server-side protection against deleting used filters

app/assets/javascripts/controllers/admin/events.coffee

@@ -203,8 +203,10 @@ Application.Controllers.controller "AdminEventsController", ["$scope", "$state",
           title: _t('confirmation_required')
           msg: _t('do_you_really_want_to_delete_this_ELEMENT', {ELEMENT:model}, "messageformat")
     , -> # delete confirmed
-      getModel(model)[0].delete getModel(model)[1][index]
+      getModel(model)[0].delete getModel(model)[1][index], null, ->
-      getModel(model)[1].splice(index, 1)
+        getModel(model)[1].splice(index, 1)
+      , ->
+        growl.error(_t('unable_to_delete_an_error_occured'))
 
 
 

app/controllers/api/age_ranges_controller.rb

@@ -31,8 +31,11 @@ class API::AgeRangesController < API::ApiController
 
   def destroy
     authorize AgeRange
-    @age_range.destroy
+    if @age_range.safe_destroy
-    head :no_content
+      head :no_content
+    else
+      render json: @age_range.errors, status: :unprocessable_entity
+    end
   end
 
   private

app/controllers/api/event_themes_controller.rb

@@ -31,8 +31,11 @@ class API::EventThemesController < API::ApiController
 
   def destroy
     authorize EventTheme
-    @event_theme.destroy
+    if @event_theme.safe_destroy
-    head :no_content
+      head :no_content
+    else
+      render json: @event_theme.errors, status: :unprocessable_entity
+    end
   end
 
   private

app/models/age_range.rb

@@ -3,4 +3,12 @@ class AgeRange < ActiveRecord::Base
   friendly_id :name, use: :slugged
 
   has_many :events, dependent: :nullify
+
+  def safe_destroy
+    if self.events.count == 0
+      destroy
+    else
+      false
+    end
+  end
 end

app/models/event_theme.rb

@@ -3,4 +3,12 @@ class EventTheme < ActiveRecord::Base
   friendly_id :name, use: :slugged
 
   has_and_belongs_to_many :events, join_table: :events_event_themes, dependent: :destroy
+
+  def safe_destroy
+    if self.events.count == 0
+      destroy
+    else
+      false
+    end
+  end
 end

config/locales/app.admin.en.yml

@@ -87,6 +87,7 @@ en:
         do_you_really_want_to_delete_this_ELEMENT: "Do you really want to delete this {ELEMENT, select, category{category} theme{theme} age_range{age range} other{element}}?"  # messageFormat interpolation
         unable_to_delete_ELEMENT_already_in_use_NUMBER_times: "Unable to delete this {ELEMENT, select, category{category} theme{theme} age_range{age range} other{element}} because it is already associated with {NUMBER, plural, =0{no events} one{one event} other{{NUMBER} events}}."  # messageFormat interpolation
         at_least_one_category_is_required_unable_to_delete_the_last_one: "At least one category is required. Unable to delete the last one."
+        unable_to_delete_an_error_occured: "Unable to delete: an error occurred."
 
       events_new:
         # add a new event

config/locales/app.admin.fr.yml

@@ -87,6 +87,7 @@ fr:
         do_you_really_want_to_delete_this_ELEMENT: "Voulez-vous vraiment supprimer cette {ELEMENT, select, category{catégorie} theme{thématique} age_range{tranche d'âge} other{élément}} ?"  # messageFormat interpolation
         unable_to_delete_ELEMENT_already_in_use_NUMBER_times: "Impossible de supprimer cette {ELEMENT, select, category{catégorie} theme{thématique} age_range{tranche d'âge} other{élément}} car elle est actuellement associée à {NUMBER, plural, =0{aucun évènement} one{un évènement} other{{NUMBER} évènements}}."  # messageFormat interpolation
         at_least_one_category_is_required_unable_to_delete_the_last_one: "Au moins une catégorie est requise. Impossible de supprimer la dernière."
+        unable_to_delete_an_error_occured: "Impossible de supprimer : une erreur est survenue."
 
       events_new:
         # ajouter un nouveau atelier/stage