From 70e14ec63ce170a6a3b4db71c0a1d53a2fd25be3 Mon Sep 17 00:00:00 2001
From: Tueem <tueem@tomatentum.net>
Date: Wed, 27 May 2026 23:07:35 +0200
Subject: [PATCH] feat(page): add Page action endpoints

---
 internal/routes/pages.go | 80 ++++++++++++++++++++++++++++++++++++++++
 internal/server/http.go  | 16 ++++++++
 2 files changed, 96 insertions(+)
 create mode 100644 internal/routes/pages.go

diff --git a/internal/routes/pages.go b/internal/routes/pages.go
new file mode 100644
index 0000000..689d5c7
--- /dev/null
+++ b/internal/routes/pages.go
@@ -0,0 +1,80 @@
+package routes
+
+import (
+	"encoding/json"
+	"io"
+	"net/http"
+	"strconv"
+
+	"tomatentum.net/svg-templater/pkg/svg"
+	"tomatentum.net/svg-templater/pkg/svg/actions"
+)
+
+func AddPage(w http.ResponseWriter, r *http.Request) {
+	if err := r.ParseMultipartForm(128000000); err != nil {
+		http.Error(w, "Couldn't parse form data.", http.StatusBadRequest)
+		return
+	}
+
+	fileheaders := r.MultipartForm.File["files"]
+
+	id := r.PathValue("id")
+
+	pages := make([]svg.TemplatePage, len(fileheaders))
+
+	for i, fileh := range fileheaders {
+		file, err := fileh.Open()
+
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusBadRequest)
+			return
+		}
+
+		buf, err := io.ReadAll(file)
+
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusBadRequest)
+			return
+		}
+
+		page, err := actions.AddPage(id, buf)
+
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		pages[i] = page
+	}
+
+	err := json.NewEncoder(w).Encode(pages)
+
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+}
+
+func DeletePage(w http.ResponseWriter, r *http.Request) {
+
+	id, pagestring := r.PathValue("id"), r.PathValue("page")
+
+	page, err := strconv.Atoi(pagestring)
+
+	if err != nil {
+		http.Error(w, "Page must be a number", http.StatusBadRequest)
+		return
+	}
+
+	ok, err := actions.DeletePage(id, page)
+
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	if !ok {
+		http.Error(w, "Could not delete page", http.StatusInternalServerError)
+		return
+	}
+}
diff --git a/internal/server/http.go b/internal/server/http.go
index 4ef5bc6..a5baaef 100644
--- a/internal/server/http.go
+++ b/internal/server/http.go
@@ -43,6 +43,22 @@ func PrepareHTTP() {
 		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
 
 	})
+
+	registerAuthorizedFunc("/svg/{id}/page/", func(w http.ResponseWriter, r *http.Request) {
+		if r.Method != "POST" {
+			http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+			return
+		}
+		routes.AddPage(w, r)
+	})
+
+	registerAuthorizedFunc("/svg/{id}/page/{page}", func(w http.ResponseWriter, r *http.Request) {
+		if r.Method != "DELETE" {
+			http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+			return
+		}
+		routes.DeletePage(w, r)
+	})
 	registerAuthorizedFunc("/font/", func(w http.ResponseWriter, r *http.Request) {
 		switch r.Method {
 		case "GET":