From e0da3a30e814d00e140862738e46cc27d013593a Mon Sep 17 00:00:00 2001
From: Rosanny <rosanny.sihombing@hft-stuttgart.de>
Date: Fri, 30 Apr 2021 17:33:31 +0200
Subject: [PATCH] add /deleteProject

---
 routes/routes-account.js | 39 +++++++++++++++++++++++++++++++++++----
 1 file changed, 35 insertions(+), 4 deletions(-)

diff --git a/routes/routes-account.js b/routes/routes-account.js
index 0244ea77..6c931ed9 100644
--- a/routes/routes-account.js
+++ b/routes/routes-account.js
@@ -562,10 +562,13 @@ module.exports = function (app, config, passport, i18n) {
       } else {
         let project = await gitlab.getProjectById(req.query.id)
         if (!project) {
-          console.log(" =================== error or no project found")
+          console.log(" ========= Error or no project found")
+          res.redirect('/account/services')
+        } else if (!project.owner) {
+          console.log(" ========= Project cannot be accessed, since it does not have an owner")
           res.redirect('/account/services')
         } else if (project.owner.id != loggedInUser.getGitlabUserId()) {
-          console.log(" =================== not your project")
+          console.log(" ========= Access denied: Not your project")
           res.redirect('/account/services')
         } else {
           let curInformation = new projectInformation(loggedInUser.getGitlabUserId(), req.query.id, project.name, project.description,
@@ -579,7 +582,7 @@ module.exports = function (app, config, passport, i18n) {
       }
     }
   })
-
+  // update a website
   app.post('/updateInformation', async function(req, res){
     if( !req.isAuthenticated() ) {
       res.redirect('/login')
@@ -635,7 +638,35 @@ module.exports = function (app, config, passport, i18n) {
     }
   })
 
-  // RS: delete projektInformation?
+  app.delete('/deleteProject', async function(req, res){
+    console.log("delete project")
+
+    if( !req.isAuthenticated() ) {
+      res.redirect('/login')
+    } else {
+      let loggedInUser = await getLoggedInUserData(req.user.email)
+      let projectId = req.body.id
+
+      if (projectId) {
+        // check if the owner is valid
+        let project = await gitlab.getProjectById(projectId)
+        if (!project) {
+          console.log(" ========= Error or no project found")
+        } else if (!project.owner) {
+          console.log(" ========= Project cannot be accessed, since it does not have an owner")
+        } else if (project.owner.id != loggedInUser.getGitlabUserId()) {
+          console.log(" ========= Access denied: Not your project")
+        } else {
+          // delete project
+          let project = await gitlab.deleteProjectById(projectId)
+          if (project.error) {
+            res.flash("error", "Project cannot be deleted. Please try again.")
+          }
+        }
+      }
+      res.redirect('/account/services')
+    }
+  })
 
   // ============= NEW USERS REGISTRATION ===========================
   app.get('/registration', function(req, res) {
-- 
GitLab