35 lines
951 B
Crystal
35 lines
951 B
Crystal
class AuthD::Request
|
|
IPC::JSON.message Delete, 8 do
|
|
# Deletion can be triggered by either an admin or the related user.
|
|
property user : UserID? = nil
|
|
|
|
def initialize(@user = nil)
|
|
end
|
|
|
|
def handle(authd : AuthD::Service, fd : Int32)
|
|
logged_user = authd.get_logged_user_full? fd
|
|
return Response::ErrorMustBeAuthenticated.new if logged_user.nil?
|
|
|
|
user_to_delete = if u = @user
|
|
logged_user.assert_permission("authd", "*", User::PermissionLevel::Admin)
|
|
authd.user? u
|
|
else
|
|
logged_user
|
|
end
|
|
return Response::ErrorUserNotFound.new if user_to_delete.nil?
|
|
|
|
# User or admin is now verified: let's proceed with the user deletion.
|
|
authd.users_per_login.delete user_to_delete.login
|
|
|
|
# If the current user is deleted, unlog!
|
|
if logged_user.uid == user_to_delete.uid
|
|
authd.close fd
|
|
authd.logged_users.delete fd
|
|
end
|
|
|
|
Response::UserDeleted.new user_to_delete.uid
|
|
end
|
|
end
|
|
AuthD.requests << Delete
|
|
end
|