From acb414826694da1aa677dd095310641c025cc943 Mon Sep 17 00:00:00 2001
From: Rob Allen <rob@akrabat.com>
Date: Sat, 26 Mar 2016 13:31:19 +0000
Subject: [PATCH] Delete track

DELETE to the track's URI to delete the track.
---
 src/config/routes/2.1.json           |  6 ++++++
 src/controllers/TracksController.php | 27 ++++++++++++++++++++++++++-
 src/models/TrackMapper.php           | 18 ++++++++++++++++++
 3 files changed, 50 insertions(+), 1 deletion(-)

diff --git a/src/config/routes/2.1.json b/src/config/routes/2.1.json
index 2e14faff3..f8ca16982 100644
--- a/src/config/routes/2.1.json
+++ b/src/config/routes/2.1.json
@@ -109,6 +109,12 @@
         "action": "editTrack",
         "verbs": ["PUT"]
     },
+    {
+        "path": "/tracks(/[\\d]+)/?$",
+        "controller": "TracksController",
+        "action": "deleteTrack",
+        "verbs": ["DELETE"]
+    },
 
     {
         "path": "/users/passwords$",
diff --git a/src/controllers/TracksController.php b/src/controllers/TracksController.php
index ac68f7db3..be30fa7f0 100644
--- a/src/controllers/TracksController.php
+++ b/src/controllers/TracksController.php
@@ -65,11 +65,36 @@ public function editTrack($request, $db)
             throw new Exception(implode(". ", $errors), 400);
         }
 
-
         $track_mapper->editEventTrack($track, $track_id);
 
         $uri = $request->base  . '/' . $request->version . '/tracks/' . $track_id;
         header("Location: $uri", true, 204);
         exit;
     }
+
+    public function deleteTrack($request, $db)
+    {
+        $track_id = $this->getItemId($request);
+
+        $track_mapper = new TrackMapper($db, $request);
+        $tracks = $track_mapper->getTrackById($track_id, true);
+        if (!$tracks) {
+            throw new Exception("Track not found", 404);
+        }
+
+        $event_mapper = new EventMapper($db, $request);
+        $events = $event_mapper->getEventByTrackId($track_id, true, false, false);
+        if (!$events || !$events[0]['ID']) {
+            throw new Exception("Associated event not found", 404);
+        }
+        $event_id = $events[0]['ID'];
+        if (!$event_mapper->thisUserHasAdminOn($event_id)) {
+            throw new Exception('You do not have permission to delete this track', 403);
+        }
+
+        $track_mapper->deleteEventTrack($track_id);
+
+        header("Content-Length: 0", null, 204);
+        exit;
+    }
 }
diff --git a/src/models/TrackMapper.php b/src/models/TrackMapper.php
index 35a775adc..43adcc757 100644
--- a/src/models/TrackMapper.php
+++ b/src/models/TrackMapper.php
@@ -153,4 +153,22 @@ public function editEventTrack($data, $track_id)
 
         return $track_id;
     }
+
+    /**
+     * Delete track and talk associations
+     *
+     * @param  int $track_id
+     */
+    public function deleteEventTrack($track_id)
+    {
+        // delete talk associations
+        $sql = "delete from event_track where ID = :track_id";
+        $stmt = $this->_db->prepare($sql);
+        $stmt->execute(['track_id' => $track_id]);
+
+        // delete track
+        $sql = "delete from talk_track where track_id = :track_id";
+        $stmt = $this->_db->prepare($sql);
+        $stmt->execute(['track_id' => $track_id]);
+    }
 }