Destroy access tokens before destroying users and word-smith method names

This commit is contained in:
Nathan Sobo 2021-12-25 17:46:02 -07:00
parent b949b30f24
commit 63238a2938
3 changed files with 13 additions and 7 deletions

View file

@ -105,13 +105,13 @@ async fn put_user(mut request: Request) -> tide::Result {
async fn delete_user(request: Request) -> tide::Result {
request.require_admin().await?;
let user_id = db::UserId(request.param("id")?.parse()?);
request.db().delete_user(user_id).await?;
request.db().destroy_user(user_id).await?;
Ok(tide::Redirect::new("/admin").into())
}
async fn delete_signup(request: Request) -> tide::Result {
request.require_admin().await?;
let signup_id = db::SignupId(request.param("id")?.parse()?);
request.db().delete_signup(signup_id).await?;
request.db().destroy_signup(signup_id).await?;
Ok(tide::Redirect::new("/admin").into())
}

View file

@ -9,7 +9,7 @@ pub fn add_routes(app: &mut tide::Server<Arc<AppState>>) {
app.at("/users").get(get_users);
app.at("/users").post(create_user);
app.at("/users/:id").put(update_user);
app.at("/users/:id").delete(delete_user);
app.at("/users/:id").delete(destroy_user);
app.at("/users/:github_login").get(get_user);
app.at("/users/:github_login/access_tokens")
.post(create_access_token);
@ -89,7 +89,7 @@ async fn update_user(mut request: Request) -> tide::Result {
Ok(tide::Response::builder(StatusCode::Ok).build())
}
async fn delete_user(request: Request) -> tide::Result {
async fn destroy_user(request: Request) -> tide::Result {
request.require_token().await?;
let user_id = UserId(
request
@ -98,7 +98,7 @@ async fn delete_user(request: Request) -> tide::Result {
.map_err(|error| surf::Error::from_str(StatusCode::BadRequest, error.to_string()))?,
);
request.db().delete_user(user_id).await?;
request.db().destroy_user(user_id).await?;
Ok(tide::Response::builder(StatusCode::Ok).build())
}

View file

@ -84,7 +84,7 @@ impl Db {
})
}
pub async fn delete_signup(&self, id: SignupId) -> Result<()> {
pub async fn destroy_signup(&self, id: SignupId) -> Result<()> {
test_support!(self, {
let query = "DELETE FROM signups WHERE id = $1";
sqlx::query(query)
@ -164,8 +164,14 @@ impl Db {
})
}
pub async fn delete_user(&self, id: UserId) -> Result<()> {
pub async fn destroy_user(&self, id: UserId) -> Result<()> {
test_support!(self, {
let query = "DELETE FROM access_tokens WHERE user_id = $1;";
sqlx::query(query)
.bind(id.0)
.execute(&self.pool)
.await
.map(drop)?;
let query = "DELETE FROM users WHERE id = $1;";
sqlx::query(query)
.bind(id.0)