// title: remove role
// path: /roles/{name}
// method: DELETE
// responses:
// 200: Role removed
// 401: Unauthorized
// 404: Role not found
func removeRole(w http.ResponseWriter, r *http.Request, t auth.Token) (err error) {
r.ParseForm()
if !permission.Check(t, permission.PermRoleDelete) {
return permission.ErrUnauthorized
}
roleName := r.URL.Query().Get(":name")
evt, err := event.New(&event.Opts{
Target: event.Target{Type: event.TargetTypeRole, Value: roleName},
Kind: permission.PermRoleDelete,
Owner: t,
CustomData: event.FormToCustomData(r.Form),
Allowed: event.Allowed(permission.PermRoleReadEvents),
})
if err != nil {
return err
}
defer func() { evt.Done(err) }()
err = auth.RemoveRoleFromAllUsers(roleName)
if err != nil {
return err
}
err = permission.DestroyRole(roleName)
if err == permission.ErrRoleNotFound {
return &errors.HTTP{Code: http.StatusNotFound, Message: err.Error()}
}
return err
}
func removeRole(w http.ResponseWriter, r *http.Request, t auth.Token) error {
if !permission.Check(t, permission.PermRoleDelete) {
return permission.ErrUnauthorized
}
roleName := r.URL.Query().Get(":name")
err := auth.RemoveRoleFromAllUsers(roleName)
if err != nil {
return err
}
err = permission.DestroyRole(roleName)
if err == permission.ErrRoleNotFound {
return &errors.HTTP{Code: http.StatusNotFound, Message: err.Error()}
}
return err
}
