feat: implement admin account deletion endpoint

This commit is contained in:
ispik
2026-04-12 14:49:41 +03:00
parent 5e98a01624
commit 9a67cb139c
2 changed files with 69 additions and 0 deletions

View File

@@ -268,4 +268,20 @@ impl Database {
Ok(())
}
pub async fn delete_authifier_account(&self, user_id: &str) -> Result<()> {
let auth = self.clone().to_authifier().await;
let mut account = auth
.database
.find_account(user_id)
.await
.map_err(|_| create_database_error!("find_account", "accounts"))?;
account
.schedule_deletion(&auth)
.await
.map_err(|_| create_database_error!("schedule_deletion", "accounts"))?;
Ok(())
}
}

View File

@@ -0,0 +1,53 @@
use crate::routes::admin::util::{
create_audit_action, flatten_authorized_user, user_has_permission,
};
use revolt_database::{util::reference::Reference, AdminAuthorization, Database};
use revolt_models::v0;
use revolt_result::{create_error, Result};
use rocket::State;
use rocket_empty::EmptyResponse;
/// Delete an account. Requires ManageAccounts permissions
#[openapi(tag = "Admin")]
#[delete("/accounts/<id>?<case>")]
pub async fn admin_account_delete(
db: &State<Database>,
auth: AdminAuthorization,
id: Reference<'_>,
case: Option<&str>,
) -> Result<EmptyResponse> {
let user = flatten_authorized_user(&auth);
if !user_has_permission(user, v0::AdminUserPermissionFlags::ManageAccounts) {
return Err(create_error!(MissingPermission {
permission: "ManageAccounts".to_string()
}));
}
let target = id.as_user(db).await?;
if target.privileged {
return Err(create_error!(PrivilegedAccount));
}
let admin = db.admin_user_fetch(&target.id).await.ok();
if let Some(admin) = admin {
if user_has_permission(&admin, v0::AdminUserPermissionFlags::ManageAccounts) {
return Err(create_error!(PrivilegedAccount));
}
}
db.delete_authifier_account(&target.id).await?;
create_audit_action(
db,
&user.id,
v0::AdminAuditItemActions::DeleteAccount,
case,
Some(id.id),
None,
)
.await?;
Ok(EmptyResponse)
}