diff --git a/main/inc/lib/webservices/Rest.php b/main/inc/lib/webservices/Rest.php index 302995581d..3d0bec9c5d 100644 --- a/main/inc/lib/webservices/Rest.php +++ b/main/inc/lib/webservices/Rest.php @@ -61,6 +61,7 @@ class Rest extends WebService const SET_THREAD_NOTIFY = 'set_thread_notify'; const PUT_WORK_STUDENT_ITEM_VISIBILITY = 'put_course_work_visibility'; + const DELETE_WORK_STUDENT_ITEM = 'delete_work_student_item'; const CREATE_CAMPUS = 'add_campus'; const EDIT_CAMPUS = 'edit_campus'; @@ -2608,6 +2609,23 @@ class Rest extends WebService } } + public function deleteWorkStudentItem(int $workId): string + { + Event::event_access_tool(TOOL_STUDENTPUBLICATION); + + require_once api_get_path(SYS_CODE_PATH).'work/work.lib.php'; + + $courseInfo = api_get_course_info_by_id($this->course->getId()); + + $fileDeleted = deleteWorkItem($workId, $courseInfo); + + if ($fileDeleted) { + return get_lang('TheDocumentHasBeenDeleted'); + } + + return get_lang('YouAreNotAllowedToDeleteThisDocument'); + } + public static function isAllowedByRequest(bool $inpersonate = false): bool { $username = $_GET['username'] ?? null; diff --git a/main/webservices/api/v2.php b/main/webservices/api/v2.php index c4324163c8..70147714d8 100644 --- a/main/webservices/api/v2.php +++ b/main/webservices/api/v2.php @@ -312,6 +312,21 @@ try { $restResponse->setData(['status' => $data]); break; + case Rest::DELETE_WORK_STUDENT_ITEM: + if (!isset($_POST['work'])) { + throw new Exception(get_lang('ActionNotAllowed')); + } + + if (!api_is_allowed_to_edit() && !api_is_coach()) { + throw new Exception(get_lang('NotAllowed')); + } + + $restResponse->setData( + [ + 'message' => $restApi->deleteWorkStudentItem((int) $_POST['work']), + ] + ); + break; case Rest::CREATE_CAMPUS: $data = $restApi->createCampusURL($_POST);