From d1699f9af8cb7457f248bf71197535221f3d9472 Mon Sep 17 00:00:00 2001
From: Tim <contact@bytim.eu>
Date: Sun, 25 May 2025 16:51:34 +0200
Subject: Do not allow deleting root category

---
 src/chef/pages/admin.clj     | 11 ++++++-----
 src/chef/pages/admin/api.clj | 15 ++++++++-------
 2 files changed, 14 insertions(+), 12 deletions(-)

(limited to 'src/chef/pages')

diff --git a/src/chef/pages/admin.clj b/src/chef/pages/admin.clj
index 859dda4..e38dac3 100644
--- a/src/chef/pages/admin.clj
+++ b/src/chef/pages/admin.clj
@@ -39,11 +39,12 @@
           :hx-post (str "/api/admin/create-category"
                         (when (pos? (:categories/id data)) (str "?parent=" (:categories/id data))))
           :hx-swap "none"}]
-   [:img {:src       "/static/icons/trash.svg" :height "30em"
-          :style     {:vertical-align :middle
-                      :margin-left    "1em"}
-          :hx-delete (str "/api/admin/delete-category/" (:categories/id data))
-          :hx-swap   "none"}]
+   (when (pos? (:categories/id data))
+     [:img {:src       "/static/icons/trash.svg" :height "30em"
+            :style     {:vertical-align :middle
+                        :margin-left    "1em"}
+            :hx-delete (str "/api/admin/delete-category/" (:categories/id data))
+            :hx-swap   "none"}])
    [:ul
     (for [child children]
       (render-category child (->> (sql/format {:select [:*]
diff --git a/src/chef/pages/admin/api.clj b/src/chef/pages/admin/api.clj
index 38f40f7..ff11672 100644
--- a/src/chef/pages/admin/api.clj
+++ b/src/chef/pages/admin/api.clj
@@ -31,13 +31,14 @@
   (cutils/auth-only req
                     (if-let [id (try (Integer/parseInt (get-in req [:path-params :id]))
                                      (catch Exception _ nil))]
-                      (do (jdbc/execute! @cdb/db
-                                         (sql/format {:delete-from [:categories]
-                                                      :where       [:= :id id]}))
-                          (delete-category-children! id)
-                          (-> (ruresp/response "Deleted.")
-                              (ruresp/status 200)
-                              (ruresp/header "HX-Refresh" "true")))
+                      (when (not= id -1)
+                        (do (jdbc/execute! @cdb/db
+                                           (sql/format {:delete-from [:categories]
+                                                        :where       [:= :id id]}))
+                            (delete-category-children! id)
+                            (-> (ruresp/response "Deleted.")
+                                (ruresp/status 200)
+                                (ruresp/header "HX-Refresh" "true"))))
                       (ruresp/bad-request "Bad request."))))
 
 (defn edit-category [req]
-- 
cgit v1.2.3