usememos/memos
1
1
Fork 0
mirror of https://github.com/usememos/memos.git synced 2025-01-01 10:01:54 +08:00
Code Issues Projects Releases Packages Wiki Activity

chore: prevent archive/delete current user

Browse source
This commit is contained in:
Steven 2023-12-23 08:05:05 +08:00
parent 21874d0509
commit c267074851
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
api/v1/user.go
View file

@ -312,6 +312,9 @@ func (s *APIV1Service) DeleteUser(c echo.Context) error {
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("id"))).SetInternal(err)
}
if currentUserID == userID {
return echo.NewHTTPError(http.StatusBadRequest, "Cannot delete current user")
}
if err := s.Store.DeleteUser(ctx, &store.DeleteUser{
ID: userID,
@ -371,6 +374,9 @@ func (s *APIV1Service) UpdateUser(c echo.Context) error {
if request.RowStatus != nil {
rowStatus := store.RowStatus(request.RowStatus.String())
userUpdate.RowStatus = &rowStatus
if rowStatus == store.Archived && currentUserID == userID {
return echo.NewHTTPError(http.StatusBadRequest, "Cannot archive current user")
}
}
if request.Username != nil {
if !usernameMatcher.MatchString(strings.ToLower(*request.Username)) {