func revokeServiceAccess(w http.ResponseWriter, r *http.Request, t *auth.Token) error {
u, err := t.User()
if err != nil {
return err
}
serviceName := r.URL.Query().Get(":service")
teamName := r.URL.Query().Get(":team")
rec.Log(u.Email, "revoke-service-access", "service="+serviceName, "team="+teamName)
service, team, err := getServiceAndTeam(serviceName, teamName, u)
if err != nil {
return err
}
if len(service.Teams) < 2 {
msg := "You can not revoke the access from this team, because it is the unique team with access to this service, and a service can not be orphaned"
return &errors.HTTP{Code: http.StatusForbidden, Message: msg}
}
err = service.RevokeAccess(team)
if err != nil {
return &errors.HTTP{Code: http.StatusNotFound, Message: err.Error()}
}
conn, err := db.Conn()
if err != nil {
return err
}
return conn.Services().Update(bson.M{"_id": service.Name}, service)
}
func RevokeServiceAccessFromTeamHandler(w http.ResponseWriter, r *http.Request, u *auth.User) error {
service, t, err := getServiceAndTeam(r.URL.Query().Get(":service"), r.URL.Query().Get(":team"), u)
if err != nil {
return err
}
if len(service.Teams) < 2 {
msg := "You can not revoke the access from this team, because it is the unique team with access to this service, and a service can not be orphaned"
return &errors.Http{Code: http.StatusForbidden, Message: msg}
}
err = service.RevokeAccess(t)
if err != nil {
return &errors.Http{Code: http.StatusNotFound, Message: err.Error()}
}
conn, err := db.Conn()
if err != nil {
return err
}
return conn.Services().Update(bson.M{"_id": service.Name}, service)
}