Add confirm=? quer-param to delete-user route [skip-tests]
Some checks failed
Build Docker and Deploy / Run Unit-Tests (push) Has been skipped
Build Docker and Deploy / Build Docker Container (push) Failing after 41s
Build Docker and Deploy / Deploy to Server (push) Has been skipped

This commit is contained in:
2025-05-04 04:57:27 +02:00
parent 9db49a4164
commit 7bbe321d3c
3 changed files with 13 additions and 2 deletions

View File

@@ -290,14 +290,18 @@ func (h APIHandler) UpdateUser(pctx ginext.PreContext) ginext.HTTPResponse {
// @Failure 404 {object} ginresp.apiError "user not found"
// @Failure 500 {object} ginresp.apiError "internal server error"
//
// @Router /api/v2/users/{uid} [PATCH]
// @Router /api/v2/users/{uid} [DELETE]
func (h APIHandler) DeleteUser(pctx ginext.PreContext) ginext.HTTPResponse {
type uri struct {
UserID models.UserID `uri:"uid" binding:"entityid"`
}
type query struct {
Confirm *bool `json:"confirm" form:"confirm"`
}
var u uri
ctx, g, errResp := pctx.URI(&u).Start()
var q query
ctx, g, errResp := pctx.URI(&u).Query(&q).Start()
if errResp != nil {
return *errResp
}
@@ -309,6 +313,10 @@ func (h APIHandler) DeleteUser(pctx ginext.PreContext) ginext.HTTPResponse {
return *permResp
}
if q.Confirm == nil || !*q.Confirm {
return ginresp.APIError(g, 400, apierr.INVALID_QUERY_PARAM, "Must send confirm=true to delete an account", nil)
}
user, err := h.database.GetUser(ctx, u.UserID)
if errors.Is(err, sql.ErrNoRows) {
return ginresp.APIError(g, 404, apierr.USER_NOT_FOUND, "User not found", err)