don't delete yourself
This commit is contained in:
parent
f058f29d9a
commit
fdc85bf529
2 changed files with 9 additions and 0 deletions
|
@ -52,6 +52,10 @@ class Responses:
|
||||||
"description": "Entry does not exist in database",
|
"description": "Entry does not exist in database",
|
||||||
"content": None,
|
"content": None,
|
||||||
}
|
}
|
||||||
|
CANT_TARGET_SELF = {
|
||||||
|
"description": "Operation can't target yourself",
|
||||||
|
"content": None,
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
async def get_current_user(
|
async def get_current_user(
|
||||||
|
|
|
@ -109,6 +109,7 @@ async def add_user(
|
||||||
status.HTTP_401_UNAUTHORIZED: Responses.NEEDS_USER,
|
status.HTTP_401_UNAUTHORIZED: Responses.NEEDS_USER,
|
||||||
status.HTTP_403_FORBIDDEN: Responses.NEEDS_ADMIN,
|
status.HTTP_403_FORBIDDEN: Responses.NEEDS_ADMIN,
|
||||||
status.HTTP_404_NOT_FOUND: Responses.ENTRY_DOESNT_EXIST,
|
status.HTTP_404_NOT_FOUND: Responses.ENTRY_DOESNT_EXIST,
|
||||||
|
status.HTTP_406_NOT_ACCEPTABLE: Responses.CANT_TARGET_SELF,
|
||||||
},
|
},
|
||||||
response_model=User,
|
response_model=User,
|
||||||
)
|
)
|
||||||
|
@ -120,6 +121,10 @@ async def remove_user(
|
||||||
DELETE ./{user_name}: Remove a user from the database.
|
DELETE ./{user_name}: Remove a user from the database.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
# stop inting
|
||||||
|
if current_user.name == user.name:
|
||||||
|
raise HTTPException(status_code=status.HTTP_406_NOT_ACCEPTABLE)
|
||||||
|
|
||||||
# delete user
|
# delete user
|
||||||
user.delete()
|
user.delete()
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue