Delete snippets when banning and prevent banned users from logging in
This commit is contained in:
parent
822a489c09
commit
319b1a05b9
|
@ -345,6 +345,10 @@ func AdminApprovalQueueSubmit(c *RequestContext) ResponseData {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to delete spammer's projects"))
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to delete spammer's projects"))
|
||||||
}
|
}
|
||||||
|
err = deleteAllSnippetsForUser(c, c.Conn, user.ID)
|
||||||
|
if err != nil {
|
||||||
|
return c.ErrorResponse(http.StatusInternalServerError, oops.New(err, "failed to delete spammer's snippets"))
|
||||||
|
}
|
||||||
whatHappened = fmt.Sprintf("%s banned successfully", user.Username)
|
whatHappened = fmt.Sprintf("%s banned successfully", user.Username)
|
||||||
} else {
|
} else {
|
||||||
whatHappened = fmt.Sprintf("Unrecognized action: %s", action)
|
whatHappened = fmt.Sprintf("Unrecognized action: %s", action)
|
||||||
|
@ -537,3 +541,17 @@ func deleteAllProjectsForUser(ctx context.Context, conn *pgxpool.Pool, userId in
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func deleteAllSnippetsForUser(ctx context.Context, conn *pgxpool.Pool, userId int) error {
|
||||||
|
_, err := conn.Exec(ctx,
|
||||||
|
`
|
||||||
|
DELETE FROM snippet
|
||||||
|
WHERE owner_id = $1
|
||||||
|
`,
|
||||||
|
userId,
|
||||||
|
)
|
||||||
|
if err != nil {
|
||||||
|
return oops.New(err, "failed to delete snippets for user")
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
|
@ -471,7 +471,7 @@ func RequestPasswordResetSubmit(c *RequestContext) ResponseData {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if user != nil {
|
if user != nil && user.Status != models.UserStatusBanned {
|
||||||
c.Perf.StartBlock("SQL", "Fetching existing token")
|
c.Perf.StartBlock("SQL", "Fetching existing token")
|
||||||
resetToken, err := db.QueryOne[models.OneTimeToken](c, c.Conn,
|
resetToken, err := db.QueryOne[models.OneTimeToken](c, c.Conn,
|
||||||
`
|
`
|
||||||
|
@ -679,6 +679,10 @@ func DoPasswordResetSubmit(c *RequestContext) ResponseData {
|
||||||
}
|
}
|
||||||
|
|
||||||
func tryLogin(c *RequestContext, user *models.User, password string) (bool, error) {
|
func tryLogin(c *RequestContext, user *models.User, password string) (bool, error) {
|
||||||
|
if user.Status == models.UserStatusBanned {
|
||||||
|
return false, nil
|
||||||
|
}
|
||||||
|
|
||||||
c.Perf.StartBlock("AUTH", "Checking password")
|
c.Perf.StartBlock("AUTH", "Checking password")
|
||||||
defer c.Perf.EndBlock()
|
defer c.Perf.EndBlock()
|
||||||
hashed, err := auth.ParsePasswordString(user.Password)
|
hashed, err := auth.ParsePasswordString(user.Password)
|
||||||
|
|
Loading…
Reference in New Issue