public function deleteSession($username)
{
$delete = new Delete();
$adapter = $this->table_gateway->getAdapter();
$delete->from('sessions')->where(array('username' => $username, 'session_id' => session_id()));
$adapter->query($this->sql->buildSqlString($delete), $adapter::QUERY_MODE_EXECUTE);
return true;
}
public function delete(PostInterface $postObject)
{
$action = new Delete('posts');
$action->where(array('id = ?' => $postObject->getId()));
$sql = new Sql($this->dbAdapter);
$stmt = $sql->prepareStatementForSqlObject($action);
$result = $stmt->execute();
return (bool) $result->getAffectedRows();
}
public function unlink($userId, $addressId)
{
$adapter = $this->getDbAdapter();
$statement = $adapter->createStatement();
$where = new Where();
$where->equalTo('user_id', $userId)->equalTo('address_id', $addressId);
$delete = new Delete();
$delete->from('user_addresses')->where($where);
$delete->prepareStatement($adapter, $statement);
$result = $statement->execute();
return $result;
}
/**
* {@inheritdoc}
*/
protected function processExpression(ExpressionInterface $expression, PlatformInterface $platform, DriverInterface $driver = null, ParameterContainer $parameterContainer = null, $namedParameterPrefix = null)
{
if ($expression instanceof ExpressionDecorator) {
$expressionDecorator = $expression;
} else {
$expressionDecorator = new ExpressionDecorator($expression, $platform);
}
return parent::processExpression($expressionDecorator, $platform, $driver, $parameterContainer, $namedParameterPrefix);
}
public function delete()
{
$delete = new ZfSql\Delete($this->tableName);
$adapter = $this->sql->getAdapter();
if ($this->select->where) {
$delete->where($this->select->where);
}
$sqlString = $this->sql->getSqlStringForSqlObject($delete);
try {
$result = $adapter->query($sqlString, $adapter::QUERY_MODE_EXECUTE);
} catch (AdapterException\ExceptionInterface $e) {
throw new Exception\RecordNotDestroyedException($e->getMessage(), 0, $e);
}
if (!$result->count()) {
throw new Exception\RecordNotDestroyedException("No rows were affected");
}
return true;
}
/**
* @covers Zend\Db\Sql\Delete::getSqlString
*/
public function testGetSqlString()
{
$this->delete->from('foo')->where('x = y');
$this->assertEquals('DELETE FROM "foo" WHERE x = y', $this->delete->getSqlString());
// with TableIdentifier
$this->delete = new Delete();
$this->delete->from(new TableIdentifier('foo', 'sch'))->where('x = y');
$this->assertEquals('DELETE FROM "sch"."foo" WHERE x = y', $this->delete->getSqlString());
}
/**
* @todo add $columns support
*
* @param Delete $delete
* @return int
* @throws Exception\RuntimeException
*/
protected function executeDelete(Delete $delete)
{
$deleteState = $delete->getRawState();
if ($deleteState['table'] != $this->table) {
throw new Exception\RuntimeException('The table name of the provided Delete object must match that of the table');
}
// pre delete update
$this->featureSet->apply(EventFeatureEventsInterface::EVENT_PRE_DELETE, [$delete]);
$statement = $this->sql->prepareStatementForSqlObject($delete);
$result = $statement->execute();
// apply postDelete features
$this->featureSet->apply(EventFeatureEventsInterface::EVENT_POST_DELETE, [$statement, $result]);
return $result->getAffectedRows();
}
/**
* {@inheritDoc}
*/
public function unsetRefreshToken($refreshToken)
{
$delete = new Delete($this->config['refresh_token_table']);
$delete->where(array('refresh_token' => $refreshToken));
return $this->execute($delete);
}
protected function _importXhbData($data, $xhbId)
{
try {
// First delete existing XHB unconditionally
$deleteStmt = new Delete(Xhb::MAIN_TABLE);
$deleteStmt->where(array('id' => $xhbId));
$this->_db->query($this->_sql->buildSqlString($deleteStmt), Adapter::QUERY_MODE_EXECUTE);
$this->_insertInto(Account::MAIN_TABLE, $this->_addAdditionalFields($data['accounts'], $xhbId), null);
