From 351da5d4e9042a016523427d2d898a788d742752 Mon Sep 17 00:00:00 2001
From: Patrick Jentsch <p.jentsch@uni-bielefeld.de>
Date: Wed, 26 Jul 2023 10:53:34 +0200
Subject: [PATCH] Fix admin delete user in AdminUserList.js

---
 app/static/js/ResourceLists/AdminUserList.js |  3 +-
 app/users/json_routes.py                     | 44 ++++++++++----------
 2 files changed, 23 insertions(+), 24 deletions(-)

diff --git a/app/static/js/ResourceLists/AdminUserList.js b/app/static/js/ResourceLists/AdminUserList.js
index 0307bbdc..0b8f0c16 100644
--- a/app/static/js/ResourceLists/AdminUserList.js
+++ b/app/static/js/ResourceLists/AdminUserList.js
@@ -91,8 +91,7 @@ class AdminUserList extends ResourceList {
     let listAction = listActionElement === null ? 'view' : listActionElement.dataset.listAction;
     switch (listAction) {
       case 'delete': {
-        console.log('delete', itemId);
-        Utils.deleteUserRequest(itemId);
+        Requests.users.entity.delete(itemId);
         if (itemId === currentUserId) {window.location.href = '/';}
         break;
       }
diff --git a/app/users/json_routes.py b/app/users/json_routes.py
index da8ea335..0e51631c 100644
--- a/app/users/json_routes.py
+++ b/app/users/json_routes.py
@@ -7,29 +7,29 @@ from app.models import Avatar, User
 from . import bp
 
 
-# @bp.route('/<hashid:user_id>', methods=['DELETE'])
-# @content_negotiation(produces='application/json')
-# def delete_user(user_id):
-#     def _delete_user(app, user_id):
-#         with app.app_context():
-#             user = User.query.get(user_id)
-#             user.delete()
-#             db.session.commit()
+@bp.route('/<hashid:user_id>', methods=['DELETE'])
+@content_negotiation(produces='application/json')
+def delete_user(user_id):
+    def _delete_user(app, user_id):
+        with app.app_context():
+            user = User.query.get(user_id)
+            user.delete()
+            db.session.commit()
 
-#     user = User.query.get_or_404(user_id)
-#     if not (user == current_user or current_user.is_administrator()):
-#         abort(403)
-#     thread = Thread(
-#         target=_delete_user,
-#         args=(current_app._get_current_object(), user.id)
-#     )
-#     if user == current_user:
-#         logout_user()
-#     thread.start()
-#     response_data = {
-#         'message': f'User "{user.username}" marked for deletion'
-#     }
-#     return response_data, 202
+    user = User.query.get_or_404(user_id)
+    if not (user == current_user or current_user.is_administrator()):
+        abort(403)
+    thread = Thread(
+        target=_delete_user,
+        args=(current_app._get_current_object(), user.id)
+    )
+    if user == current_user:
+        logout_user()
+    thread.start()
+    response_data = {
+        'message': f'User "{user.username}" marked for deletion'
+    }
+    return response_data, 202
 
 
 # @bp.route('/<hashid:user_id>/avatar', methods=['DELETE'])