Add a user remove admin api endpoint

mitechie · Sep 2, 2012 · 3ac907f · 3ac907f
1 parent 1dc7df7
commit 3ac907f
Show file tree

Hide file tree

Showing 3 changed files with 84 additions and 6 deletions.
diff --git a/bookie/routes.py b/bookie/routes.py
@@ -173,6 +173,10 @@ def build_routes(config):
         "api_admin_new_user",
         "/api/v1/a/users/add",
         request_method="POST")
+    config.add_route(
+        "api_admin_del_user",
+        "/api/v1/a/users/delete/{username}",
+        request_method="DELETE")
 
     # these are single word matching, they must be after /recent /popular etc
     config.add_route("user_home", "{username}")

diff --git a/bookie/views/api.py b/bookie/views/api.py
@@ -989,3 +989,48 @@ def new_user(request):
         return {
             'error': 'Bad Request: User exists.',
          }
+
+@view_config(route_name="api_admin_del_user", renderer="json")
+@api_auth('api_key', UserMgr.get, admin_only=True)
+def del_user(request):
+    """Remove a bad user from the system via the api.
+
+    For admin use only.
+
+    """
+    mdict = request.matchdict
+
+    # Submit a username.
+    del_username = mdict.get('username', None)
+
+    if del_username is None:
+        LOG.error('No username to remove.')
+        request.response.status_int = 400
+        return {
+            'error': 'Bad Request: No username to remove.',
+         }
+
+    u = UserMgr.get(username=del_username)
+
+    if not u:
+        LOG.error('Username not found.')
+        request.response.status_int = 404
+        return {
+            'error': 'User not found.',
+         }
+
+    try:
+        DBSession.delete(u.activation)
+        DBSession.delete(u)
+        return {
+            'success': True,
+            'message': 'Removed user: ' + del_username
+        }
+    except Exception, exc:
+        # There might be cascade issues or something that causes us to fail in
+        # removing.
+        LOG.error(exc)
+        request.response.status_int = 500
+        return {
+            'error': 'Bad Request: ' + str(exc)
+         }
diff --git a/docs/api.rst b/docs/api.rst
@@ -1284,12 +1284,41 @@ Example
         'username': 'test',
     })
     >>>{
-            "username": "admin",
-            "email": "test@dummy.com",
-            "id": 11,
-            "random_pass": "blah123",
-            ...
-        }
+           "username": "admin",
+           "email": "test@dummy.com",
+           "id": 11,
+           "random_pass": "blah123",
+           ...
+       }
+
+/a/users/delete/:username
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+Usage
+'''''
+*DELETE* `/api/v1/a/users/delete/:username`
+
+Admin endpoint to remove a user from the system.
+
+Currently meant for bad new user accounts that removes activation and user
+account. Does not reach into bmarks/tags.
+
+:query param: api_key *required* - the api key for your account to make the call with
+
+Status Codes
+''''''''''''''
+:success 200: If successful a "200 OK" will be returned
+
+Example
+'''''''
+::
+
+    requests.post('http://127.0.0.1:6543/api/v1/a/users/delete/admin?api_key=12345...')
+    >>>{
+           "success": true,
+           "message": "Removed user: admin"
+       }
+
+
 
 
 /admin/log