MCPcopy Index your code
hub / github.com/coder/coder / deleteUser

Method deleteUser

coderd/users.go:654–747  ·  view source on GitHub ↗

@Summary Delete user @ID delete-user @Security CoderSessionToken @Tags Users @Param user path string true "User ID, name, or me" @Success 200 @Router /api/v2/users/{user} [delete]

(rw http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

652// @Success 200
653// @Router /api/v2/users/{user} [delete]
654func (api *API) deleteUser(rw http.ResponseWriter, r *http.Request) {
655 ctx := r.Context()
656 auditor := *api.Auditor.Load()
657 user := httpmw.UserParam(r)
658 auth := httpmw.UserAuthorization(r.Context())
659 aReq, commitAudit := audit.InitRequest[database.User](rw, &audit.RequestParams{
660 Audit: auditor,
661 Log: api.Logger,
662 Request: r,
663 Action: database.AuditActionDelete,
664 })
665 aReq.Old = user
666 defer commitAudit()
667
668 if auth.ID == user.ID.String() {
669 httpapi.Write(ctx, rw, http.StatusForbidden, codersdk.Response{
670 Message: "You cannot delete yourself!",
671 })
672 return
673 }
674
675 // This query is ONLY done to get the workspace count, so we use a system
676 // context to return ALL workspaces. Not just workspaces the user can view.
677 // nolint:gocritic
678 workspaces, err := api.Database.GetWorkspaces(dbauthz.AsSystemRestricted(ctx), database.GetWorkspacesParams{
679 OwnerID: user.ID,
680 })
681 if err != nil {
682 httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
683 Message: "Internal error fetching workspaces.",
684 Detail: err.Error(),
685 })
686 return
687 }
688 if len(workspaces) > 0 {
689 httpapi.Write(ctx, rw, http.StatusExpectationFailed, codersdk.Response{
690 Message: "You cannot delete a user that has workspaces. Delete their workspaces and try again!",
691 })
692 return
693 }
694
695 err = api.Database.UpdateUserDeletedByID(ctx, user.ID)
696 if dbauthz.IsNotAuthorizedError(err) {
697 httpapi.Forbidden(rw)
698 return
699 }
700 if err != nil {
701 httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
702 Message: "Internal error deleting user.",
703 Detail: err.Error(),
704 })
705 return
706 }
707 user.Deleted = true
708 aReq.New = user
709
710 userAdmins, err := findUserAdmins(ctx, api.Database)
711 if err != nil {

Callers

nothing calls this directly

Calls 15

UserParamFunction · 0.92
UserAuthorizationFunction · 0.92
InitRequestFunction · 0.92
WriteFunction · 0.92
AsSystemRestrictedFunction · 0.92
IsNotAuthorizedErrorFunction · 0.92
ForbiddenFunction · 0.92
APIKeyFunction · 0.92
AsNotifierFunction · 0.92
findUserAdminsFunction · 0.85
ContextMethod · 0.65
GetWorkspacesMethod · 0.65

Tested by

no test coverage detected