$this->_insertInto(Category::MAIN_TABLE, $this->_addAdditionalFields($data['categories'], $xhbId), null);
$this->_insertInto(Payee::MAIN_TABLE, $this->_addAdditionalFields($data['payees'], $xhbId), null);
$this->_insertInto(Operation::MAIN_TABLE, $this->_addAdditionalFields($data['operations'], $xhbId), null);
$this->_insertOperationSplitAmount($data['operations'], $xhbId);
// Insert XHB row at the end, so that in case something's gone wrong before, next request may try to
// create schema and insert data again, without risking to use invalid or incomplete data instead
$xhbTableData = array_merge($data['properties'], array('id' => $xhbId, 'updated_at' => time()));
$this->_insertInto(Xhb::MAIN_TABLE, array($xhbTableData));
} catch (\Exception $e) {
setlocale(LC_ALL, $oldLocale);
// If something's gone wrong, destroy everything
$this->_destroySchema(true);
throw $e;
}
return $this;
}
public function deleteProduct($id)
{
$action = new Delete('products');
$action->where(array('id=?' => $id));
$sql = new Sql($this->dbAdapter);
$stmt = $sql->prepareStatementForSqlObject($action);
$result = $stmt->execute();
return (bool) $result->getAffectedRows();
}
/**
* Uninstall from module name
*
* @param AbstractModule $module Module
* @param Model $model Module model
*
* @return boolean
*/
public static function uninstall($module, $model)
{
if (empty($model) or !$module->uninstall()) {
return false;
}
$select = new Sql\Select();
$select->from('user_acl_permission')->columns(array('id'))->where->equalTo('permission', $model->getName());
$userAclPermissionId = $model->fetchOne($select);
$delete = new Sql\Delete();
$delete->from('user_acl');
$delete->where->equalTo('user_acl_permission_id', $userAclPermissionId);
$model->execute($delete);
$delete = new Sql\Delete();
$delete->from('user_acl_permission');
$delete->where->equalTo('id', $userAclPermissionId);
$model->execute($delete);
$model->delete();
return true;
}
/**
* Save document type model
*
* @return integer
*/
public function save()
{
$this->events()->trigger(__CLASS__, 'before.save', $this);
$arraySave = array('name' => $this->getName(), 'updated_at' => new Expression('NOW()'), 'description' => $this->getDescription(), 'icon_id' => $this->getIconId(), 'default_view_id' => $this->getDefaultViewId(), 'user_id' => $this->getUserId());
try {
$id = $this->getId();
if (empty($id)) {
$arraySave['created_at'] = new Expression('NOW()');
$this->insert($arraySave);
$this->setId($this->getLastInsertId());
} else {
$this->update($arraySave, array('id' => (int) $this->getId()));
}
$delete = new Sql\Delete();
$delete->from('document_type_view');
$delete->where(array('document_type_id' => (int) $this->getId()));
$this->execute($delete);
foreach ($this->views as $viewId) {
if (empty($viewId)) {
continue;
}
$insert = new Sql\Insert();
$insert->into('document_type_view')->values(array('document_type_id' => $this->getId(), 'view_id' => $viewId));
$this->execute($insert);
}
$delete = new Sql\Delete();
$delete->from('document_type_dependency');
$delete->where->equalTo('parent_id', (int) $this->getId());
$this->execute($delete);
$dependencies = $this->getDependencies();
if (!empty($dependencies)) {
foreach ($dependencies as $childrenId) {
$insert = new Sql\Insert();
$insert->into('document_type_dependency')->values(array('parent_id' => $this->getId(), 'children_id' => $childrenId));
$this->execute($insert);
}
}
$this->events()->trigger(__CLASS__, 'after.save', $this);
return $this->getId();
} catch (\Exception $e) {
$this->events()->trigger(__CLASS__, 'after.save.failed', $this);
throw new \Gc\Exception($e->getMessage(), $e->getCode(), $e);
}
}
public function deleteSkillByTopic($topic_id = NULL)
{
$sql = new Sql($this->adapter);
$delete = new Delete($this->topicSkill);
$delete->where(array("topic_id" => $topic_id));
