Compare commits

..

2 commits

2 changed files with 19 additions and 2 deletions

View file

@ -1,6 +1,6 @@
use actix_web::{ use actix_web::{
error::{ErrorInternalServerError, ErrorNotFound, ErrorUnauthorized}, error::{ErrorInternalServerError, ErrorNotFound, ErrorUnauthorized},
web, Responder, web, HttpResponse, Responder,
}; };
use argon2::{ use argon2::{
password_hash::{rand_core::OsRng, PasswordHasher, SaltString}, password_hash::{rand_core::OsRng, PasswordHasher, SaltString},
@ -102,4 +102,21 @@ impl UserController {
Ok(web::Json(UserWithoutPassword::from(result))) Ok(web::Json(UserWithoutPassword::from(result)))
} }
pub async fn delete_user(
state: web::Data<AppState>,
path: web::Path<Uuid>,
executor: AuthedUser,
) -> actix_web::Result<impl Responder> {
let id = path.into_inner();
if !executor.0.admin || executor.0.id == id {
return Err(ErrorUnauthorized("Invalid Permissions"));
}
let db = &state.db;
entity::license::Entity::delete_by_id(id)
.exec(db)
.await
.map_err(ErrorInternalServerError)?;
Ok(HttpResponse::Ok().finish())
}
} }

View file

@ -10,7 +10,7 @@ pub fn config(cfg: &mut web::ServiceConfig) {
.post(UserController::create_user), .post(UserController::create_user),
) )
.route("/users/me", web::get().to(UserController::get_current_user)) .route("/users/me", web::get().to(UserController::get_current_user))
.service(web::resource("/users/{user_id}")) .service(web::resource("/users/{user_id}").delete(UserController::delete_user))
.service( .service(
web::resource("/licenses") web::resource("/licenses")
.get(LicenseController::list_groups) .get(LicenseController::list_groups)