Can delete a membership

2025-11-04 12:14:12 +00:00 · 2018-07-07 16:15:14 +02:00
parent 5f4dc54ab3
commit 4fd5cfde37
2 changed files with 56 additions and 2 deletions
--- a/RestControllers/GroupsController.php
+++ b/RestControllers/GroupsController.php
@@ -314,7 +314,7 @@ class GroupsController {

 		user_login_required();

-		//Get the ID of the target gropu
+		//Get the ID of the target group
 		$groupID = getPostGroupIdWithAccess("id", GroupInfo::LIMITED_ACCESS);

 		//Check if the user is currently only a visitor of the website
@@ -343,6 +343,45 @@ class GroupsController {
 		return array("success" => "The membership has been successfully saved!");
 	}

+	/**
+	 * Delete the member from the group
+	 * 
+	 * @url POST /groups/delete_member
+	 */
+	public function deleteMember() : array {
+
+		user_login_required();
+
+		//Get the ID of the target group
+		$groupID = getPostGroupIdWithAccess("groupID", GroupInfo::MODERATOR_ACCESS);
+		$currUserLevel = components()->groups->getMembershipLevel(userID, $groupID);
+
+		//Get the ID of the member
+		$userID = getPostUserID("userID");
+
+		if($userID == userID && $currUserLevel == GroupMember::ADMINISTRATOR){
+
+			//Count the number of admin in the group
+			if(components()->groups->countMembersAtLevel($groupID, GroupMember::ADMINISTRATOR) == 1)
+				Rest_fatal_error(401, "You are the last administrator of this group!");
+
+		}
+
+		//Get the current membership level
+		$level = components()->groups->getMembershipLevel($userID, $groupID);
+
+		//Check if the user is more than a member. In this case, only an administrator can delete him
+		if($level < GroupMember::MEMBER && $currUserLevel != GroupMember::ADMINISTRATOR)
+			Rest_fatal_error(401, "Only an administrator can delete this membership!");
+		
+		//Delete the membership
+		if(!components()->groups->deleteMembershipWithStatus($userID, $groupID, $level))
+			Rest_fatal_error(500, "Could not delete membership!");
+
+		//Success
+		return array("success" => "The membership has been successfully deleted!");
+	}
+
 	/**
 	 * Parse a GroupInfo object into an array for the API
 	 * 
--- a/classes/components/GroupsComponent.php
+++ b/classes/components/GroupsComponent.php
@@ -186,6 +186,21 @@ class GroupsComponent {
 		return $this->multipleDBToGroupMember($members);
 	}

+	/**
+	 * Count the number of a kind of membership in a group
+	 * 
+	 * @param int $groupID The ID of the target group
+	 * @param int $level The membership level to count
+	 * @return int The number of administrators of the group
+	 */
+	public function countMembersAtLevel(int $groupID, int $level) : int {
+		return db()->count(
+			self::GROUPS_MEMBERS_TABLE,
+			"WHERE groups_id = ? AND level = ?",
+			array($groupID, $level)
+		);
+	}
+
 	/**
 	 * Insert a new group member
 	 * 
@@ -240,7 +255,7 @@ class GroupsComponent {
 	 * @param int $status The status of the membership to delete
 	 * @return bool TRUE for a success / FALSE else
 	 */
-	private function deleteMembershipWithStatus(int $userID, int $groupID, int $status) : bool {
+	public function deleteMembershipWithStatus(int $userID, int $groupID, int $status) : bool {
 		return db()->deleteEntry(
 			self::GROUPS_MEMBERS_TABLE,
 			"groups_id = ? AND user_id = ? AND level = ?",