M admin/admin.go → admin/admin.go

@@ -100,7 +100,44 @@ 
 func apiDestroyTable(next http.Handler, udb auth.UserStore, dbAdapter mongodb.DbAdapter) http.Handler {
 	handlerFunc := func(w http.ResponseWriter, req *http.Request) {
 		// check table actually belongs to this user
-		// if it does, try to destroy it
+		user := util.GetUserFromToken(req)
+		tables, err := util.GetTablesByUser(user, udb)
+
+		if err == nil {
+
+			destroy := false
+			i := 0
+			
+			tableName := req.Context().Value("Slug")
+			tablePass := req.Form["passcode"][0]
+
+			table := models.TableKey{
+				Name:     tableName.(string),
+				Passcode: tablePass,
+			}
+
+			for j, t := range tables {
+				if t.Name == table.Name && t.Passcode == table.Passcode {
+						
+						// try to destroy it
+						destroy = dbAdapter.DestroyTable(table) == nil
+						i = j
+						break
+					}
+			}
+
+			if destroy {
+				newTables := append(tables[:i], tables[i+1:]...)
+				util.SetTablesForUser(user, newTables, udb)
+				w.WriteHeader(204)
+			} else {
+				w.WriteHeader(404)
+			}
+			
+		} else {
+			w.WriteHeader(500)
+		}
+		next.ServeHTTP(w, req)
 	}
 
 	return http.HandlerFunc(handlerFunc)
@@ -116,6 +153,7 @@ rtr.Post("/api/auth/", Provision(udb, 84))
 	rtr.Get("/api/table/", Validate(apiGetTableList(renderer.JSON("tableList"), udb), udb, scopes))
 	rtr.Get(`/api/table/(?P<Slug>\S+)`, Validate(apiGetTableData(renderer.JSON("tableData"), udb, dbAdapter), udb, scopes))
 	rtr.Post("/api/table/", Validate(apiCreateTable(renderer.JSON("result"), udb, dbAdapter), udb, scopes))
+	rtr.Delete(`/api/table/(?P<Slug>\S+)`, Validate(apiDestroyTable(renderer.JSON("result"), udb, dbAdapter), udb, scopes))
 
 	return http.HandlerFunc(rtr.ServeHTTP)
 }