oss/miniflux-v2
oss/miniflux-v2
1
0
Fork 0
mirror of https://github.com/miniflux/v2.git synced 2025-08-01 17:38:37 +00:00
Code Wiki Activity

API: Delete users asynchronously

Browse source 
Deleting large users might lock the tables in the hosted offering
This commit is contained in:
Frédéric Guillot 2020-07-28 20:28:02 -07:00
parent 74c95ed34b
commit 8fb71366f8
3 changed files with 101 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

14
ui/user_remove.go
View file

@ -5,6 +5,7 @@
package ui // import "miniflux.app/ui"
import (
"errors"
"net/http"
"miniflux.app/http/request"
@ -13,19 +14,19 @@ import (
)
func (h *handler) removeUser(w http.ResponseWriter, r *http.Request) {
user, err := h.store.UserByID(request.UserID(r))
loggedUser, err := h.store.UserByID(request.UserID(r))
if err != nil {
html.ServerError(w, r, err)
return
}
if !user.IsAdmin {
if !loggedUser.IsAdmin {
html.Forbidden(w, r)
return
}
userID := request.RouteInt64Param(r, "userID")
selectedUser, err := h.store.UserByID(userID)
selectedUserID := request.RouteInt64Param(r, "userID")
selectedUser, err := h.store.UserByID(selectedUserID)
if err != nil {
html.ServerError(w, r, err)
return
@ -36,6 +37,11 @@ func (h *handler) removeUser(w http.ResponseWriter, r *http.Request) {
return
}
if selectedUser.ID == loggedUser.ID {
html.BadRequest(w, r, errors.New("You cannot remove yourself"))
return
}
if err := h.store.RemoveUser(selectedUser.ID); err != nil {
html.ServerError(w, r, err)
return