@Override public boolean currentUserCanDeleteFamily(String familyId, boolean deleteAllMembers) { return this.familyTools.currentUserCanDeleteFamily(familyId, deleteAllMembers); }
/** * Checks if the current user can delete the family (or the family and all the members). * * @param familyId of the family to delete * @param deleteAllMembers indicator whether to check delete permissions on all family member documents as well * @return true if successful */ public boolean canDeleteFamily(String familyId, boolean deleteAllMembers) { return this.familyTools.currentUserCanDeleteFamily(familyId, deleteAllMembers); } }
/** * Checks if the current user can delete the family (or the family and all the members). * * @param familyId of the family to delete * @param deleteAllMembers indicator whether to check delete permisions on all family member documents as well * @return true if successful */ public boolean canDeleteFamily(String familyId, boolean deleteAllMembers) { return this.familyTools.currentUserCanDeleteFamily(familyId, deleteAllMembers); } }
@Override public Response deleteFamily(String id, Boolean deleteMembers) { this.logger.warn("Deleting family record [{}] via REST, deleteAllMembers = [{}]", id, deleteMembers); Family family = this.repository.getFamilyById(id); if (family == null) { this.logger.warn(NO_SUCH_FAMILY_ERROR_MESSAGE, id); return Response.status(Status.NOT_FOUND).build(); } if (this.familyTools.currentUserCanDeleteFamily(id, deleteMembers)) { this.logger.error("Delete access denied to user [{}] for family record [{}] with deleteMemebers=[{}]", this.users.getCurrentUser(), id, deleteMembers); return Response.status(Status.FORBIDDEN).build(); } if (!this.familyTools.deleteFamily(id, deleteMembers)) { return Response.status(Status.INTERNAL_SERVER_ERROR).build(); } this.logger.warn("Deleted family record [{}]", id); return Response.noContent().build(); } }
@Override public Response deleteFamily(String id, Boolean deleteMembers) { this.logger.warn("Deleting family record [{}] via REST, deleteAllMembers = [{}]", id, deleteMembers); Family family = this.repository.get(id); if (family == null) { this.logger.warn(NO_SUCH_FAMILY_ERROR_MESSAGE, id); return Response.status(Status.NOT_FOUND).build(); } if (!this.familyTools.currentUserCanDeleteFamily(id, deleteMembers)) { this.logger.error("Delete access denied to user [{}] for family record [{}] with deleteMemebers=[{}]", this.users.getCurrentUser(), id, deleteMembers); return Response.status(Status.FORBIDDEN).build(); } if (!this.familyTools.deleteFamily(id, deleteMembers)) { return Response.status(Status.INTERNAL_SERVER_ERROR).build(); } this.logger.warn("Deleted family record [{}]", id); return Response.noContent().build(); } }