diff --git a/src/controllers/admin/admin_users_controller.rs b/src/controllers/admin/admin_users_controller.rs index c25155d..de24915 100644 --- a/src/controllers/admin/admin_users_controller.rs +++ b/src/controllers/admin/admin_users_controller.rs @@ -104,3 +104,24 @@ pub async fn create_password_reset_link(r: &mut HttpRequestHandler) -> RequestRe r.set_response(AdminCreatedPasswordResetLinkApi::new(reset_link)) } + +/// Delete a user account +pub async fn delete_user_account(r: &mut HttpRequestHandler) -> RequestResult { + r.check_admin_has_role(AdminRole::MANAGE_USERS)?; + + let user_id = r.post_user_id("user_id")?; + let user = user_helper::find_user_by_id(&user_id)?; + + log_admin_action( + r.admin_id()?, + &r.remote_ip(), + AdminAction::DeleteUserAccount { + user_id, + user_name: user.full_name(), + }, + )?; + + account_helper::delete(&user_id).await?; + + r.ok() +} diff --git a/src/data/admin_action_log.rs b/src/data/admin_action_log.rs index bcac6c0..6f2ef0b 100644 --- a/src/data/admin_action_log.rs +++ b/src/data/admin_action_log.rs @@ -55,6 +55,10 @@ pub enum AdminAction { user_id: UserID, user_name: String, }, + DeleteUserAccount { + user_id: UserID, + user_name: String, + }, UnsupportedAction { raw_data: String, }, @@ -98,6 +102,9 @@ impl AdminAction { AdminAction::CreatePasswordRecoveryLink { .. } => { "Created a password recovery link for user #{user_id} '{user_name}'." } + AdminAction::DeleteUserAccount { .. } => + { "Deleted user account #{user_id} of '{user_name}'." } + AdminAction::UnsupportedAction { .. } => { "Unsupported action. Raw data: {raw_data}" } } } diff --git a/src/routes.rs b/src/routes.rs index b657245..662f8cb 100644 --- a/src/routes.rs +++ b/src/routes.rs @@ -1401,5 +1401,13 @@ pub async fn find_route( admin_users_controller::create_password_reset_link ); + route!( + req_uri, + call, + ADMIN_POST_LOGIN, + "/admin/users/delete_account", + admin_users_controller::delete_user_account + ); + (None, None) }