Page MenuHomePhabricator
Files F3302678

D13630.diff
No OneTemporary
Actions

D13630.diff
View Options

diff --git a/services/identity/src/constants.rs b/services/identity/src/constants.rs
--- a/services/identity/src/constants.rs
+++ b/services/identity/src/constants.rs
@@ -275,6 +275,7 @@
pub const MISSING_KEY: &str = "missing_key";
pub const MESSAGE_NOT_AUTHENTICATED: &str = "message_not_authenticated";
pub const RETRY_FROM_NATIVE: &str = "retry_from_native";
+ pub const USER_IS_NOT_STAFF: &str = "user_is_not_staff";
}
// Tunnelbroker
diff --git a/services/identity/src/grpc_services/authenticated.rs b/services/identity/src/grpc_services/authenticated.rs
--- a/services/identity/src/grpc_services/authenticated.rs
+++ b/services/identity/src/grpc_services/authenticated.rs
@@ -625,9 +625,26 @@
#[tracing::instrument(skip_all)]
async fn privileged_delete_users(
&self,
- _request: tonic::Request<PrivilegedDeleteUsersRequest>,
+ request: tonic::Request<PrivilegedDeleteUsersRequest>,
) -> Result<tonic::Response<Empty>, tonic::Status> {
- unimplemented!()
+ const STAFF_USER_IDS: [&str; 1] = ["256"];
+
+ let (user_id, _) = get_user_and_device_id(&request)?;
+ if !STAFF_USER_IDS.contains(&user_id.as_str()) {
+ return Err(Status::permission_denied(
+ tonic_status_messages::USER_IS_NOT_STAFF,
+ ));
+ }
+
+ for user_id_to_delete in request.into_inner().user_ids {
+ self
+ .delete_tunnelbroker_and_backup_data(&user_id_to_delete)
+ .await?;
+ self.db_client.delete_user(user_id_to_delete).await?;
+ }
+
+ let response = Empty {};
+ Ok(Response::new(response))
}
#[tracing::instrument(skip_all)]

File Metadata

Mime Type
text/plain
Expires
Tue, Nov 19, 8:00 AM (33 m, 30 s)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2537413
Default Alt Text
D13630.diff (1 KB)

Event Timeline