Fix #4990: Allow admins to delete uploads.

Allow admins to delete media asset files. This only deletes the image file itself, not the upload or media asset record. The upload will still be in the user's upload list, but the image will be gone. The media asset page will still exist, but it will only show the file's metadata, not the image itself. We don't delete the metadata so we have a record of what the file's MD5 was and who uploaded it, to prevent the file from being uploaded again and to take action against the user if necessary.
2022-11-29 18:09:25 -06:00
parent 695568e08b
commit 756362f89e
11 changed files with 83 additions and 13 deletions
--- a/app/views/media_assets/destroy.js.erb
+++ b/app/views/media_assets/destroy.js.erb
@@ -0,0 +1 @@
+location.reload();
--- a/app/views/media_assets/show.html.erb
+++ b/app/views/media_assets/show.html.erb
@@ -73,6 +73,18 @@
                        <%= search_icon %> <%= Danbooru.config.app_name %>
                      <% end %>
                    <% end %>
+
+                    <% if policy(@media_asset).destroy? && @media_asset.post.nil? && !@media_asset.deleted? && !@media_asset.expunged? %>
+                      <% menu.item do %>
+                        <hr class="border">
+                      <% end %>
+
+                      <% menu.item do %>
+                        <%= link_to media_asset_path(@media_asset), class: "text-danger", remote: true, xhr: true, method: :delete, "data-confirm": "This will permanently delete this file. Are you sure?" do %>
+                          <%= delete_icon %> Delete file
+                        <% end %>
+                      <% end %>
+                    <% end %>
                  <% end %>
                </span>
              </div>