MCPcopy Index your code
hub / github.com/coder/coder / deleteOrganizationMember

Method deleteOrganizationMember

coderd/members.go:101–147  ·  view source on GitHub ↗

@Summary Remove organization member @ID remove-organization-member @Security CoderSessionToken @Tags Members @Param organization path string true "Organization ID" @Param user path string true "User ID, name, or me" @Success 204 @Router /api/v2/organizations/{organization}/members/{user} [delete]

(rw http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

99// @Success 204
100// @Router /api/v2/organizations/{organization}/members/{user} [delete]
101func (api *API) deleteOrganizationMember(rw http.ResponseWriter, r *http.Request) {
102 var (
103 ctx = r.Context()
104 apiKey = httpmw.APIKey(r)
105 organization = httpmw.OrganizationParam(r)
106 member = httpmw.OrganizationMemberParam(r)
107 auditor = api.Auditor.Load()
108 aReq, commitAudit = audit.InitRequest[database.AuditableOrganizationMember](rw, &audit.RequestParams{
109 OrganizationID: organization.ID,
110 Audit: *auditor,
111 Log: api.Logger,
112 Request: r,
113 Action: database.AuditActionDelete,
114 })
115 )
116 aReq.Old = member.OrganizationMember.Auditable(member.Username)
117 defer commitAudit()
118
119 // Note: we disallow adding OIDC users if organization sync is enabled.
120 // For removing members, do not have this same enforcement. As long as a user
121 // does not re-login, they will not be immediately removed from the organization.
122 // There might be an urgent need to revoke access.
123 // A user can re-login if they are removed in error.
124 // If we add a feature to force logout a user, then we can prevent manual
125 // member removal when organization sync is enabled, and use force logout instead.
126
127 if member.UserID == apiKey.UserID {
128 httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{Message: "cannot remove self from an organization"})
129 return
130 }
131
132 err := api.Database.DeleteOrganizationMember(ctx, database.DeleteOrganizationMemberParams{
133 OrganizationID: organization.ID,
134 UserID: member.UserID,
135 })
136 if httpapi.Is404Error(err) {
137 httpapi.ResourceNotFound(rw)
138 return
139 }
140 if err != nil {
141 httpapi.InternalServerError(rw, err)
142 return
143 }
144
145 aReq.New = database.AuditableOrganizationMember{}
146 rw.WriteHeader(http.StatusNoContent)
147}
148
149// @Summary Get organization member
150// @ID get-organization-member

Callers

nothing calls this directly

Calls 13

APIKeyFunction · 0.92
OrganizationParamFunction · 0.92
OrganizationMemberParamFunction · 0.92
InitRequestFunction · 0.92
WriteFunction · 0.92
Is404ErrorFunction · 0.92
ResourceNotFoundFunction · 0.92
InternalServerErrorFunction · 0.92
ContextMethod · 0.65
LoadMethod · 0.45
AuditableMethod · 0.45

Tested by

no test coverage detected