fixes

packages/loot-core/src/server/admin/app.ts

@@ -3,7 +3,7 @@ import * as asyncStorage from '../../platform/server/asyncStorage';
 import { UserAvailable, UserEntity } from '../../types/models/user';
 import { UserAccessEntity } from '../../types/models/userAccess';
 import { createApp } from '../app';
-import { get, patch, post } from '../post';
+import { del, get, patch, post } from '../post';
 import { getServer } from '../server-config';
 
 import { AdminHandlers } from './types/handlers';
@@ -109,27 +109,6 @@ app.method('user-update', async function (user) {
   return null;
 });
 
-app.method('check-file-access', async function (fileId) {
-  const userToken = await asyncStorage.getItem('user-token');
-
-  if (userToken) {
-    const res = await get(
-      `${getServer().BASE_SERVER + '/admin/access/check-access'}?fileId=${fileId}`,
-      {
-        headers: {
-          'X-ACTUAL-TOKEN': userToken,
-        },
-      },
-    );
-
-    if (res) {
-      return JSON.parse(res) as { granted: boolean };
-    }
-  }
-
-  return { granted: false };
-});
-
 app.method('access-get', async function (fileId) {
   const userToken = await asyncStorage.getItem('user-token');
 
@@ -173,8 +152,8 @@ app.method('access-delete-all', async function ({ fileId, ids }) {
   const userToken = await asyncStorage.getItem('user-token');
   if (userToken) {
     try {
-      const res = await post(
-        getServer().BASE_SERVER + `/admin/access/delete-all?fileId=${fileId}`,
+      const res = await del(
+        getServer().BASE_SERVER + `/admin/access?fileId=${fileId}`,
         {
           token: userToken,
           ids,
@@ -254,16 +233,6 @@ app.method('file-owner-get', async function (fileId) {
   return null;
 });
 
-app.method('auth-mode', async function () {
-  const res = await get(getServer().BASE_SERVER + '/admin/auth-mode/');
-
-  if (res) {
-    return (JSON.parse(res)?.method as string) || '';
-  }
-
-  return null;
-});
-
 app.method('multiuser-get', async function () {
   const res = await get(getServer().BASE_SERVER + '/admin/multiuser/');
 

packages/loot-core/src/server/admin/types/handlers.ts

@@ -51,8 +51,6 @@ export interface AdminHandlers {
 
   'file-owner-get': (fileId: string) => Promise<UserEntity | null>;
 
-  'auth-mode': () => Promise<string>;
-
   'multiuser-get': () => Promise<boolean | null>;
 
   'owner-created': () => Promise<boolean>;

packages/loot-core/src/server/post.ts

@@ -67,6 +67,54 @@ export async function post(url, data, headers = {}, timeout = null) {
   return res.data;
 }
 
+export async function del(url, data, headers = {}, timeout = null) {
+  let text;
+  let res;
+
+  try {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), timeout);
+    const signal = timeout ? controller.signal : null;
+    res = await fetch(url, {
+      method: 'DELETE',
+      body: JSON.stringify(data),
+      signal,
+      headers: {
+        ...headers,
+        'Content-Type': 'application/json',
+      },
+    });
+    clearTimeout(timeoutId);
+    text = await res.text();
+  } catch (err) {
+    throw new PostError('network-failure');
+  }
+
+  throwIfNot200(res, text);
+
+  try {
+    res = JSON.parse(text);
+  } catch (err) {
+    // Something seriously went wrong. TODO handle errors
+    throw new PostError('parse-json', { meta: text });
+  }
+
+  if (res.status !== 'ok') {
+    console.log(
+      'API call failed: ' +
+        url +
+        '\nData: ' +
+        JSON.stringify(data, null, 2) +
+        '\nResponse: ' +
+        JSON.stringify(res, null, 2),
+    );
+
+    throw new PostError(res.description || res.reason || 'unknown');
+  }
+
+  return res.data;
+}
+
 export async function patch(url, data, headers = {}, timeout = null) {
   let text;
   let res;