web/auth: delete my user

2021-06-30 15:55:34 +02:00 · 2021-06-30 15:55:34 +02:00 · d888e27790
parent cc0baa3740
commit d888e27790
6 changed files with 82 additions and 4 deletions
--- a/web/auth/api_my_delete.go
+++ b/web/auth/api_my_delete.go
@ -0,0 +1,37 @@
+package auth
+
+import (
+	"net/http"
+
+	"dev.sum7.eu/genofire/golang-lib/web"
+	"github.com/gin-gonic/gin"
+)
+
+// @Summary Delete own User
+// @Description delete current loggedin user
+// @Tags auth
+// @Accept json
+// @Produce  json
+// @Success 200 {object} bool "true if deleted"
+// @Failure 401 {object} web.HTTPError
+// @Failure 500 {object} web.HTTPError
+// @Router /api/v1/my/profil [delete]
+// @Security ApiKeyAuth
+func init() {
+	web.ModuleRegister(func(r *gin.Engine, ws *web.Service) {
+		r.DELETE("/api/v1/my/profil", func(c *gin.Context) {
+			id, ok := GetCurrentUserID(c)
+			if !ok {
+				return
+			}
+			if err := ws.DB.Delete(&User{ID: id}).Error; err != nil {
+				c.JSON(http.StatusInternalServerError, web.HTTPError{
+					Message: web.APIErrorInternalDatabase,
+					Error:   err.Error(),
+				})
+				return
+			}
+			c.JSON(http.StatusOK, true)
+		})
+	})
+}
--- a/web/auth/api_my_delete_test.go
+++ b/web/auth/api_my_delete_test.go
@ -0,0 +1,41 @@
+package auth
+
+import (
+	"net/http"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+
+	"dev.sum7.eu/genofire/golang-lib/web"
+	"dev.sum7.eu/genofire/golang-lib/web/webtest"
+)
+
+func TestAPIDeleteMyProfil(t *testing.T) {
+	assert := assert.New(t)
+	s, err := webtest.New()
+	assert.NoError(err)
+	defer s.Close()
+	assert.NotNil(s)
+	SetupMigration(s.DB)
+	s.DB.MigrateTestdata()
+
+	hErr := web.HTTPError{}
+	// invalid
+	err = s.Request(http.MethodDelete, "/api/v1/my/profil", nil, http.StatusUnauthorized, &hErr)
+	assert.NoError(err)
+	assert.Equal(APIErrorNoSession, hErr.Message)
+
+	err = s.Login(webtest.Login{
+		Username: "admin",
+		Password: "CHANGEME",
+	})
+	assert.NoError(err)
+
+	res := false
+	// company
+	err = s.Request(http.MethodDelete, "/api/v1/my/profil", nil, http.StatusOK, &res)
+	assert.NoError(err)
+	assert.True(true)
+
+	s.DB.ReRun("10-data-0008-01-user")
+}
--- a/web/auth/api_my_password.go
+++ b/web/auth/api_my_password.go
--- a/web/auth/api_my_password_test.go
+++ b/web/auth/api_my_password_test.go
--- a/web/auth/api_my_status.go
+++ b/web/auth/api_my_status.go
@ -16,11 +16,11 @@ import (
 // @Success 200 {object} User
 // @Failure 401 {object} web.HTTPError
 // @Failure 500 {object} web.HTTPError
-// @Router /api/v1/auth/status [get]
+// @Router /api/v1/my/auth/status [get]
 // @Security ApiKeyAuth
 func init() {
 	web.ModuleRegister(func(r *gin.Engine, ws *web.Service) {
-		r.GET("/api/v1/auth/status", MiddlewareLogin(ws), func(c *gin.Context) {
+		r.GET("/api/v1/my/auth/status", MiddlewareLogin(ws), func(c *gin.Context) {
 			d, ok := GetCurrentUser(c, ws)
 			if ok {
 				c.JSON(http.StatusOK, d)
--- a/web/auth/api_my_status_test.go
+++ b/web/auth/api_my_status_test.go
@ -21,7 +21,7 @@ func TestAPIStatus(t *testing.T) {

 	hErr := web.HTTPError{}
 	// invalid
-	err = s.Request(http.MethodGet, "/api/v1/auth/status", nil, http.StatusUnauthorized, &hErr)
+	err = s.Request(http.MethodGet, "/api/v1/my/auth/status", nil, http.StatusUnauthorized, &hErr)
 	assert.NoError(err)
 	assert.Equal(APIErrorNoSession, hErr.Message)

@ -30,7 +30,7 @@ func TestAPIStatus(t *testing.T) {

 	obj := User{}
 	// invalid - user
-	err = s.Request(http.MethodGet, "/api/v1/auth/status", nil, http.StatusOK, &obj)
+	err = s.Request(http.MethodGet, "/api/v1/my/auth/status", nil, http.StatusOK, &obj)
 	assert.NoError(err)
 	assert.Equal("admin", obj.Username)