/** * Remove Member from Tab * Tab owner removes a member. Can't remove yourself (use close/cancel instead). * * POST: { TabID: int, OwnerUserID: int, TargetUserID: int } */ try { requestData = deserializeJSON(toString(getHttpRequestData().content)); tabID = val(requestData.TabID ?: 0); ownerUserID = val(requestData.OwnerUserID ?: 0); targetUserID = val(requestData.TargetUserID ?: 0); if (tabID == 0) apiAbort({ "OK": false, "ERROR": "missing_TabID" }); if (ownerUserID == 0) apiAbort({ "OK": false, "ERROR": "missing_OwnerUserID" }); if (targetUserID == 0) apiAbort({ "OK": false, "ERROR": "missing_TargetUserID" }); qTab = queryTimed("SELECT OwnerUserID, StatusID FROM Tabs WHERE ID = :tabID LIMIT 1", { tabID: { value: tabID, cfsqltype: "cf_sql_integer" } }); if (qTab.recordCount == 0) apiAbort({ "OK": false, "ERROR": "tab_not_found" }); if (qTab.StatusID != 1) apiAbort({ "OK": false, "ERROR": "tab_not_open" }); if (qTab.OwnerUserID != ownerUserID) apiAbort({ "OK": false, "ERROR": "not_owner" }); if (targetUserID == ownerUserID) apiAbort({ "OK": false, "ERROR": "cannot_remove_self" }); // Reject any pending orders from this member queryTimed(" UPDATE TabOrders SET ApprovalStatus = 'rejected' WHERE TabID = :tabID AND UserID = :uid AND ApprovalStatus = 'pending' ", { tabID: { value: tabID, cfsqltype: "cf_sql_integer" }, uid: { value: targetUserID, cfsqltype: "cf_sql_integer" } }); queryTimed(" UPDATE TabMembers SET StatusID = 2, LeftOn = NOW() WHERE TabID = :tabID AND UserID = :uid AND StatusID = 1 ", { tabID: { value: tabID, cfsqltype: "cf_sql_integer" }, uid: { value: targetUserID, cfsqltype: "cf_sql_integer" } }); apiAbort({ "OK": true }); } catch (any e) { apiAbort({ "OK": false, "ERROR": "server_error", "MESSAGE": e.message }); }