From e7bb9325c0370a8e84bf04dd71724bf873ca0164 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Victor=20Peter=20Rouven=20M=C3=BCller?= Date: Wed, 19 Jan 2022 15:27:03 +0100 Subject: [PATCH] Remove /user/delete GET endpoint changelog_begin - [HTTP-JSON] Removed the /user/delete GET endpoint. Please use the /user/delete POST endpoint with the own user ID if you need to delete the user associated with the current token changelog_end --- ...ServiceIntegrationTestUserManagement.scala | 38 ------------------- .../com/digitalasset/http/Endpoints.scala | 10 ----- 2 files changed, 48 deletions(-) diff --git a/ledger-service/http-json/src/it/scala/http/HttpServiceIntegrationTestUserManagement.scala b/ledger-service/http-json/src/it/scala/http/HttpServiceIntegrationTestUserManagement.scala index 63473a08458c..73310f7bc6d6 100644 --- a/ledger-service/http-json/src/it/scala/http/HttpServiceIntegrationTestUserManagement.scala +++ b/ledger-service/http-json/src/it/scala/http/HttpServiceIntegrationTestUserManagement.scala @@ -384,44 +384,6 @@ class HttpServiceIntegrationTestUserManagementNoAuth getResult(output3).convertTo[List[UserDetails]] should not contain createUserRequest.userId } } - - "deleting the current user should be possible via the user/delete endpoint" in withHttpServiceAndClient( - participantAdminJwt - ) { (uri, _, _, _, _) => - import spray.json._ - import spray.json.DefaultJsonProtocol._ - val alice = getUniqueParty("Alice") - val createUserRequest = domain.CreateUserRequest( - getUniqueUserName("nice.user"), - Some(alice.unwrap), - List(alice), - List.empty, - isAdmin = true, - ) - for { - (status1, output1) <- postRequest( - uri.withPath(Uri.Path("/v1/user/create")), - createUserRequest.toJson, - headers = authorizationHeader(participantAdminJwt), - ) - _ <- { - status1 shouldBe StatusCodes.OK - getResult(output1).convertTo[Boolean] shouldBe true - } - (status2, _) <- getRequest( - uri.withPath(Uri.Path(s"/v1/user/delete")), - headers = headersWithUserAuth(createUserRequest.userId), - ) - _ = status2 shouldBe StatusCodes.OK - (status3, output3) <- getRequest( - uri.withPath(Uri.Path("/v1/users")), - headers = authorizationHeader(participantAdminJwt), - ) - } yield { - status3 shouldBe StatusCodes.OK - getResult(output3).convertTo[List[UserDetails]] should not contain createUserRequest.userId - } - } } class HttpServiceIntegrationTestUserManagement diff --git a/ledger-service/http-json/src/main/scala/com/digitalasset/http/Endpoints.scala b/ledger-service/http-json/src/main/scala/com/digitalasset/http/Endpoints.scala index 9614d0c780e9..b9bd6c44958c 100644 --- a/ledger-service/http-json/src/main/scala/com/digitalasset/http/Endpoints.scala +++ b/ledger-service/http-json/src/main/scala/com/digitalasset/http/Endpoints.scala @@ -232,7 +232,6 @@ class Endpoints( path("query") & withTimer(queryAllTimer) apply toRoute(retrieveAll(req)), path("user") apply toRoute(getAuthenticatedUser(req)), - path("user" / "delete") apply toRoute(deleteAuthenticatedUser(req)), path("user" / "rights") apply toRoute( listAuthenticatedUserRights(req) ), @@ -496,15 +495,6 @@ class Endpoints( } yield domain.OkResponse(true): domain.SyncResponse[Boolean] }(req) - def deleteAuthenticatedUser(req: HttpRequest)(implicit - lc: LoggingContextOf[InstanceUUID with RequestID] - ): ET[domain.SyncResponse[Boolean]] = - for { - jwt <- eitherT(input(req)).bimap(identity[Error], _._1) - userId <- decodeAndParseUserIdFromToken(jwt, decodeJwt).leftMap(identity[Error]) - _ <- EitherT.rightT(userManagementClient.deleteUser(userId, Some(jwt.value))) - } yield domain.OkResponse(true) - def listUsers(req: HttpRequest)(implicit lc: LoggingContextOf[InstanceUUID with RequestID] ): ET[domain.SyncResponse[List[domain.UserDetails]]] =