$selectString = $sql->getSqlStringForSqlObject($delete);
$results = $this->adapter->query($selectString, Adapter::QUERY_MODE_EXECUTE);
}
public function deletePermissionByUserId($user_id = NULL)
{
$sql = new Sql($this->adapter);
$delete = new Delete($this->user_permission);
$delete->where(array("user_id" => $user_id));
$selectString = $sql->getSqlStringForSqlObject($delete);
$results = $this->adapter->query($selectString, Adapter::QUERY_MODE_EXECUTE);
}
/**
* @param Delete $delete
* @return mixed
* @throws Exception\RuntimeException
* @throws \Directus\Acl\Exception\UnauthorizedTableBigDeleteException
* @throws \Directus\Acl\Exception\UnauthorizedTableDeleteException
*/
protected function executeDelete(Delete $delete)
{
$cuurrentUserId = null;
if (Auth::loggedIn()) {
$currentUser = Auth::getUserInfo();
$currentUserId = intval($currentUser['id']);
}
$deleteState = $delete->getRawState();
$deleteTable = $this->getRawTableNameFromQueryStateTable($deleteState['table']);
$cmsOwnerColumn = $this->acl->getCmsOwnerColumnByTable($deleteTable);
$canBigDelete = $this->acl->hasTablePrivilege($deleteTable, 'bigdelete');
$canDelete = $this->acl->hasTablePrivilege($deleteTable, 'delete');
$aclErrorPrefix = $this->acl->getErrorMessagePrefix();
if (!TableSchema::hasTableColumn($deleteTable, STATUS_COLUMN_NAME)) {
if ($this->acl->hasTablePrivilege($deleteTable, 'bigdelete')) {
$canBigDelete = true;
} else {
if ($this->acl->hasTablePrivilege($deleteTable, 'delete')) {
$canDelete = true;
}
}
}
// @todo: clean way
if ($deleteTable === 'directus_bookmarks') {
$canBigDelete = true;
}
/**
* ACL Enforcement
*/
if (!$canBigDelete && !$canDelete) {
throw new UnauthorizedTableBigDeleteException($aclErrorPrefix . ' forbidden to hard delete on table `' . $deleteTable . '` because it has Status Column.');
}
if (false === $cmsOwnerColumn) {
// cannot delete if there's no magic owner column and can't big delete
if (!$canBigDelete) {
// All deletes are "big" deletes if there is no magic owner column.
throw new UnauthorizedTableBigDeleteException($aclErrorPrefix . 'The table `' . $deleteTable . '` is missing the `user_create_column` within `directus_tables` (BigHardDelete Permission Forbidden)');
}
} else {
if (!$canBigDelete) {
// Who are the owners of these rows?
list($predicateResultQty, $predicateOwnerIds) = $this->acl->getCmsOwnerIdsByTableGatewayAndPredicate($this, $deleteState['where']);
if (!in_array($currentUserId, $predicateOwnerIds)) {
// $exceptionMessage = "Table harddelete access forbidden on $predicateResultQty `$deleteTable` table records owned by the authenticated CMS user (#$currentUserId).";
$groupsTableGateway = self::makeTableGatewayFromTableName($this->acl, 'directus_groups', $this->adapter);
$group = $groupsTableGateway->find($this->acl->getGroupId());
$exceptionMessage = '[' . $group['name'] . '] permissions only allow you to [delete] your own items.';
// $aclErrorPrefix = $this->acl->getErrorMessagePrefix();
throw new UnauthorizedTableDeleteException($exceptionMessage);
}
}
}
try {
$this->emitter->run('table.delete:before', [$deleteTable]);
$this->emitter->run('table.delete.' . $deleteTable . ':before');
$result = parent::executeDelete($delete);
$this->emitter->run('table.delete', [$deleteTable]);
$this->emitter->run('table.delete:after', [$deleteTable]);
$this->emitter->run('table.delete.' . $deleteTable);
$this->emitter->run('table.delete.' . $deleteTable . ':after');
return $result;
} catch (\Zend\Db\Adapter\Exception\InvalidQueryException $e) {
if ('production' !== DIRECTUS_ENV) {
throw new \RuntimeException('This query failed: ' . $this->dumpSql($delete), 0, $e);
}
// @todo send developer warning
throw $e;
}
}
/**
* @todo add $columns support
*
* @param Delete $delete
* @return mixed
* @throws Exception\RuntimeException
*/
protected function executeDelete(Delete $delete)
{
