func (t *TopicsController) preCheckUserAdminOnTopic(ctx *gin.Context, topicName string) (*tat.Topic, error) {
topic, errfind := topicDB.FindByTopic(topicName, true, false, false, nil)
if errfind != nil {
e := errors.New(errfind.Error())
return nil, e
}
if isTatAdmin(ctx) { // if Tat admin, ok
return topic, nil
}
user, err := PreCheckUser(ctx)
if err != nil {
return nil, err
}
if !topicDB.IsUserAdmin(topic, &user) {
e := fmt.Errorf("user %s is not admin on topic %s", user.Username, topic.Topic)
ctx.JSON(http.StatusForbidden, gin.H{"error": e})
return nil, e
}
return topic, nil
}
// Delete deletes requested topic only if user is Tat admin, or admin on topic
func (t *TopicsController) Delete(ctx *gin.Context) {
topicRequest, err := GetParam(ctx, "topic")
if err != nil {
ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Invalid Topic"})
return
}
var user = tat.User{}
found, err := userDB.FindByUsername(&user, getCtxUsername(ctx))
if !found {
ctx.JSON(http.StatusInternalServerError, gin.H{"error": "User unknown"})
return
} else if err != nil {
ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Error while fetching user"})
return
}
paramJSON := tat.ParamTopicUserJSON{
Topic: topicRequest,
Username: user.Username,
Recursive: false,
}
topic, e := t.preCheckUser(ctx, ¶mJSON)
if e != nil {
return
}
// If user delete a Topic under /Private/username, no check or RW to delete
if !strings.HasPrefix(topic.Topic, "/Private/"+user.Username) {
// check if user is Tat admin or admin on this topic
hasRW := topicDB.IsUserAdmin(topic, &user)
if !hasRW {
ctx.JSON(http.StatusForbidden, gin.H{"error": fmt.Errorf("No RW access to topic %s (to delete it)", topic.Topic)})
return
}
}
c := &tat.MessageCriteria{Topic: topic.Topic, OnlyCount: "true"}
count, err := messageDB.CountMessages(c, user.Username, *topic)
if err != nil {
log.Errorf("Error while list Messages in Delete %s", err)
ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Error while list Messages in Delete topic"})
return
}
if count > 0 {
ctx.JSON(http.StatusInternalServerError, gin.H{"error": "Could not delete this topic, this topic have messages"})
return
}
if err = topicDB.Delete(topic, &user); err != nil {
ctx.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
ctx.JSON(http.StatusOK, gin.H{"info": fmt.Sprintf("Topic %s is deleted", topic.Topic)})
}