Add delete button for admins

app/config/security.yml

@@ -33,5 +33,8 @@ security:
         - { path: ^/admin/, role: ROLE_ADMIN }
 
     role_hierarchy:
-        ROLE_ADMIN:       ROLE_USER
-        ROLE_SUPERADMIN:  ROLE_ADMIN
+        ROLE_UPDATE_PACKAGES: ~
+        ROLE_DELETE_PACKAGES: ~
+
+        ROLE_ADMIN:       [ ROLE_USER, ROLE_UPDATE_PACKAGES, ROLE_DELETE_PACKAGES ]
+        ROLE_SUPERADMIN:  [ ROLE_ADMIN ]

src/Packagist/WebBundle/Controller/WebController.php

@@ -236,6 +236,9 @@ class WebController extends Controller
         }
 
         $data['searchForm'] = $this->createSearchForm()->createView();
+        if ($deleteForm = $this->createDeletePackageForm()) {
+           $data['deleteForm'] = $deleteForm->createView();
+        }
 
         return $data;
     }
@@ -278,7 +281,7 @@ class WebController extends Controller
             return new Response(json_encode(array('status' => 'error', 'message' => 'Invalid credentials',)), 403);
         }
 
-        if ($package->getMaintainers()->contains($user)) {
+        if ($package->getMaintainers()->contains($user) || $this->get('security.context')->isGranted('ROLE_UPDATE_PACKAGES')) {
             if (null !== $autoUpdated) {
                 $package->setAutoUpdated((Boolean) $autoUpdated);
                 $doctrine->getEntityManager()->flush();
@@ -297,6 +300,52 @@ class WebController extends Controller
         return new Response(json_encode(array('status' => 'error', 'message' => 'Could not find a package that matches this request (does user maintain the package?)',)), 404);
     }
 
+    /**
+     * @Template()
+     * @Route("/packages/{name}", name="delete_package", requirements={"name"="[A-Za-z0-9_.-]+/[A-Za-z0-9_.-]+"})
+     * @Method({"DELETE"})
+     */
+    public function deletePackageAction(Request $req, $name)
+    {
+        if (!$this->get('security.context')->isGranted('ROLE_DELETE_PACKAGES')) {
+            throw new AccessDeniedException;
+        }
+
+        $doctrine = $this->getDoctrine();
+
+        try {
+            $package = $doctrine
+                ->getRepository('PackagistWebBundle:Package')
+                ->findOneByName($name);
+        } catch (NoResultException $e) {
+            throw new NotFoundHttpException('The requested package, '.$name.', was not found.');
+        }
+
+        $form = $this->createDeletePackageForm();
+        $form->bind($req->request->get('form'));
+        if ($form->isValid()) {
+            $versionRepo = $doctrine->getRepository('PackagistWebBundle:Version');
+            foreach ($package->getVersions() as $version) {
+                $versionRepo->remove($version);
+            }
+
+            $em = $doctrine->getEntityManager();
+            $em->remove($package);
+            $em->flush();
+
+            return new RedirectResponse($this->generateUrl('home'));
+        }
+
+        return new Response('Invalid form input', 400);
+    }
+
+    protected function createDeletePackageForm()
+    {
+        if ($this->get('security.context')->isGranted('ROLE_DELETE_PACKAGES')) {
+            return $this->createFormBuilder(array())->getForm();
+        }
+    }
+
     /**
      * @Template("PackagistWebBundle:Web:viewPackage.html.twig")
      * @Route("/packages/{name}/maintainers/", name="add_maintainer", requirements={"name"="[A-Za-z0-9_.-]+/[A-Za-z0-9/_.-]+"})

src/Packagist/WebBundle/Resources/public/css/main.css

@@ -534,17 +534,18 @@ form ul {
 .no-js .package .force-update {
   display: none;
 }
-.package .force-update {
+.package .action {
   float: right;
+  margin-left: 10px;
 }
-.package .force-update input {
+.package .action input {
   width: auto;
   font-size: 16px;
   margin: 0;
   padding: 8px;
   background-image: none;
 }
-.package .force-update input.loading {
+.package .action input.loading {
   background-position: 10px center;
   background-image: url("../img/loader.gif");
   padding-left: 30px;

src/Packagist/WebBundle/Resources/public/js/view.js

@@ -26,6 +26,12 @@
         });
         submit.addClass('loading');
     });
+    $('.package .force-delete').submit(function (e) {
+        e.preventDefault();
+        if (confirm('Are you sure?')) {
+            e.target.submit();
+        }
+    });
     if ($('.package').data('force-crawl')) {
         $('.package .force-update').submit();
     }

src/Packagist/WebBundle/Resources/views/Web/viewPackage.html.twig

@@ -10,13 +10,20 @@
 {% block content %}
     <div class="box">
         <div class="package"{% if app.user and package.maintainers.contains(app.user) and package.crawledAt is null %} data-force-crawl="true"{% endif %}>
-            {% if app.user and package.maintainers.contains(app.user) %}
-                <form class="force-update" action="{{ path('update_package', {name: package.name}) }}" method="POST">
+            {% if is_granted('ROLE_UPDATE_PACKAGES') or package.maintainers.contains(app.user) %}
+                <form class="force-update action" action="{{ path('update_package', {name: package.name}) }}" method="POST">
                     <input type="hidden" name="_method" value="PUT" />
                     <input type="hidden" name="update" value="1" />
                     <input type="submit" value="Force package update" />
                 </form>
             {% endif %}
+            {% if deleteForm is defined %}
+                <form class="force-delete action" action="{{ path('delete_package', {name: package.name}) }}" method="POST">
+                    <input type="hidden" name="_method" value="DELETE" />
+                    {{ form_widget(deleteForm._token) }}
+                    <input type="submit" value="Delete" />
+                </form>
+            {% endif %}
             <h1>
                 <a href="{{ path("view_vendor", {"vendor": package.vendor}) }}">{{ package.vendor }}/</a>{{ package.packageName }}
             </h1>