Compare commits

..

2 commits

2 changed files with 19 additions and 2 deletions

View file

@ -1,6 +1,6 @@
use actix_web::{
error::{ErrorInternalServerError, ErrorNotFound, ErrorUnauthorized},
web, Responder,
web, HttpResponse, Responder,
};
use argon2::{
password_hash::{rand_core::OsRng, PasswordHasher, SaltString},
@ -102,4 +102,21 @@ impl UserController {
Ok(web::Json(UserWithoutPassword::from(result)))
}
pub async fn delete_user(
state: web::Data<AppState>,
path: web::Path<Uuid>,
executor: AuthedUser,
) -> actix_web::Result<impl Responder> {
let id = path.into_inner();
if !executor.0.admin || executor.0.id == id {
return Err(ErrorUnauthorized("Invalid Permissions"));
}
let db = &state.db;
entity::license::Entity::delete_by_id(id)
.exec(db)
.await
.map_err(ErrorInternalServerError)?;
Ok(HttpResponse::Ok().finish())
}
}

View file

@ -10,7 +10,7 @@ pub fn config(cfg: &mut web::ServiceConfig) {
.post(UserController::create_user),
)
.route("/users/me", web::get().to(UserController::get_current_user))
.service(web::resource("/users/{user_id}"))
.service(web::resource("/users/{user_id}").delete(UserController::delete_user))
.service(
web::resource("/licenses")
.get(LicenseController::list_groups)