feat(otter): add working user removal route

2025-08-29 14:18:33 +02:00 · 2025-08-29 14:18:33 +02:00 · 5017bd1c5f
parent b946e1ce98
commit 5017bd1c5f
4 changed files with 35 additions and 0 deletions
--- a/gpodder/src/repository/admin.rs
+++ b/gpodder/src/repository/admin.rs
@ -14,4 +14,8 @@ impl<'a> AdminRepository<'a> {
    ) -> Result<Vec<models::User>, AuthErr> {
        self.store.paginated_users(page, filter)
    }
    pub fn remove_user(&self, id: i64) -> Result<bool, AuthErr> {
        self.store.remove_user(id)
    }
 }
--- a/gpodder/src/store.rs
+++ b/gpodder/src/store.rs
@ -54,6 +54,9 @@ pub trait GpodderAuthStore {
    /// Update the user with the included ID with the new values
    fn update_user(&self, user: User) -> Result<User, AuthErr>;
    /// Remove the user with the given ID
    fn remove_user(&self, id: i64) -> Result<bool, AuthErr>;
    /// Create a new session for a user with the given session ID
    ///
    /// The `last_seen` timestamp's precision should be at least accurate to the second
--- a/gpodder_sqlite/src/repository/auth.rs
+++ b/gpodder_sqlite/src/repository/auth.rs
@ -81,6 +81,16 @@ impl gpodder::GpodderAuthStore for SqliteRepository {
            .map_err(DbError::from)?)
    }
    fn remove_user(&self, id: i64) -> Result<bool, AuthErr> {
        let conn = &mut self.pool.get().map_err(DbError::from)?;
        match diesel::delete(users::table.filter(users::id.eq(id))).execute(conn) {
            Ok(0) => Ok(false),
            Ok(_) => Ok(true),
            Err(err) => Err(DbError::from(err).into()),
        }
    }
    fn get_session(&self, session_id: i64) -> Result<Option<gpodder::models::Session>, AuthErr> {
        match sessions::table
            .inner_join(users::table)
--- a/otter/src/server/web/users.rs
+++ b/otter/src/server/web/users.rs
@ -17,6 +17,7 @@ use crate::{
 pub fn router(ctx: Context) -> Router<Context> {
    Router::new()
        .route("/users", get(get_users))
        .route("/users/{id}", delete(delete_user))
        .route_layer(axum::middleware::from_fn_with_state(
            ctx.clone(),
            super::auth::auth_web_middleware,
@ -70,3 +71,20 @@ async fn get_users(
        .authenticated(true)
        .response(&ctx.tera))
 }
 async fn delete_user(
    State(ctx): State<Context>,
    Extension(session): Extension<gpodder::Session>,
    Path(id): Path<i64>,
 ) -> AppResult<()> {
    let deleted =
        tokio::task::spawn_blocking(move || ctx.store.admin(&session.user)?.remove_user(id))
            .await
            .unwrap()?;
    if deleted {
        Ok(())
    } else {
        Err(AppError::NotFound)
    }
 }