Delete snippets when banning and prevent banned users from logging in

2022-08-09 12:57:12 +03:00 · 2022-08-09 12:57:12 +03:00 · 319b1a05b9
parent 822a489c09
commit 319b1a05b9
2 changed files with 23 additions and 1 deletions
--- a/src/website/admin.go
+++ b/src/website/admin.go
@ -345,6 +345,10 @@ func AdminApprovalQueueSubmit(c *RequestContext) ResponseData {
 		if err != nil {
 			return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to delete spammer's projects"))
 		}
+		err = deleteAllSnippetsForUser(c, c.Conn, user.ID)
+		if err != nil {
+			return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to delete spammer's snippets"))
+		}
 		whatHappened = fmt.Sprintf("%s banned successfully", user.Username)
 	} else {
 		whatHappened = fmt.Sprintf("Unrecognized action: %s", action)
@ -537,3 +541,17 @@ func deleteAllProjectsForUser(ctx context.Context, conn *pgxpool.Pool, userId in

 	return nil
 }
+
+func deleteAllSnippetsForUser(ctx context.Context, conn *pgxpool.Pool, userId int) error {
+	_, err := conn.Exec(ctx,
+		`
+		DELETE FROM snippet
+		WHERE owner_id = $1
+		`,
+		userId,
+	)
+	if err != nil {
+		return oops.New(err, "failed to delete snippets for user")
+	}
+	return nil
+}
--- a/src/website/auth.go
+++ b/src/website/auth.go
@ -471,7 +471,7 @@ func RequestPasswordResetSubmit(c *RequestContext) ResponseData {
 		}
 	}

-	if user != nil {
+	if user != nil && user.Status != models.UserStatusBanned {
 		c.Perf.StartBlock("SQL", "Fetching existing token")
 		resetToken, err := db.QueryOne[models.OneTimeToken](c, c.Conn,
 			`
@ -679,6 +679,10 @@ func DoPasswordResetSubmit(c *RequestContext) ResponseData {
 }

 func tryLogin(c *RequestContext, user *models.User, password string) (bool, error) {
+	if user.Status == models.UserStatusBanned {
+		return false, nil
+	}
+
 	c.Perf.StartBlock("AUTH", "Checking password")
 	defer c.Perf.EndBlock()
 	hashed, err := auth.ParsePasswordString(user.Password)