summaryrefslogtreecommitdiffstats
path: root/app/controllers/api
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2020-09-15 14:37:58 +0200
committerGitHub <noreply@github.com>2020-09-15 14:37:58 +0200
commited099d8bdc5b3d9e7df7ce5358441887e6bb7e48 (patch)
treee55ddfa97c0c9932e35c8ffd7cb59434084bd478 /app/controllers/api
parentbbcbf12215a5ec69362a769c1bae9c630eda0ed4 (diff)
Change account suspensions to be reversible by default (#14726)
Diffstat (limited to 'app/controllers/api')
-rw-r--r--app/controllers/api/base_controller.rb4
-rw-r--r--app/controllers/api/v1/admin/accounts_controller.rb9
2 files changed, 10 insertions, 3 deletions
diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb
index 4672255475f..e962c4e97f6 100644
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@@ -96,12 +96,12 @@ class Api::BaseController < ApplicationController
def require_user!
if !current_user
render json: { error: 'This method requires an authenticated user' }, status: 422
- elsif current_user.disabled?
- render json: { error: 'Your login is currently disabled' }, status: 403
elsif !current_user.confirmed?
render json: { error: 'Your login is missing a confirmed e-mail address' }, status: 403
elsif !current_user.approved?
render json: { error: 'Your login is currently pending approval' }, status: 403
+ elsif !current_user.functional?
+ render json: { error: 'Your login is currently disabled' }, status: 403
else
set_user_activity
end
diff --git a/app/controllers/api/v1/admin/accounts_controller.rb b/app/controllers/api/v1/admin/accounts_controller.rb
index 24c7fbef12f..3af572f25ef 100644
--- a/app/controllers/api/v1/admin/accounts_controller.rb
+++ b/app/controllers/api/v1/admin/accounts_controller.rb
@@ -58,7 +58,13 @@ class Api::V1::Admin::AccountsController < Api::BaseController
def reject
authorize @account.user, :reject?
- SuspendAccountService.new.call(@account, reserve_email: false, reserve_username: false)
+ DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
+ render json: @account, serializer: REST::Admin::AccountSerializer
+ end
+
+ def destroy
+ authorize @account, :destroy?
+ Admin::AccountDeletionWorker.perform_async(@account.id)
render json: @account, serializer: REST::Admin::AccountSerializer
end
@@ -72,6 +78,7 @@ class Api::V1::Admin::AccountsController < Api::BaseController
def unsuspend
authorize @account, :unsuspend?
@account.unsuspend!
+ Admin::UnsuspensionWorker.perform_async(@account.id)
log_action :unsuspend, @account
render json: @account, serializer: REST::Admin::AccountSerializer
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-30 10:22:02 +0000