$deleteState = $delete->getRawState();
if ($deleteState['table'] != $this->table) {
throw new Exception\RuntimeException('The table name of the provided Update object must match that of the table');
}
// pre delete update
$this->featureSet->apply('preDelete', array($delete));
$statement = $this->sql->prepareStatementForSqlObject($delete);
$result = $statement->execute();
// apply postDelete features
$this->featureSet->apply('postDelete', array($statement, $result));
return $result->getAffectedRows();
}
/**
* @param string $expectedSql
*/
protected function assertTableGatewayLastSqlDelete($expectedSql)
{
$actualSql = $this->delete->getSqlString($this->mysqlPlatform);
$this->assertSqlEquals($expectedSql, $actualSql);
}
/**
* @param Delete $delete
* @return mixed
* @throws Exception\RuntimeException
* @throws \Directus\Acl\Exception\UnauthorizedTableBigDeleteException
* @throws \Directus\Acl\Exception\UnauthorizedTableDeleteException
*/
protected function executeDelete(Delete $delete)
{
$cuurrentUserId = null;
if (Auth::loggedIn()) {
$currentUser = Auth::getUserInfo();
$currentUserId = intval($currentUser['id']);
}
$deleteState = $delete->getRawState();
$deleteTable = $this->getRawTableNameFromQueryStateTable($deleteState['table']);
$cmsOwnerColumn = $this->acl->getCmsOwnerColumnByTable($deleteTable);
$canBigHardDelete = $this->acl->hasTablePrivilege($deleteTable, 'bigharddelete');
$canHardDelete = $this->acl->hasTablePrivilege($deleteTable, 'harddelete');
$aclErrorPrefix = $this->acl->getErrorMessagePrefix();
// Is this table a junction table?
$deleteTableSchema = TableSchema::getTable($deleteTable);
$isDeleteTableAJunction = array_key_exists('is_junction_table', $deleteTableSchema) ? (bool) $deleteTableSchema['is_junction_table'] : false;
if ($isDeleteTableAJunction || !TableSchema::hasTableColumn($deleteTable, STATUS_COLUMN_NAME)) {
if ($this->acl->hasTablePrivilege($deleteTable, 'bigdelete')) {
$canBigHardDelete = true;
} else {
if ($this->acl->hasTablePrivilege($deleteTable, 'delete')) {
$canHardDelete = true;
}
}
}
// @todo: clean way
if ($deleteTable === 'directus_bookmarks') {
$canBigHardDelete = true;
}
/**
* ACL Enforcement
*/
if (!$canBigHardDelete && !$canHardDelete) {
throw new UnauthorizedTableBigDeleteException($aclErrorPrefix . "BigHardDelete/HardDelete access forbidden on table `{$deleteTable}`.");
}
if (false === $cmsOwnerColumn) {
// cannot delete if there's no magic owner column and can't big delete
if (!$canBigHardDelete) {
// All deletes are "big" deletes if there is no magic owner column.
throw new UnauthorizedTableBigDeleteException($aclErrorPrefix . "The table `{$deleteTable}` is missing the `user_create_column` within `directus_tables` (BigHardDelete Permission Forbidden)");
}
} else {
if (!$canBigHardDelete) {
// Who are the owners of these rows?
list($predicateResultQty, $predicateOwnerIds) = $this->acl->getCmsOwnerIdsByTableGatewayAndPredicate($this, $deleteState['where']);
if (in_array($currentUserId, $predicateOwnerIds)) {
$exceptionMessage = "Table harddelete access forbidden on {$predicateResultQty} `{$deleteTable}` table records owned by the authenticated CMS user (#{$currentUserId}).";
$aclErrorPrefix = $this->acl->getErrorMessagePrefix();
throw new UnauthorizedTableDeleteException($aclErrorPrefix . $exceptionMessage);
}
}
}
try {
return parent::executeDelete($delete);
} catch (\Zend\Db\Adapter\Exception\InvalidQueryException $e) {
if ('production' !== DIRECTUS_ENV) {
throw new \RuntimeException("This query failed: " . $this->dumpSql($delete), 0, $e);
}
// @todo send developer warning
throw $e;
}
}
public function deleteData($table, $where)
{
$sql = new Sql($this->dbAdapter);
$action = new Delete();
$action->from($table);
$action->where($where);
$stmt = $sql->prepareStatementForSqlObject($action);
$result = $stmt->execute();
return $result;
}
