add admin user account deletion
this adds a section to the admin user view to delete the account and a handler to process the request.
This commit is contained in:
parent
b83af955c3
commit
fc553d277f
33
admin.go
33
admin.go
|
@ -123,6 +123,7 @@ func handleViewAdminUsers(app *App, u *User, w http.ResponseWriter, r *http.Requ
|
||||||
*UserPage
|
*UserPage
|
||||||
Config config.AppCfg
|
Config config.AppCfg
|
||||||
Message string
|
Message string
|
||||||
|
Flashes []string
|
||||||
|
|
||||||
Users *[]User
|
Users *[]User
|
||||||
CurPage int
|
CurPage int
|
||||||
|
@ -134,6 +135,7 @@ func handleViewAdminUsers(app *App, u *User, w http.ResponseWriter, r *http.Requ
|
||||||
Message: r.FormValue("m"),
|
Message: r.FormValue("m"),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
p.Flashes, _ = getSessionFlashes(app, w, r, nil)
|
||||||
p.TotalUsers = app.db.GetAllUsersCount()
|
p.TotalUsers = app.db.GetAllUsersCount()
|
||||||
ttlPages := p.TotalUsers / adminUsersPerPage
|
ttlPages := p.TotalUsers / adminUsersPerPage
|
||||||
p.TotalPages = []int{}
|
p.TotalPages = []int{}
|
||||||
|
@ -230,6 +232,37 @@ func handleViewAdminUser(app *App, u *User, w http.ResponseWriter, r *http.Reque
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func handleAdminDeleteUser(app *App, u *User, w http.ResponseWriter, r *http.Request) error {
|
||||||
|
if !u.IsAdmin() {
|
||||||
|
return impart.HTTPError{http.StatusForbidden, "Administrator privileges required for this action"}
|
||||||
|
}
|
||||||
|
|
||||||
|
vars := mux.Vars(r)
|
||||||
|
username := vars["username"]
|
||||||
|
confirmUsername := r.PostFormValue("confirm-username")
|
||||||
|
|
||||||
|
if confirmUsername != username {
|
||||||
|
return impart.HTTPError{http.StatusBadRequest, "Username was not confirmed"}
|
||||||
|
}
|
||||||
|
|
||||||
|
user, err := app.db.GetUserForAuth(username)
|
||||||
|
if err == ErrUserNotFound {
|
||||||
|
return impart.HTTPError{http.StatusNotFound, fmt.Sprintf("User '%s' was not found", username)}
|
||||||
|
} else if err != nil {
|
||||||
|
log.Error("get user for deletion: %v", err)
|
||||||
|
return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get user with username '%s': %v", username, err)}
|
||||||
|
}
|
||||||
|
|
||||||
|
err = app.db.DeleteAccount(user.ID)
|
||||||
|
if err != nil {
|
||||||
|
log.Error("delete user %s: %v", user.Username, err)
|
||||||
|
return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not delete user account for '%s': %v", username, err)}
|
||||||
|
}
|
||||||
|
|
||||||
|
_ = addSessionFlash(app, w, r, fmt.Sprintf("Account for user \"%s\" was deleted successfully.", username), nil)
|
||||||
|
return impart.HTTPError{http.StatusFound, "/admin/users"}
|
||||||
|
}
|
||||||
|
|
||||||
func handleViewAdminPages(app *App, u *User, w http.ResponseWriter, r *http.Request) error {
|
func handleViewAdminPages(app *App, u *User, w http.ResponseWriter, r *http.Request) error {
|
||||||
p := struct {
|
p := struct {
|
||||||
*UserPage
|
*UserPage
|
||||||
|
|
|
@ -144,6 +144,7 @@ func InitRoutes(apper Apper, r *mux.Router) *mux.Router {
|
||||||
write.HandleFunc("/admin", handler.Admin(handleViewAdminDash)).Methods("GET")
|
write.HandleFunc("/admin", handler.Admin(handleViewAdminDash)).Methods("GET")
|
||||||
write.HandleFunc("/admin/users", handler.Admin(handleViewAdminUsers)).Methods("GET")
|
write.HandleFunc("/admin/users", handler.Admin(handleViewAdminUsers)).Methods("GET")
|
||||||
write.HandleFunc("/admin/user/{username}", handler.Admin(handleViewAdminUser)).Methods("GET")
|
write.HandleFunc("/admin/user/{username}", handler.Admin(handleViewAdminUser)).Methods("GET")
|
||||||
|
write.HandleFunc("/admin/user/{username}/delete", handler.Admin(handleAdminDeleteUser)).Methods("POST")
|
||||||
write.HandleFunc("/admin/pages", handler.Admin(handleViewAdminPages)).Methods("GET")
|
write.HandleFunc("/admin/pages", handler.Admin(handleViewAdminPages)).Methods("GET")
|
||||||
write.HandleFunc("/admin/page/{slug}", handler.Admin(handleViewAdminPage)).Methods("GET")
|
write.HandleFunc("/admin/page/{slug}", handler.Admin(handleViewAdminPage)).Methods("GET")
|
||||||
write.HandleFunc("/admin/update/config", handler.AdminApper(handleAdminUpdateConfig)).Methods("POST")
|
write.HandleFunc("/admin/update/config", handler.AdminApper(handleAdminUpdateConfig)).Methods("POST")
|
||||||
|
|
|
@ -4,6 +4,12 @@
|
||||||
<div class="snug content-container">
|
<div class="snug content-container">
|
||||||
{{template "admin-header" .}}
|
{{template "admin-header" .}}
|
||||||
|
|
||||||
|
<!-- TODO: if other use for flashes use patern like account_import.go -->
|
||||||
|
{{if .Flashes}}
|
||||||
|
<p class="alert success">
|
||||||
|
{{range .Flashes}}{{.}}{{end}}
|
||||||
|
</p>
|
||||||
|
{{end}}
|
||||||
<h2 id="posts-header" style="display: flex; justify-content: space-between;">Users <span style="font-style: italic; font-size: 0.75em;">{{.TotalUsers}} total</strong></h2>
|
<h2 id="posts-header" style="display: flex; justify-content: space-between;">Users <span style="font-style: italic; font-size: 0.75em;">{{.TotalUsers}} total</strong></h2>
|
||||||
|
|
||||||
<table class="classy export" style="width:100%">
|
<table class="classy export" style="width:100%">
|
||||||
|
|
|
@ -81,6 +81,18 @@ h3 {
|
||||||
{{end}}
|
{{end}}
|
||||||
</table>
|
</table>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
||||||
|
{{ if not .User.IsAdmin }}
|
||||||
|
<hr/>
|
||||||
|
<h2>Delete Account</h2>
|
||||||
|
<h3><strong>Danger Zone - This cannot be undone</strong></h3>
|
||||||
|
<p>This will delete the user {{.User.Username}} and all their blogs AND posts.</p>
|
||||||
|
<form action="/admin/user/{{.User.Username}}/delete" method="post">
|
||||||
|
<p>Type their username to confirm deletion.<p>
|
||||||
|
<input name="confirm-username" type="text" title="confirm username to delete" placeholder="confirm username">
|
||||||
|
<input class="danger" type="submit" value="DELETE">
|
||||||
|
</form>
|
||||||
|
{{end}}
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
{{template "footer" .}}
|
{{template "footer" .}}
|
||||||
|
|
Loading…
Reference in New Issue