// Delete handles DELETE
func (ctl *AuthController) Delete(c *models.Context) {
// Extract access token from request and delete its record
m, status, err := models.GetAccessToken(c.RouteVars["id"])
if err != nil {
c.RespondWithErrorMessage(
fmt.Sprintf("Error retrieving access token: %v", err.Error()),
status,
)
return
}
status, err = m.Delete()
if err != nil {
c.RespondWithErrorMessage(
fmt.Sprintf("Error deleting access token: %v", err.Error()),
status,
)
return
}
audit.Delete(
c.Site.ID,
h.ItemTypes[h.ItemTypeAuth],
m.UserID,
c.Auth.ProfileID,
time.Now(),
c.IP,
)
c.RespondWithOK()
}
// Delete handles DELETE
func (ctl *UserController) Delete(c *models.Context) {
_, _, itemID, status, err := c.GetItemTypeAndItemID()
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
m, status, err := models.GetUser(itemID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
if !models.UserIsOnSite(m.ID, c.Site.ID) {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
status, err = m.Delete()
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
audit.Delete(
c.Site.ID,
h.ItemTypes[h.ItemTypeUser],
itemID,
c.Auth.ProfileID,
time.Now(),
c.IP,
)
c.RespondWithOK()
}
// Delete handles DELETE
func (ctl *RoleController) Delete(c *models.Context) {
// Validate inputs
var microcosmID int64
if sid, exists := c.RouteVars["microcosm_id"]; exists {
id, err := strconv.ParseInt(sid, 10, 64)
if err != nil {
c.RespondWithErrorMessage("microcosm_id in URL is not a number", http.StatusBadRequest)
return
}
microcosmID = id
}
roleID, err := strconv.ParseInt(c.RouteVars["role_id"], 10, 64)
if err != nil {
c.RespondWithErrorMessage("microcosm_id in URL is not a number", http.StatusBadRequest)
return
}
// Start Authorisation
perms := models.GetPermission(
models.MakeAuthorisationContext(c, microcosmID, h.ItemTypes[h.ItemTypeMicrocosm], microcosmID),
)
if microcosmID > 0 {
// Related to a Microcosm
if !perms.IsModerator && !c.Auth.IsSiteOwner {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
} else {
// Default role for the site
if !c.Auth.IsSiteOwner {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
}
m, status, err := models.GetRole(c.Site.ID, microcosmID, roleID, c.Auth.ProfileID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
status, err = m.Delete()
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
audit.Delete(
c.Site.ID,
h.ItemTypes[h.ItemTypeRole],
m.ID,
c.Auth.ProfileID,
time.Now(),
c.IP,
)
c.RespondWithOK()
}
// DeleteMany handles DELETE for the collection
func (ctl *AttributesController) DeleteMany(c *models.Context) {
_, itemTypeID, itemID, status, err := c.GetItemTypeAndItemID()
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
ems := []models.AttributeType{}
err = c.Fill(&ems)
if err != nil {
c.RespondWithErrorMessage(
fmt.Sprintf("The post data is invalid: %v", err.Error()),
http.StatusBadRequest,
)
return
}
for _, v := range ems {
if strings.Trim(v.Key, " ") == "" {
c.RespondWithErrorMessage(
"key must be supplied with every attribute when deleting multiple attributes",
http.StatusBadRequest,
)
return
}
}
perms := models.GetPermission(models.MakeAuthorisationContext(c, 0, itemTypeID, itemID))
if !perms.CanDelete {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
status, err = models.DeleteManyAttributes(itemTypeID, itemID, ems)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
for _, m := range ems {
audit.Delete(
c.Site.ID,
h.ItemTypes[h.ItemTypeAttribute],
m.ID,
c.Auth.ProfileID,
time.Now(),
c.IP,
)
}
c.RespondWithOK()
}
// Delete handles DELETE
func (ctl *CommentController) Delete(c *models.Context) {
_, itemTypeID, itemID, status, err := c.GetItemTypeAndItemID()
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
// Start Authorisation
perms := models.GetPermission(
models.MakeAuthorisationContext(
c, 0, itemTypeID, itemID),
)
if !perms.CanDelete {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
// End Authorisation
// Partially instantiated type for Id passing
m, status, err := models.GetCommentSummary(c.Site.ID, itemID)
if err != nil {
if status == http.StatusNotFound {
c.RespondWithOK()
return
}
c.RespondWithErrorDetail(err, status)
return
}
// Delete resource
status, err = m.Delete(c.Site.ID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
audit.Delete(
c.Site.ID,
h.ItemTypes[h.ItemTypeComment],
m.ID,
c.Auth.ProfileID,
time.Now(),
c.IP,
)
c.RespondWithOK()
}
// Delete handles DELETE
func (ctl *HuddleController) Delete(c *models.Context) {
_, itemTypeID, itemID, status, err := c.GetItemTypeAndItemID()
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
// Start Authorisation
perms := models.GetPermission(
models.MakeAuthorisationContext(
c, 0, itemTypeID, itemID),
)
if !perms.CanDelete {
c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden)
return
}
// End Authorisation
m, status, err := models.GetHuddle(c.Site.ID, c.Auth.ProfileID, itemID)
if err != nil {
if status == http.StatusNotFound {
c.RespondWithOK()
return
}
c.RespondWithErrorDetail(err, status)
return
}
status, err = m.Delete(c.Site.ID, c.Auth.ProfileID)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
audit.Delete(
c.Site.ID,
h.ItemTypes[h.ItemTypeHuddle],
m.ID,
c.Auth.ProfileID,
time.Now(),
c.IP,
)
c.RespondWithOK()
}
// Delete handles DELETE
func (ctl *AttributeController) Delete(c *models.Context) {
_, itemTypeID, itemID, status, err := c.GetItemTypeAndItemID()
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
key := c.RouteVars["key"]
m := models.AttributeType{}
m.Key = key
attributeID, status, err := models.GetAttributeID(itemTypeID, itemID, m.Key)
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
m.ID = attributeID
status, err = m.Delete()
if err != nil {
c.RespondWithErrorDetail(err, status)
return
}
audit.Delete(
c.Site.ID,
h.ItemTypes[h.ItemTypeAttribute],
m.ID,
c.Auth.ProfileID,
time.Now(),
c.IP,
)
c.RespondWithOK()
}
