func revokeServiceAccess(w http.ResponseWriter, r *http.Request, t *auth.Token) error {
	u, err := t.User()
	if err != nil {
		return err
	}
	serviceName := r.URL.Query().Get(":service")
	teamName := r.URL.Query().Get(":team")
	rec.Log(u.Email, "revoke-service-access", "service="+serviceName, "team="+teamName)
	service, team, err := getServiceAndTeam(serviceName, teamName, u)
	if err != nil {
		return err
	}
	if len(service.Teams) < 2 {
		msg := "You can not revoke the access from this team, because it is the unique team with access to this service, and a service can not be orphaned"
		return &errors.HTTP{Code: http.StatusForbidden, Message: msg}
	}
	err = service.RevokeAccess(team)
	if err != nil {
		return &errors.HTTP{Code: http.StatusNotFound, Message: err.Error()}
	}
	conn, err := db.Conn()
	if err != nil {
		return err
	}
	return conn.Services().Update(bson.M{"_id": service.Name}, service)
}
Example #2
0
func RevokeServiceAccessFromTeamHandler(w http.ResponseWriter, r *http.Request, u *auth.User) error {
	service, t, err := getServiceAndTeam(r.URL.Query().Get(":service"), r.URL.Query().Get(":team"), u)
	if err != nil {
		return err
	}
	if len(service.Teams) < 2 {
		msg := "You can not revoke the access from this team, because it is the unique team with access to this service, and a service can not be orphaned"
		return &errors.Http{Code: http.StatusForbidden, Message: msg}
	}
	err = service.RevokeAccess(t)
	if err != nil {
		return &errors.Http{Code: http.StatusNotFound, Message: err.Error()}
	}
	conn, err := db.Conn()
	if err != nil {
		return err
	}
	return conn.Services().Update(bson.M{"_id": service.Name}, service)
}