From 63238a293898f5709067cfdcabd3ce1d00601754 Mon Sep 17 00:00:00 2001 From: Nathan Sobo Date: Sat, 25 Dec 2021 17:46:02 -0700 Subject: [PATCH] Destroy access tokens before destroying users and word-smith method names --- crates/server/src/admin.rs | 4 ++-- crates/server/src/api.rs | 6 +++--- crates/server/src/db.rs | 10 ++++++++-- 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/crates/server/src/admin.rs b/crates/server/src/admin.rs index 90c74ca7a4..62e518ee6e 100644 --- a/crates/server/src/admin.rs +++ b/crates/server/src/admin.rs @@ -105,13 +105,13 @@ async fn put_user(mut request: Request) -> tide::Result { async fn delete_user(request: Request) -> tide::Result { request.require_admin().await?; let user_id = db::UserId(request.param("id")?.parse()?); - request.db().delete_user(user_id).await?; + request.db().destroy_user(user_id).await?; Ok(tide::Redirect::new("/admin").into()) } async fn delete_signup(request: Request) -> tide::Result { request.require_admin().await?; let signup_id = db::SignupId(request.param("id")?.parse()?); - request.db().delete_signup(signup_id).await?; + request.db().destroy_signup(signup_id).await?; Ok(tide::Redirect::new("/admin").into()) } diff --git a/crates/server/src/api.rs b/crates/server/src/api.rs index a4e24083a3..0999a28d90 100644 --- a/crates/server/src/api.rs +++ b/crates/server/src/api.rs @@ -9,7 +9,7 @@ pub fn add_routes(app: &mut tide::Server>) { app.at("/users").get(get_users); app.at("/users").post(create_user); app.at("/users/:id").put(update_user); - app.at("/users/:id").delete(delete_user); + app.at("/users/:id").delete(destroy_user); app.at("/users/:github_login").get(get_user); app.at("/users/:github_login/access_tokens") .post(create_access_token); @@ -89,7 +89,7 @@ async fn update_user(mut request: Request) -> tide::Result { Ok(tide::Response::builder(StatusCode::Ok).build()) } -async fn delete_user(request: Request) -> tide::Result { +async fn destroy_user(request: Request) -> tide::Result { request.require_token().await?; let user_id = UserId( request @@ -98,7 +98,7 @@ async fn delete_user(request: Request) -> tide::Result { .map_err(|error| surf::Error::from_str(StatusCode::BadRequest, error.to_string()))?, ); - request.db().delete_user(user_id).await?; + request.db().destroy_user(user_id).await?; Ok(tide::Response::builder(StatusCode::Ok).build()) } diff --git a/crates/server/src/db.rs b/crates/server/src/db.rs index e8a1023a92..f71f40efd0 100644 --- a/crates/server/src/db.rs +++ b/crates/server/src/db.rs @@ -84,7 +84,7 @@ impl Db { }) } - pub async fn delete_signup(&self, id: SignupId) -> Result<()> { + pub async fn destroy_signup(&self, id: SignupId) -> Result<()> { test_support!(self, { let query = "DELETE FROM signups WHERE id = $1"; sqlx::query(query) @@ -164,8 +164,14 @@ impl Db { }) } - pub async fn delete_user(&self, id: UserId) -> Result<()> { + pub async fn destroy_user(&self, id: UserId) -> Result<()> { test_support!(self, { + let query = "DELETE FROM access_tokens WHERE user_id = $1;"; + sqlx::query(query) + .bind(id.0) + .execute(&self.pool) + .await + .map(drop)?; let query = "DELETE FROM users WHERE id = $1;"; sqlx::query(query) .bind(id.0)