Permalink
Browse files

Add a user remove admin api endpoint

  • Loading branch information...
1 parent 1dc7df7 commit 3ac907f7fa85412562452eb575c7fcdd6d53dad0 @mitechie committed Sep 2, 2012
Showing with 84 additions and 6 deletions.
  1. +4 −0 bookie/routes.py
  2. +45 −0 bookie/views/api.py
  3. +35 −6 docs/api.rst
View
@@ -173,6 +173,10 @@ def build_routes(config):
"api_admin_new_user",
"/api/v1/a/users/add",
request_method="POST")
+ config.add_route(
+ "api_admin_del_user",
+ "/api/v1/a/users/delete/{username}",
+ request_method="DELETE")
# these are single word matching, they must be after /recent /popular etc
config.add_route("user_home", "{username}")
View
@@ -989,3 +989,48 @@ def new_user(request):
return {
'error': 'Bad Request: User exists.',
}
+
+@view_config(route_name="api_admin_del_user", renderer="json")
+@api_auth('api_key', UserMgr.get, admin_only=True)
+def del_user(request):
+ """Remove a bad user from the system via the api.
+
+ For admin use only.
+
+ """
+ mdict = request.matchdict
+
+ # Submit a username.
+ del_username = mdict.get('username', None)
+
+ if del_username is None:
+ LOG.error('No username to remove.')
+ request.response.status_int = 400
+ return {
+ 'error': 'Bad Request: No username to remove.',
+ }
+
+ u = UserMgr.get(username=del_username)
+
+ if not u:
+ LOG.error('Username not found.')
+ request.response.status_int = 404
+ return {
+ 'error': 'User not found.',
+ }
+
+ try:
+ DBSession.delete(u.activation)
+ DBSession.delete(u)
+ return {
+ 'success': True,
+ 'message': 'Removed user: ' + del_username
+ }
+ except Exception, exc:
+ # There might be cascade issues or something that causes us to fail in
+ # removing.
+ LOG.error(exc)
+ request.response.status_int = 500
+ return {
+ 'error': 'Bad Request: ' + str(exc)
+ }
View
@@ -1284,12 +1284,41 @@ Example
'username': 'test',
})
>>>{
- "username": "admin",
- "email": "test@dummy.com",
- "id": 11,
- "random_pass": "blah123",
- ...
- }
+ "username": "admin",
+ "email": "test@dummy.com",
+ "id": 11,
+ "random_pass": "blah123",
+ ...
+ }
+
+/a/users/delete/:username
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+Usage
+'''''
+*DELETE* `/api/v1/a/users/delete/:username`
+
+Admin endpoint to remove a user from the system.
+
+Currently meant for bad new user accounts that removes activation and user
+account. Does not reach into bmarks/tags.
+
+:query param: api_key *required* - the api key for your account to make the call with
+
+Status Codes
+''''''''''''''
+:success 200: If successful a "200 OK" will be returned
+
+Example
+'''''''
+::
+
+ requests.post('http://127.0.0.1:6543/api/v1/a/users/delete/admin?api_key=12345...')
+ >>>{
+ "success": true,
+ "message": "Removed user: admin"
+ }
+
+
/admin/log

0 comments on commit 3ac907f

Please sign in to comment.