorHelpers.render_json_error(conn, 400, data)
+
+      _ ->
+        ErrorHelpers.render_json_error(conn, 400, "Error, cannot move thread")
+    end
+  end
+
   @doc """
   Used to convert `Thread` slug to id
   """
@@ -685,4 +747,18 @@ defmodule EpochtalkServerWeb.Controllers.Thread do
       true
     )
   end
+
+  defp can_authed_user_bypass_owner_on_thread_move(user, thread_id) do
+    post = Thread.get_first_post_data_by_id(thread_id)
+
+    ACL.bypass_post_owner(
+      user,
+      post,
+      "threads.move",
+      "owner",
+      false,
+      true,
+      true
+    )
+  end
 end

lib/epochtalk_server_web/json/thread_json.ex

@@ -140,6 +140,19 @@ defmodule EpochtalkServerWeb.Controllers.ThreadJSON do
   def purge(%{thread: thread}),
     do: thread
 
+  @doc """
+  Renders move `Thread`.
+
+    iex> old_board_data = %{
+    iex>   old_board_id: 2,
+    iex>   old_board_name: "General Discussion"
+    iex> }
+    iex> EpochtalkServerWeb.Controllers.ThreadJSON.move(%{old_board_data: old_board_data})
+    old_board_data
+  """
+  def move(%{old_board_data: old_board_data}),
+    do: old_board_data
+
   @doc """
   Renders `Thread` id for slug to id route.
   """

lib/epochtalk_server_web/router.ex

@@ -48,6 +48,7 @@ defmodule EpochtalkServerWeb.Router do
     post "/threads", Thread, :create
     post "/threads/:thread_id/lock", Thread, :lock
     post "/threads/:thread_id/sticky", Thread, :sticky
+    post "/threads/:thread_id/move", Thread, :move
     delete "/threads/:thread_id", Thread, :purge
     post "/threads/:thread_id/polls/vote", Poll, :vote
     delete "/threads/:thread_id/polls/vote", Poll, :delete_vote