ClaytonWWilson/Listify
1
0
Fork 0
mirror of https://github.com/ClaytonWWilson/Listify.git synced 2025-12-15 18:28:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Allow non-owner semi-delete

Browse Source 
Non-owners should be able to remove only their own access to a list
This commit is contained in:
NMerz 2020-11-01 21:48:05 -05:00
parent a355820c3c
commit 7412915034
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Lambdas/Lists/List/src/ListDeleter.java
View File

@ -12,6 +12,7 @@ public class ListDeleter implements CallHandler {
private final String GET_LISTS = "SELECT * FROM List WHERE (owner = ? AND listID = ?);";
private final String DELETE_LIST = "DELETE FROM List WHERE listID = ?;";
private final String DELETE_REQUESTOR_ACCESS = "DELETE FROM ListSharee where listID = ? AND userID = ?;";
private final String DELETE_LIST_ACCESS = "DELETE FROM ListSharee where listID = ?;";
private final String DELETE_LIST_ENTRIES = "DELETE FROM ListProduct where listID = ?;";
@ -23,12 +24,17 @@ public class ListDeleter implements CallHandler {
@Override
public Object conductAction(Map<String, Object> bodyMap, HashMap<String, String> queryMap, String cognitoID) throws SQLException {
Integer listID = Integer.parseInt(queryMap.get("id"));
PreparedStatement cleanRequestorAccess = connection.prepareStatement(DELETE_REQUESTOR_ACCESS);
cleanRequestorAccess.setInt(1, listID);
cleanRequestorAccess.setString(2, cognitoID);
System.out.println(cleanRequestorAccess);
cleanRequestorAccess.executeUpdate();
PreparedStatement accessCheck = connection.prepareStatement(GET_LISTS);
accessCheck.setString(1, cognitoID);
accessCheck.setInt(2, listID);
System.out.println(accessCheck);
ResultSet userLists = accessCheck.executeQuery();
if (!userLists.next()) {
throw new AccessControlException("User does not have access to list");
}