public function remove($id)
{
try {
$user = User::find(Session::uid());
if (!$user->getId()) {
throw new Exception('Not enough rights');
}
$file = new File();
$file->findFileById($id);
if ($file->getWorkitem()) {
$workitem = WorkItem::getById($file->getWorkitem());
$userInvolved = $user->getId() == $file->getUserid() || $user->getId() == $workitem->getCreatorId() || $user->getId() == $workitem->getMechanicId() || $user->getId() == $workitem->getRunnerId();
} else {
$userInvolved = false;
}
if (!$user->isRunner() && !$user->isPayer() && !$userInvolved) {
throw new Exception('Permission denied');
}
$success = $file->remove();
return $this->setOutput(array('success' => true, 'message' => 'Attachment removed'));
} catch (Exception $e) {
return $this->setOutput(array('success' => false, 'message' => $e->getMessage()));
}
}
