homeburger/agologum
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

prevent self user deletion
All checks were successful
Build and Deploy API / build-and-deploy (push) Successful in 8s
Details

Browse Source
This commit is contained in:
Blitblank
2026-04-22 21:08:02 -05:00
parent 4f60336a37
commit 68685e6398
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
api/src/Controllers/UsersController.cs
View File

@@ -6,6 +6,8 @@
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using System.Security.Claims;
using Microsoft.AspNetCore.Identity;
using agologumApi.Models; using agologumApi.Models;
using agologumApi.Services; using agologumApi.Services;
@@ -64,12 +66,13 @@ public class UsersController : ControllerBase {
[HttpDelete("{id}")] [HttpDelete("{id}")]
public async Task<ActionResult> deleteUser(string id) { public async Task<ActionResult> deleteUser(string id) {
var userId = User.FindFirstValue(ClaimTypes.NameIdentifier);
if(userId == id) return BadRequest(); // dont allow deletion of yourself
var success = await service_.Delete(id); var success = await service_.Delete(id);
if (!success) return NotFound(); if (!success) return NotFound();
// TODO: set safeguard to no delete the current user
return NoContent(); return NoContent();
} }