add delete handler

[leafo]

Summary by CodeRabbit

• New Features

  • Added a read-only configuration option for storage
  • Implemented a bulk file deletion endpoint at "/delete"

• Improvements

  • Enhanced server routing to support file deletion requests
  • Added support for asynchronous file deletion with optional callback mechanism

[coderabbitai]

Walkthrough

A new feature for bulk file deletion has been introduced in the zipserver. The changes include adding a Readonly flag to the storage configuration to prevent write operations, implementing a deleteHandler function to manage asynchronous file deletions, and registering a new "/delete" HTTP endpoint in the server. The implementation supports optional callback URLs and provides concurrent, timeout-managed deletion operations with detailed result tracking.

Changes

File	Change Summary
zipserver/config.go	Added Readonly bool field to StorageConfig struct
zipserver/delete_handler.go	New file introducing deleteHandler function and DeleteResult struct for bulk file deletion
zipserver/server.go	Added HTTP handler for "/delete" endpoint using deleteHandler

Sequence Diagram

sequenceDiagram
    participant Client
    participant Server
    participant StorageManager
    participant CallbackService

    Client->>Server: POST /delete with file keys
    Server->>Server: Validate request
    Server->>StorageManager: Acquire locks
    StorageManager-->>Server: Locks acquired
    Server->>Server: Spawn deletion goroutines
    Server->>CallbackService: Optional: Send results to callback URL
    Server->>Client: Return deletion results

Loading

Poem

🐰 Deletion dance, files take flight
Async and swift, with locks held tight
Readonly guard, a gentle embrace
Keys vanish without a trace
Zipserver's magic, clean and bright! 🗑️

✨ Finishing Touches

• 📝 Docstrings were successfully generated. (♻️ Check again to generate again)

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (4)

zipserver/delete_handler.go (4)

15-15: Consider prioritizing the lock table implementation or removing the TODO.
This TODO suggests a global lock table is needed but there's already a deleteLockTable present. Either finalize the global lock approach or remove the comment to avoid confusion.

---

25-28: Improve error handling for ParseForm failures.
Currently, the user receives a generic error. Consider returning a more descriptive message to guide debugging, e.g., "Failed to parse form: [error]".

-if err != nil {
-  return err
+if err != nil {
+  return fmt.Errorf("Failed to parse request form: %v", err)
}

---

50-52: Allow read-only skip instead of error.
Environments with read-only storage likely won't perform deletions. Instead of returning an error, consider silently skipping or logging a warning to avoid blocking other deletions for non-read-only targets.

---

59-102: Optimize storage client creation.
Creating a new storage client per key can be expensive if there are many keys. Consider reusing the storage client outside the loop for better performance.

- for _, key := range keys {
-   wg.Add(1)
-   go (func(key string) {
-     ...
-     storage, err := storageTargetConfig.NewStorageClient()
-     ...
-   })(key)
- }

+ storage, err := storageTargetConfig.NewStorageClient()
+ if err != nil {
+   return fmt.Errorf("Failed to create storage client: %v", err)
+ }
+ for _, key := range keys {
+   wg.Add(1)
+   go (func(key string, storage StorageClient) {
+     ...
+   })(key, storage)
+ }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b4f3e1e and dfd9e89.

📒 Files selected for processing (3)

• zipserver/config.go (1 hunks)
• zipserver/delete_handler.go (1 hunks)
• zipserver/server.go (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: build

🔇 Additional comments (2)

zipserver/config.go (1)

75-77: Verify delete handler integration with the Readonly flag.

