Allow maintainers to delete packages if they have less than 50 instal…

…ls, fixes #166
composer · Aug 29, 2012 · 67540d4 · 67540d4
1 parent c7ada8a
commit 67540d4
Showing 1 changed file with 28 additions and 5 deletions.
diff --git a/src/Packagist/WebBundle/Controller/WebController.php b/src/Packagist/WebBundle/Controller/WebController.php
@@ -330,7 +330,7 @@ public function viewPackageAction(Request $req, $name)
         if ($maintainerForm = $this->createAddMaintainerForm($package)) {
             $data['form'] = $maintainerForm->createView();
         }
-        if ($deleteForm = $this->createDeletePackageForm()) {
+        if ($deleteForm = $this->createDeletePackageForm($package)) {
             $data['deleteForm'] = $deleteForm->createView();
         }
 
@@ -438,7 +438,7 @@ public function deletePackageAction(Request $req, $name)
             throw new NotFoundHttpException('The requested package, '.$name.', was not found.');
         }
 
-        $form = $this->createDeletePackageForm();
+        $form = $this->createDeletePackageForm($package);
         $form->bind($req->request->get('form'));
         if ($form->isValid()) {
             $versionRepo = $doctrine->getRepository('PackagistWebBundle:Version');
@@ -603,11 +603,34 @@ private function createAddMaintainerForm($package)
         }
     }
 
-    private function createDeletePackageForm()
+    private function createDeletePackageForm(Package $package)
     {
-        if ($this->get('security.context')->isGranted('ROLE_DELETE_PACKAGES')) {
-            return $this->createFormBuilder(array())->getForm();
+        if (!$user = $this->getUser()) {
+            return;
         }
+
+        // super admins bypass additional checks
+        if (!$this->get('security.context')->isGranted('ROLE_DELETE_PACKAGES')) {
+            // non maintainers can not delete
+            if (!$package->getMaintainers()->contains($user)) {
+                return;
+            }
+
+            try {
+                /** @var $redis \Snc\RedisBundle\Client\Phpredis\Client */
+                $redis = $this->get('snc_redis.default');
+                $downloads = $redis->get('dl:'.$package->getId());
+            } catch (\Exception $e) {
+                return;
+            }
+
+            // more than 50 downloads = established package, do not allow deletion by maintainers
+            if ($downloads > 50) {
+                return;
+            }
+        }
+
+        return $this->createFormBuilder(array())->getForm();
     }
 
     private function createSearchForm()