1 package com.sri.emo.annotations;
2
3 import com.jcorporate.expresso.core.controller.ControllerException;
4 import com.jcorporate.expresso.core.controller.ExpressoRequest;
5 import com.jcorporate.expresso.core.controller.ExpressoResponse;
6 import com.jcorporate.expresso.core.controller.Transition;
7 import com.jcorporate.expresso.core.db.DBException;
8 import com.jcorporate.expresso.core.security.ReadOnlyUser;
9 import com.jcorporate.expresso.core.security.SuperUser;
10 import com.sri.common.controller.StateHandler;
11 import com.sri.emo.controller.AddNodeAction;
12 import com.sri.emo.dbobj.Node;
13
14 /***
15 * Deletes the tag.
16 *
17 * @author Michael Rimov
18 */
19 public class DoDelete implements StateHandler {
20
21 public static final String NAME = "doDelete";
22
23 public static final String DESCRIPTION = "Do Delete Tag";
24
25 public static final String PARAM_TAG = "tagId";
26
27
28 public DoDelete() {
29 }
30
31
32 public void handleRequest(final ExpressoRequest request, final ExpressoResponse response) throws DBException,
33 ControllerException {
34
35 NodeTag nt = new NodeTag(SuperUser.INSTANCE);
36 nt.setField(NodeTag.TAG_ID, request.getParameter(PARAM_TAG));
37
38 nt.retrieve();
39
40 ReadOnlyUser requestingUser = request.getRequestingUser();
41 if (!(requestingUser.isAdmin() || requestingUser.getLoginName().equals(nt.getAddedBy()))) {
42 throw new ControllerException("Permission to delete not allowed for user: " + requestingUser.getLoginName());
43 }
44
45 String nodeId = nt.getField(NodeTag.TAG_PARENT_NODE);
46
47 nt.delete();
48
49 Transition redirect = new Transition("", "return", AddNodeAction.class, AddNodeAction.VIEW_NODE);
50 redirect.addParam(Node.NODE_ID, nodeId);
51 redirect.redirectTransition(request, response);
52 }
53 }