Closes #27

backend/core/Logging/errorcodes/Login_codes.json

@@ -53,7 +53,7 @@
       "002" : [1, "Authkey is not passed. Not logged in."],
       "003" : [1, "TOTP mobile is not passed. Not logged in."],
       "004" : [2, "Unknown error regarding authkey or totp mobile pass check. Please open a github issue."],
-      "005" : [2, "An error occured."],
+      "005" : [2, "No data has been found on the database."],
       "006" : [1, "Currently not logged in."],
       "007" : [1, "No active session found."]
     },

backend/core/Logging/errorcodes/Users_codes.json

@@ -17,7 +17,8 @@
     "sendInvitationMail" : "015",
     "requestUserPasswordReset" : "016",
     "checkResetLinkValid" : "017",
-    "resetPassword" : "018"
+    "resetPassword" : "018",
+    "removeDisabledUser" : "019"
   },
   "errormessages" : {
     "savePersonalInfo" : {
@@ -93,6 +94,13 @@
     "resetPassword" : {
       "001" : [1, "Could not reset user password, maybe the key is not valid anymore. Please try again."],
       "002" : [2, "An error occured."]
+    },
+    "removeDisabledUser" : {
+      "001" : [1, "This user seems not to be disabled. Please disable first."],
+      "002" : [2, "An error occured."],
+      "003" : [1, "You cannot remove yourself."],
+      "004" : [1, "You cannot remove the admin user."],
+      "005" : [1, "Not all data stated."]
     }
   }
 }

backend/core/Users/Users_Api.php

@@ -8,9 +8,9 @@
 
   /**
    * The Users_Api class handles the user creation and editing specific functions.
-   * @version 0.1.1
+   * @version 0.2
    * @author OLED1 - Oliver Edtmair
-   * @since 0.1.0
+   * @since 0.1
    * @copyright Copyright (c) 2021, Oliver Edtmair (OLED1), Luca Austelat (lucaust)
    */
   class Users_Api{
@@ -203,6 +203,43 @@ public function disableUser(array $data, array $loginData = NULL): array
       }
     }
 
+    /**
+     * Remove a disabled user from database
+     * Function made for: Web(App)client
+     * Available since: 0.2.alpha
+     * @throws Exception $e       Throws an exception on db errors.
+     * @param array $data         { "userID" : "The user's db id" }
+     * @param array $loginData    No logindata needed to use this function.
+     * @return array              {"status": [0|>0], "message": "[Success-/Warning-/Errormessage]", "data": {[The id which was disabled.]} }
+     */
+    public function removeDisabledUser(array $data, array $loginData = NULL): array
+    {
+      if(array_key_exists("userID", $data)){
+        if($loginData["userid"] != $data["userID"] && $data["userID"] > 1){
+          try{
+            $sql = $this->db_api->execute("SELECT count(*) AS count FROM users WHERE id = ? AND enabled = ?", array($data["userID"], 0));
+            $count = $sql->fetchAll(\PDO::FETCH_ASSOC);
+
+            if(array_key_exists("0", $count) && array_key_exists("count", $count[0])){
+              $sql = $this->db_api->execute("DELETE FROM users WHERE id = ? AND enabled = ? AND id > 1", array($data["userID"], 0));
+
+              return array("status" => 0, "message" => "Successfully removed user with id {$data["userID"]}.", "data" => ["id" => $data["userID"]]);
+            }else{
+              return $this->logging_api->getErrormessage("001");
+            }
+          }catch(\Exception $e){
+            return $this->logging_api->getErrormessage("002", $e);
+          }
+
+        }else{
+          if($loginData["userid"] != $data["userID"]) return $this->logging_api->getErrormessage("003");
+          if($$data["userID"] == 1) return $this->logging_api->getErrormessage("004");
+        }
+      }else{
+        return $this->logging_api->getErrormessage("005");
+      }
+    }
+
     /**
      * Enables an existing system user.
      * Function made for: Web(App)client