// Delete handles DELETE func (ctl *AuthController) Delete(c *models.Context) { // Extract access token from request and delete its record m, status, err := models.GetAccessToken(c.RouteVars["id"]) if err != nil { c.RespondWithErrorMessage( fmt.Sprintf("Error retrieving access token: %v", err.Error()), status, ) return } status, err = m.Delete() if err != nil { c.RespondWithErrorMessage( fmt.Sprintf("Error deleting access token: %v", err.Error()), status, ) return } audit.Delete( c.Site.ID, h.ItemTypes[h.ItemTypeAuth], m.UserID, c.Auth.ProfileID, time.Now(), c.IP, ) c.RespondWithOK() }
// Delete handles DELETE func (ctl *UserController) Delete(c *models.Context) { _, _, itemID, status, err := c.GetItemTypeAndItemID() if err != nil { c.RespondWithErrorDetail(err, status) return } m, status, err := models.GetUser(itemID) if err != nil { c.RespondWithErrorDetail(err, status) return } if !models.UserIsOnSite(m.ID, c.Site.ID) { c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden) return } status, err = m.Delete() if err != nil { c.RespondWithErrorDetail(err, status) return } audit.Delete( c.Site.ID, h.ItemTypes[h.ItemTypeUser], itemID, c.Auth.ProfileID, time.Now(), c.IP, ) c.RespondWithOK() }
// Delete handles DELETE func (ctl *RoleController) Delete(c *models.Context) { // Validate inputs var microcosmID int64 if sid, exists := c.RouteVars["microcosm_id"]; exists { id, err := strconv.ParseInt(sid, 10, 64) if err != nil { c.RespondWithErrorMessage("microcosm_id in URL is not a number", http.StatusBadRequest) return } microcosmID = id } roleID, err := strconv.ParseInt(c.RouteVars["role_id"], 10, 64) if err != nil { c.RespondWithErrorMessage("microcosm_id in URL is not a number", http.StatusBadRequest) return } // Start Authorisation perms := models.GetPermission( models.MakeAuthorisationContext(c, microcosmID, h.ItemTypes[h.ItemTypeMicrocosm], microcosmID), ) if microcosmID > 0 { // Related to a Microcosm if !perms.IsModerator && !c.Auth.IsSiteOwner { c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden) return } } else { // Default role for the site if !c.Auth.IsSiteOwner { c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden) return } } m, status, err := models.GetRole(c.Site.ID, microcosmID, roleID, c.Auth.ProfileID) if err != nil { c.RespondWithErrorDetail(err, status) return } status, err = m.Delete() if err != nil { c.RespondWithErrorDetail(err, status) return } audit.Delete( c.Site.ID, h.ItemTypes[h.ItemTypeRole], m.ID, c.Auth.ProfileID, time.Now(), c.IP, ) c.RespondWithOK() }
// DeleteMany handles DELETE for the collection func (ctl *AttributesController) DeleteMany(c *models.Context) { _, itemTypeID, itemID, status, err := c.GetItemTypeAndItemID() if err != nil { c.RespondWithErrorDetail(err, status) return } ems := []models.AttributeType{} err = c.Fill(&ems) if err != nil { c.RespondWithErrorMessage( fmt.Sprintf("The post data is invalid: %v", err.Error()), http.StatusBadRequest, ) return } for _, v := range ems { if strings.Trim(v.Key, " ") == "" { c.RespondWithErrorMessage( "key must be supplied with every attribute when deleting multiple attributes", http.StatusBadRequest, ) return } } perms := models.GetPermission(models.MakeAuthorisationContext(c, 0, itemTypeID, itemID)) if !perms.CanDelete { c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden) return } status, err = models.DeleteManyAttributes(itemTypeID, itemID, ems) if err != nil { c.RespondWithErrorDetail(err, status) return } for _, m := range ems { audit.Delete( c.Site.ID, h.ItemTypes[h.ItemTypeAttribute], m.ID, c.Auth.ProfileID, time.Now(), c.IP, ) } c.RespondWithOK() }
// Delete handles DELETE func (ctl *CommentController) Delete(c *models.Context) { _, itemTypeID, itemID, status, err := c.GetItemTypeAndItemID() if err != nil { c.RespondWithErrorDetail(err, status) return } // Start Authorisation perms := models.GetPermission( models.MakeAuthorisationContext( c, 0, itemTypeID, itemID), ) if !perms.CanDelete { c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden) return } // End Authorisation // Partially instantiated type for Id passing m, status, err := models.GetCommentSummary(c.Site.ID, itemID) if err != nil { if status == http.StatusNotFound { c.RespondWithOK() return } c.RespondWithErrorDetail(err, status) return } // Delete resource status, err = m.Delete(c.Site.ID) if err != nil { c.RespondWithErrorDetail(err, status) return } audit.Delete( c.Site.ID, h.ItemTypes[h.ItemTypeComment], m.ID, c.Auth.ProfileID, time.Now(), c.IP, ) c.RespondWithOK() }
// Delete handles DELETE func (ctl *HuddleController) Delete(c *models.Context) { _, itemTypeID, itemID, status, err := c.GetItemTypeAndItemID() if err != nil { c.RespondWithErrorDetail(err, status) return } // Start Authorisation perms := models.GetPermission( models.MakeAuthorisationContext( c, 0, itemTypeID, itemID), ) if !perms.CanDelete { c.RespondWithErrorMessage(h.NoAuthMessage, http.StatusForbidden) return } // End Authorisation m, status, err := models.GetHuddle(c.Site.ID, c.Auth.ProfileID, itemID) if err != nil { if status == http.StatusNotFound { c.RespondWithOK() return } c.RespondWithErrorDetail(err, status) return } status, err = m.Delete(c.Site.ID, c.Auth.ProfileID) if err != nil { c.RespondWithErrorDetail(err, status) return } audit.Delete( c.Site.ID, h.ItemTypes[h.ItemTypeHuddle], m.ID, c.Auth.ProfileID, time.Now(), c.IP, ) c.RespondWithOK() }
// Delete handles DELETE func (ctl *AttributeController) Delete(c *models.Context) { _, itemTypeID, itemID, status, err := c.GetItemTypeAndItemID() if err != nil { c.RespondWithErrorDetail(err, status) return } key := c.RouteVars["key"] m := models.AttributeType{} m.Key = key attributeID, status, err := models.GetAttributeID(itemTypeID, itemID, m.Key) if err != nil { c.RespondWithErrorDetail(err, status) return } m.ID = attributeID status, err = m.Delete() if err != nil { c.RespondWithErrorDetail(err, status) return } audit.Delete( c.Site.ID, h.ItemTypes[h.ItemTypeAttribute], m.ID, c.Auth.ProfileID, time.Now(), c.IP, ) c.RespondWithOK() }