Since this change is part of adding a delete handler feature:

1. Ensure the delete handler properly respects this flag before attempting deletions
2. Consider adding tests to verify the behavior when:
   • Attempting to delete from a readonly target
   • Switching a target from writable to readonly with pending operations

Let's verify the integration:

✅ Verification successful

The Readonly flag is properly integrated with the delete handler ✅

The delete handler in delete_handler.go correctly checks the Readonly flag and prevents deletions on readonly storage targets with a clear error message:

if storageTargetConfig.Readonly {
    return fmt.Errorf("Target storage is readonly: %s", targetName)
}

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for usage of the Readonly flag in the delete handler
echo "Searching for delete handler's readonly check..."
rg -p "Readonly.*delete" --type go

# Look for related tests
echo "Searching for related tests..."
rg -p "Test.*Readonly.*Delete|Test.*Delete.*Readonly" --type go

Length of output: 283

---

Script:

#!/bin/bash
# Find delete handler implementation
echo "Searching for delete handler..."
rg -p "func.*[Dd]elete" --type go -A 5

echo "Searching for Readonly flag usage..."
rg -p "Readonly" --type go -A 5

# Look for write operation checks
echo "Searching for write operation checks..."
ast-grep --pattern 'if $_.Readonly {
  $$$
}'

Length of output: 2408

zipserver/server.go (1)

105-105: Confirm the HTTP method constraint for the “/delete” endpoint.
Users may expect only DELETE requests to be valid for a “/delete” path. Consider enforcing a check on r.Method == "DELETE" or clarifying in documentation if POST is intended.

+func deleteHandler(w http.ResponseWriter, r *http.Request) error {
+  if r.Method != http.MethodDelete {
+    return fmt.Errorf("Method not allowed")
+  }
+  ...
+}

[coderabbitai]

🛠️ Refactor suggestion

Document the Readonly field and implement validation.

The new Readonly field needs attention in several areas:

1. Replace the TODO with proper documentation explaining:

   • The purpose and behavior of this flag
   • The implications of setting it to true/false
   • Whether it affects existing files or only new operations

2. Consider adding validation in the Validate() method to ensure consistent behavior.

Here's a suggested implementation:

-	// TODO: use this field to prevent write operations to this storage config
-	Readonly bool `json:",omitempty"`
+	// Readonly, when set to true, prevents all write operations (create/update/delete)
+	// to this storage target. This is useful for protecting critical storage targets
+	// from accidental modifications.
+	Readonly bool `json:",omitempty"`

Add to the Validate() method:

// Add this check in the Validate() method
if s.Readonly {
    // Optionally validate that this target isn't used in any write-required configurations
    // For example, if this target is referenced as a destination for file copies
}

[coderabbitai]

⚠️ Potential issue

Ensure notification reliability in async callback scenario.
The current implementation does not handle callback failures or timeouts. If the request to the callback URL fails, we lose the deletion status. Consider adding retry logic or logging callback failures.

[coderabbitai]

💡 Codebase verification

Empty keys array validation is needed
The current code would return success without performing any deletions if an empty keys array is provided. The suggested fix correctly validates both missing and empty array cases.

🔗 Analysis chain

Validate empty keys input more thoroughly.
If keys[] is present in the request but the array is empty, this will pass the current check. Consider validating it has at least one value.

-keys, ok := r.Form["keys[]"]
-if !ok {
-  return fmt.Errorf("Missing keys[] parameter")
+keys := r.Form["keys[]"]
+if len(keys) == 0 {
+  return fmt.Errorf("Missing or empty keys[] parameter")
}

🏁 Scripts executed

The following scripts were executed for the analysis:

Error: No shell scripts found

---

Script:

#!/bin/bash

# Search for "keys[]" usage in the codebase
echo "=== Searching for keys[] parameter usage ==="
rg "keys\[\]" -A 3 -B 3

# Get full context of delete_handler.go
echo -e "\n=== Full context of delete_handler.go ==="
cat zipserver/delete_handler.go

# Find similar form parameter validation patterns
echo -e "\n=== Finding similar form parameter validation patterns ==="
ast-grep --pattern 'r.Form[$_]'

Length of output: 4118

[coderabbitai]

Note

Generated docstrings for this pull request, at #13