diff --git a/pkg/api/admin_users.go b/pkg/api/admin_users.go index dc056dbe276..9fedbc4ddf5 100644 --- a/pkg/api/admin_users.go +++ b/pkg/api/admin_users.go @@ -112,43 +112,44 @@ func AdminDeleteUser(c *models.ReqContext) { } // POST /api/admin/users/:id/disable -func AdminDisableUser(c *models.ReqContext) { +func (server *HTTPServer) AdminDisableUser(c *models.ReqContext) Response { userID := c.ParamsInt64(":id") // External users shouldn't be disabled from API authInfoQuery := &models.GetAuthInfoQuery{UserId: userID} if err := bus.Dispatch(authInfoQuery); err != models.ErrUserNotFound { - c.JsonApiErr(500, "Could not disable external user", nil) - return + return Error(500, "Could not disable external user", nil) } disableCmd := models.DisableUserCommand{UserId: userID, IsDisabled: true} if err := bus.Dispatch(&disableCmd); err != nil { - c.JsonApiErr(500, "Failed to disable user", err) - return + return Error(500, "Failed to disable user", err) } - c.JsonOK("User disabled") + err := server.AuthTokenService.RevokeAllUserTokens(c.Req.Context(), userID) + if err != nil { + return Error(500, "Failed to disable user", err) + } + + return Success("User disabled") } // POST /api/admin/users/:id/enable -func AdminEnableUser(c *models.ReqContext) { +func AdminEnableUser(c *models.ReqContext) Response { userID := c.ParamsInt64(":id") // External users shouldn't be disabled from API authInfoQuery := &models.GetAuthInfoQuery{UserId: userID} if err := bus.Dispatch(authInfoQuery); err != models.ErrUserNotFound { - c.JsonApiErr(500, "Could not enable external user", nil) - return + return Error(500, "Could not enable external user", nil) } disableCmd := models.DisableUserCommand{UserId: userID, IsDisabled: false} if err := bus.Dispatch(&disableCmd); err != nil { - c.JsonApiErr(500, "Failed to enable user", err) - return + return Error(500, "Failed to enable user", err) } - c.JsonOK("User enabled") + return Success("User enabled") } // POST /api/admin/users/:id/logout diff --git a/pkg/api/admin_users_test.go b/pkg/api/admin_users_test.go index 1ec3000dc8b..4d858183545 100644 --- a/pkg/api/admin_users_test.go +++ b/pkg/api/admin_users_test.go @@ -222,16 +222,23 @@ func adminDisableUserScenario(desc string, action string, url string, routePatte Convey(desc+" "+url, func() { defer bus.ClearBusHandlers() + fakeAuthTokenService := auth.NewFakeUserAuthTokenService() + + hs := HTTPServer{ + Bus: bus.GetBus(), + AuthTokenService: fakeAuthTokenService, + } + sc := setupScenarioContext(url) - sc.defaultHandler = Wrap(func(c *m.ReqContext) { + sc.defaultHandler = Wrap(func(c *m.ReqContext) Response { sc.context = c sc.context.UserId = TestUserID if action == "enable" { - AdminEnableUser(c) - } else { - AdminDisableUser(c) + return AdminEnableUser(c) } + + return hs.AdminDisableUser(c) }) sc.m.Post(routePattern, sc.defaultHandler) diff --git a/pkg/api/api.go b/pkg/api/api.go index 70f6263686a..9f80f1cb4fb 100644 --- a/pkg/api/api.go +++ b/pkg/api/api.go @@ -381,8 +381,8 @@ func (hs *HTTPServer) registerRoutes() { adminRoute.Put("/users/:id/password", bind(dtos.AdminUpdateUserPasswordForm{}), AdminUpdateUserPassword) adminRoute.Put("/users/:id/permissions", bind(dtos.AdminUpdateUserPermissionsForm{}), AdminUpdateUserPermissions) adminRoute.Delete("/users/:id", AdminDeleteUser) - adminRoute.Post("/users/:id/disable", AdminDisableUser) - adminRoute.Post("/users/:id/enable", AdminEnableUser) + adminRoute.Post("/users/:id/disable", Wrap(hs.AdminDisableUser)) + adminRoute.Post("/users/:id/enable", Wrap(AdminEnableUser)) adminRoute.Get("/users/:id/quotas", Wrap(GetUserQuotas)) adminRoute.Put("/users/:id/quotas/:target", bind(m.UpdateUserQuotaCmd{}), Wrap(UpdateUserQuota)) adminRoute.Get("/stats", AdminGetStats)