From d3ace8ff17c8a829c211527f7076da692b5f90f3 Mon Sep 17 00:00:00 2001 From: grossmj Date: Mon, 26 Apr 2021 16:21:16 +0930 Subject: [PATCH] Fix user delete endpoint. --- gns3server/api/routes/controller/users.py | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/gns3server/api/routes/controller/users.py b/gns3server/api/routes/controller/users.py index c830c8b5..4e9161b0 100644 --- a/gns3server/api/routes/controller/users.py +++ b/gns3server/api/routes/controller/users.py @@ -153,22 +153,29 @@ async def update_user( return user -@router.delete("/{user_id}", status_code=status.HTTP_204_NO_CONTENT) +@router.delete( + "/{user_id}", + dependencies=[Depends(get_current_active_user)], + status_code=status.HTTP_204_NO_CONTENT +) async def delete_user( user_id: UUID, users_repo: UsersRepository = Depends(get_repository(UsersRepository)), - current_user: schemas.User = Depends(get_current_active_user), ) -> None: """ Delete an user. """ - if current_user.is_superadmin: + user = await users_repo.get_user(user_id) + if not user: + raise ControllerNotFoundError(f"User '{user_id}' not found") + + if user.is_superadmin: raise ControllerForbiddenError("The super admin cannot be deleted") success = await users_repo.delete_user(user_id) if not success: - raise ControllerNotFoundError(f"User '{user_id}' not found") + raise ControllerNotFoundError(f"User '{user_id}' could not be deleted") @router.get("/me/", response_model=schemas.User)