mirror of
https://gitlab.ub.uni-bielefeld.de/sfb1288inf/nopaque.git
synced 2024-12-25 10:54:18 +00:00
34 lines
996 B
Python
34 lines
996 B
Python
|
from flask import abort, current_app
|
||
|
from flask_login import current_user, login_required, logout_user
|
||
|
from threading import Thread
|
||
|
from app import db
|
||
|
from app.decorators import content_negotiation
|
||
|
from app.models import User
|
||
|
from . import bp
|
||
|
|
||
|
|
||
|
@bp.route('/<hashid:user_id>', methods=['DELETE'])
|
||
|
@login_required
|
||
|
@content_negotiation(produces='application/json')
|
||
|
def delete_user(user_id):
|
||
|
def _delete_user(app, user_id):
|
||
|
with app.app_context():
|
||
|
user = User.query.get(user_id)
|
||
|
user.delete()
|
||
|
db.session.commit()
|
||
|
|
||
|
user = User.query.get_or_404(user_id)
|
||
|
if not (user == current_user or current_user.is_administrator()):
|
||
|
abort(403)
|
||
|
thread = Thread(
|
||
|
target=_delete_user,
|
||
|
args=(current_app._get_current_object(), user_id)
|
||
|
)
|
||
|
if user == current_user:
|
||
|
logout_user()
|
||
|
thread.start()
|
||
|
response_data = {
|
||
|
'message': f'User "{user.username}" marked for deletion'
|
||
|
}
|
||
|
return response_data, 202
|