Implement DELETE /users/{user_id endpoint for APIv4 - rebase cleanup (#5307)

* added delete user endpoint

* added unit test for delete user endpoint

* added delete user driver

api4/user.go

@@ -21,6 +21,7 @@ func InitUser() {
 
 	BaseRoutes.User.Handle("", ApiSessionRequired(getUser)).Methods("GET")
 	BaseRoutes.User.Handle("", ApiSessionRequired(updateUser)).Methods("PUT")
+	BaseRoutes.User.Handle("", ApiSessionRequired(deleteUser)).Methods("DELETE")
 	BaseRoutes.User.Handle("/roles", ApiSessionRequired(updateUserRoles)).Methods("PUT")
 
 	BaseRoutes.Users.Handle("/login", ApiHandler(login)).Methods("POST")
@@ -192,6 +193,35 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+func deleteUser(c *Context, w http.ResponseWriter, r *http.Request){
+	c.RequireUserId()
+	if c.Err != nil {
+		return
+	}
+
+	userId := c.Params.UserId
+
+	if !app.SessionHasPermissionToUser(c.Session, userId) {
+		c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
+		return
+	}
+	
+	var user *model.User
+	var err *model.AppError
+
+	if user, err = app.GetUser(userId); err != nil {
+		c.Err = err
+		return
+	}
+
+	if _, err := app.UpdateActive(user, false); err != nil {
+		c.Err = err
+		return	
+	}
+
+	ReturnStatusOK(w)
+}
+
 func updateUserRoles(c *Context, w http.ResponseWriter, r *http.Request) {
 	c.RequireUserId()
 	if c.Err != nil {

api4/user_test.go

@@ -219,6 +219,37 @@ func TestUpdateUser(t *testing.T) {
 	CheckNoError(t, resp)
 }
 
+func TestDeleteUser(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	Client := th.Client
+	
+	user := th.BasicUser
+	th.LoginBasic()
+
+	testUser := th.SystemAdminUser
+	_, resp := Client.DeleteUser(testUser.Id)
+	CheckForbiddenStatus(t, resp)
+
+	Client.Logout()
+	
+	_, resp = Client.DeleteUser(user.Id)
+	CheckUnauthorizedStatus(t, resp)
+
+	Client.Login(testUser.Email, testUser.Password)
+
+	user.Id = model.NewId()
+	_, resp = Client.DeleteUser(user.Id)
+	CheckNotFoundStatus(t, resp)
+
+	user.Id = "junk"
+	_, resp = Client.DeleteUser(user.Id)
+	CheckBadRequestStatus(t, resp)
+
+	_, resp = Client.DeleteUser(testUser.Id)
+	CheckNoError(t, resp)
+
+}
+
 func TestUpdateUserRoles(t *testing.T) {
 	th := Setup().InitBasic().InitSystemAdmin()
 	Client := th.Client

model/client4.go

@@ -285,6 +285,16 @@ func (c *Client4) UpdateUserRoles(userId, roles string) (bool, *Response) {
 	}
 }
 
+// DeleteUser deactivates a user in the system based on the provided user id string.
+func (c *Client4) DeleteUser(userId string) (bool, *Response) {
+	if r, err := c.DoApiDelete(c.GetUserRoute(userId), ""); err != nil {
+		return false, &Response{StatusCode: r.StatusCode, Error: err}
+	} else {
+		defer closeBody(r)
+		return CheckStatusOK(r), BuildResponse(r)
+	}
+}
+
 // Team Section
 
 // CreateTeam creates a team in the system based on the provided team struct.