@Summary Delete user @ID delete-user @Security CoderSessionToken @Tags Users @Param user path string true "User ID, name, or me" @Success 200 @Router /api/v2/users/{user} [delete]
(rw http.ResponseWriter, r *http.Request)
| 652 | // @Success 200 |
| 653 | // @Router /api/v2/users/{user} [delete] |
| 654 | func (api *API) deleteUser(rw http.ResponseWriter, r *http.Request) { |
| 655 | ctx := r.Context() |
| 656 | auditor := *api.Auditor.Load() |
| 657 | user := httpmw.UserParam(r) |
| 658 | auth := httpmw.UserAuthorization(r.Context()) |
| 659 | aReq, commitAudit := audit.InitRequest[database.User](rw, &audit.RequestParams{ |
| 660 | Audit: auditor, |
| 661 | Log: api.Logger, |
| 662 | Request: r, |
| 663 | Action: database.AuditActionDelete, |
| 664 | }) |
| 665 | aReq.Old = user |
| 666 | defer commitAudit() |
| 667 | |
| 668 | if auth.ID == user.ID.String() { |
| 669 | httpapi.Write(ctx, rw, http.StatusForbidden, codersdk.Response{ |
| 670 | Message: "You cannot delete yourself!", |
| 671 | }) |
| 672 | return |
| 673 | } |
| 674 | |
| 675 | // This query is ONLY done to get the workspace count, so we use a system |
| 676 | // context to return ALL workspaces. Not just workspaces the user can view. |
| 677 | // nolint:gocritic |
| 678 | workspaces, err := api.Database.GetWorkspaces(dbauthz.AsSystemRestricted(ctx), database.GetWorkspacesParams{ |
| 679 | OwnerID: user.ID, |
| 680 | }) |
| 681 | if err != nil { |
| 682 | httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{ |
| 683 | Message: "Internal error fetching workspaces.", |
| 684 | Detail: err.Error(), |
| 685 | }) |
| 686 | return |
| 687 | } |
| 688 | if len(workspaces) > 0 { |
| 689 | httpapi.Write(ctx, rw, http.StatusExpectationFailed, codersdk.Response{ |
| 690 | Message: "You cannot delete a user that has workspaces. Delete their workspaces and try again!", |
| 691 | }) |
| 692 | return |
| 693 | } |
| 694 | |
| 695 | err = api.Database.UpdateUserDeletedByID(ctx, user.ID) |
| 696 | if dbauthz.IsNotAuthorizedError(err) { |
| 697 | httpapi.Forbidden(rw) |
| 698 | return |
| 699 | } |
| 700 | if err != nil { |
| 701 | httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{ |
| 702 | Message: "Internal error deleting user.", |
| 703 | Detail: err.Error(), |
| 704 | }) |
| 705 | return |
| 706 | } |
| 707 | user.Deleted = true |
| 708 | aReq.New = user |
| 709 | |
| 710 | userAdmins, err := findUserAdmins(ctx, api.Database) |
| 711 | if err != nil { |
nothing calls this directly
no test coverage detected