. */ declare(strict_types=1); namespace FireflyIII\Api\V2\Controllers\UserGroup; use FireflyIII\Api\V2\Controllers\Controller; use FireflyIII\Enums\UserRoleEnum; use FireflyIII\Models\UserGroup; use FireflyIII\Repositories\UserGroup\UserGroupRepositoryInterface; use FireflyIII\User; use Illuminate\Http\JsonResponse; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; /** * Class DestroyController */ class DestroyController extends Controller { private UserGroupRepositoryInterface $repository; public function __construct() { parent::__construct(); $this->middleware( function ($request, $next) { $this->repository = app(UserGroupRepositoryInterface::class); return $next($request); } ); } public function destroy(UserGroup $userGroup): JsonResponse { /** @var User $user */ $user = auth()->user(); // to access this function: must be group owner or sysadmin. // need owner role or system owner role to delete user group. $access = $user->hasSpecificRoleInGroup($userGroup, UserRoleEnum::OWNER) || $user->hasRole('owner'); if (false === $access) { throw new NotFoundHttpException(); } $this->repository->destroy($userGroup); return response()->json([], 204); } }