diff options
Diffstat (limited to 'server/lib/api/media.js')
| -rw-r--r-- | server/lib/api/media.js | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/server/lib/api/media.js b/server/lib/api/media.js index 9898727..48446ca 100644 --- a/server/lib/api/media.js +++ b/server/lib/api/media.js @@ -48,7 +48,25 @@ var media = { res.json(rec) }) } + }, + + destroy: function(req, res){ + var _id = util.sanitize(req.body._id) + if (! _id || ! _id.length) { + res.json({ error: 404 }) + return + } + Media.findOne({ _id: _id }, function(err, doc){ + if (! doc) { return res.json({ error: 404 }) } + if (String(doc.user_id) !== String(req.user._id)) { + return res.json({ error: "access denied" }) + } + Media.remove({ _id: _id }, function(err){ + res.json({ status: "OK" }) + }) + }) } + } module.exports = media |