alma/NeahFront7
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

working leantime delete user 4

Browse Source
This commit is contained in:
Alma 2025-04-12 12:12:04 +02:00
parent 327035c153
commit 51686c1790
1 changed files with 51 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
app/api/users/[userId]/route.ts
View File

@ -5,7 +5,14 @@ import { NextResponse } from "next/server";
// Helper function to get Leantime user ID by email // Helper function to get Leantime user ID by email
async function getLeantimeUserId(email: string): Promise<number | null> { async function getLeantimeUserId(email: string): Promise<number | null> {
try { try {
// Get user directly by email // Validate email format
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
if (!emailRegex.test(email)) {
console.error('Invalid email format');
return null;
}
// Get user by email using the proper method
const userResponse = await fetch('https://agilite.slm-lab.net/api/jsonrpc', { const userResponse = await fetch('https://agilite.slm-lab.net/api/jsonrpc', {
method: 'POST', method: 'POST',
headers: { headers: {
@ -23,22 +30,29 @@ async function getLeantimeUserId(email: string): Promise<number | null> {
}); });
const userData = await userResponse.json(); const userData = await userResponse.json();
console.log('Leantime get user response:', userData);
// Only log minimal information for debugging
console.log('Leantime user lookup response status:', userResponse.status);
if (!userResponse.ok || !userData.result) { if (!userResponse.ok || !userData.result) {
console.error('Failed to get Leantime user:', userData); console.error('Failed to get Leantime user');
return null;
}
// The result should be the user object or false
if (userData.result === false) {
return null; return null;
} }
return userData.result.id; return userData.result.id;
} catch (error) { } catch (error) {
console.error('Error getting Leantime user:', error); console.error('Error getting Leantime user');
return null; return null;
} }
} }
// Helper function to delete user from Leantime // Helper function to delete user from Leantime
async function deleteLeantimeUser(email: string): Promise<{ success: boolean; error?: string }> { async function deleteLeantimeUser(email: string, requestingUserId: string): Promise<{ success: boolean; error?: string }> {
try { try {
// First get the Leantime user ID // First get the Leantime user ID
const leantimeUserId = await getLeantimeUserId(email); const leantimeUserId = await getLeantimeUserId(email);
@ -49,6 +63,15 @@ async function deleteLeantimeUser(email: string): Promise<{ success: boolean; er
}; };
} }
// Check if the requesting user has permission to delete this user
// This is a placeholder - implement proper permission check based on your requirements
if (!await hasDeletePermission(requestingUserId, leantimeUserId)) {
return {
success: false,
error: 'Unauthorized to delete this user'
};
}
const response = await fetch('https://agilite.slm-lab.net/api/jsonrpc', { const response = await fetch('https://agilite.slm-lab.net/api/jsonrpc', {
method: 'POST', method: 'POST',
headers: { headers: {
@ -66,19 +89,20 @@ async function deleteLeantimeUser(email: string): Promise<{ success: boolean; er
}); });
const data = await response.json(); const data = await response.json();
console.log('Leantime delete response:', data);
// Only log minimal information
console.log('Leantime delete response status:', response.status);
if (!response.ok || !data.result) { if (!response.ok || !data.result) {
console.error('Leantime user deletion failed:', data);
return { return {
success: false, success: false,
error: data.error?.message || 'Failed to delete user in Leantime' error: 'Failed to delete user in Leantime'
}; };
} }
return { success: true }; return { success: true };
} catch (error) { } catch (error) {
console.error('Error deleting Leantime user:', error); console.error('Error deleting Leantime user');
return { return {
success: false, success: false,
error: 'Error deleting user in Leantime' error: 'Error deleting user in Leantime'
@ -86,6 +110,16 @@ async function deleteLeantimeUser(email: string): Promise<{ success: boolean; er
} }
} }
// Placeholder for permission check - implement based on your requirements
async function hasDeletePermission(requestingUserId: string, targetUserId: number): Promise<boolean> {
// Implement proper permission check logic here
// For example:
// 1. Check if requesting user is admin
// 2. Check if requesting user is trying to delete themselves
// 3. Check if requesting user has the right role/permissions
return true;
}
export async function DELETE( export async function DELETE(
req: Request, req: Request,
{ params }: { params: { userId: string } } { params }: { params: { userId: string } }
@ -115,7 +149,7 @@ export async function DELETE(
const tokenData = await tokenResponse.json(); const tokenData = await tokenResponse.json();
if (!tokenResponse.ok || !tokenData.access_token) { if (!tokenResponse.ok || !tokenData.access_token) {
console.error("Failed to get admin token:", tokenData); console.error("Failed to get admin token");
return NextResponse.json({ error: "Erreur d'authentification" }, { status: 401 }); return NextResponse.json({ error: "Erreur d'authentification" }, { status: 401 });
} }
@ -130,7 +164,7 @@ export async function DELETE(
); );
if (!userResponse.ok) { if (!userResponse.ok) {
console.error("Failed to get user details:", await userResponse.text()); console.error("Failed to get user details");
return NextResponse.json( return NextResponse.json(
{ error: "Erreur lors de la récupération des détails de l'utilisateur" }, { error: "Erreur lors de la récupération des détails de l'utilisateur" },
{ status: userResponse.status } { status: userResponse.status }
@ -151,19 +185,18 @@ export async function DELETE(
); );
if (!deleteResponse.ok) { if (!deleteResponse.ok) {
const errorData = await deleteResponse.json(); console.error("Keycloak delete error");
console.error("Keycloak delete error:", errorData);
return NextResponse.json( return NextResponse.json(
{ error: "Erreur lors de la suppression de l'utilisateur", details: errorData }, { error: "Erreur lors de la suppression de l'utilisateur" },
{ status: deleteResponse.status } { status: deleteResponse.status }
); );
} }
// Delete user from Leantime // Delete user from Leantime
const leantimeResult = await deleteLeantimeUser(params.userId); const leantimeResult = await deleteLeantimeUser(userDetails.email, session.user.id);
if (!leantimeResult.success) { if (!leantimeResult.success) {
console.error("Leantime user deletion failed:", leantimeResult.error); console.error("Leantime user deletion failed");
// We don't return an error here since Keycloak user was deleted successfully // We don't return an error here since Keycloak user was deleted successfully
// We just log the error and continue // We just log the error and continue
} }
@ -171,9 +204,9 @@ export async function DELETE(
return NextResponse.json({ success: true }); return NextResponse.json({ success: true });
} catch (error) { } catch (error) {
console.error("Error deleting user:", error); console.error("Error deleting user");
return NextResponse.json( return NextResponse.json(
{ error: "Erreur serveur", details: error }, { error: "Erreur serveur" },
{ status: 500 } { status: 500 }
); );
} }