2018-04-30 01:35:04 +02:00
|
|
|
// Copyright 2018 Frédéric Guillot. All rights reserved.
|
|
|
|
// Use of this source code is governed by the Apache 2.0
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
2018-08-25 06:51:50 +02:00
|
|
|
package ui // import "miniflux.app/ui"
|
2018-04-30 01:35:04 +02:00
|
|
|
|
|
|
|
import (
|
|
|
|
"net/http"
|
|
|
|
|
2018-08-25 06:51:50 +02:00
|
|
|
"miniflux.app/http/context"
|
|
|
|
"miniflux.app/http/request"
|
|
|
|
"miniflux.app/http/response"
|
|
|
|
"miniflux.app/http/response/html"
|
|
|
|
"miniflux.app/http/route"
|
2018-04-30 01:35:04 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
// RemoveUser deletes a user from the database.
|
|
|
|
func (c *Controller) RemoveUser(w http.ResponseWriter, r *http.Request) {
|
|
|
|
ctx := context.New(r)
|
|
|
|
|
|
|
|
user, err := c.store.UserByID(ctx.UserID())
|
|
|
|
if err != nil {
|
|
|
|
html.ServerError(w, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if !user.IsAdmin {
|
|
|
|
html.Forbidden(w)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
userID, err := request.IntParam(r, "userID")
|
|
|
|
if err != nil {
|
|
|
|
html.BadRequest(w, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
selectedUser, err := c.store.UserByID(userID)
|
|
|
|
if err != nil {
|
|
|
|
html.ServerError(w, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if selectedUser == nil {
|
|
|
|
html.NotFound(w)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := c.store.RemoveUser(selectedUser.ID); err != nil {
|
|
|
|
html.ServerError(w, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
response.Redirect(w, r, route.Path(c.router, "users"))
|
|
|
|
}
|