TeamPiped-mirror/Piped-Backend
1
0
Fork 0
mirror of https://github.com/TeamPiped/Piped-Backend.git synced 2024-08-14 23:51:41 +00:00
Code Issues Projects Releases Packages Wiki Activity

Delete all user content from db

Browse source
This commit is contained in:
theanonymousexyz 2022-04-21 23:10:43 +02:00
parent 369a8907af
commit c56cb6eec5
No known key found for this signature in database
GPG key ID: 35EE09F5481049BB
2 changed files with 13 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

23
src/main/java/me/kavin/piped/utils/ResponseHelper.java
View file

@ -47,7 +47,6 @@ import org.springframework.security.crypto.argon2.Argon2PasswordEncoder;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.criteria.CriteriaDelete;
import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.JoinType;
import javax.persistence.criteria.Root;
@ -633,7 +632,7 @@ public class ResponseHelper {
try (Session s = DatabaseSessionFactory.createSession()) {
User user = DatabaseHelper.getUserFromSession(session);
if (user != null) {
String hash = user.getPassword();
boolean passMatch =
@ -641,24 +640,26 @@ public class ResponseHelper {
if (!passMatch)
return Constants.mapper.writeValueAsBytes(new IncorrectCredentialsResponse());
CriteriaBuilder cb = s.getCriteriaBuilder();
CriteriaDelete<User> cd = cb.createCriteriaDelete(User.class);
Root<User> root = cd.from(User.class);
cd.where(cb.equal(root.get("session_id"), session));
try {
s.getTransaction().begin();
s.createQuery(cd).executeUpdate();
s.createNativeQuery("delete from users_subscribed where subscriber = :id")
.setParameter("id", user.getId()).executeUpdate();
s.createNativeQuery("delete from playlists where owner = :ownerId")
.setParameter("ownerId", user.getId()).executeUpdate();
s.createNativeQuery("delete from users where id = :id")
.setParameter("id", user.getId()).executeUpdate();
s.getTransaction().commit();
return Constants.mapper.writeValueAsBytes(new DeleteUserResponse(user.getUsername()));
} catch (Exception e) {
return Constants.mapper.writeValueAsBytes(new ErrorResponse(ExceptionUtils.getStackTrace(e), e.getMessage()));
}
return Constants.mapper.writeValueAsBytes(new DeleteUserResponse(user.getUsername()));
}
}
return Constants.mapper.writeValueAsBytes(new AuthenticationFailureResponse());
}

4
testing/api-test.sh
View file

@ -108,7 +108,5 @@ curl ${CURLOPTS[@]} $HOST/user/playlists/remove -X POST -H "Content-Type: applic
# Delete Playlist Test
curl ${CURLOPTS[@]} $HOST/user/playlists/delete -X POST -H "Content-Type: application/json" -H "Authorization: $AUTH_TOKEN" -d $(jq -n --compact-output --arg playlistId $PLAYLIST_ID '{"playlistId": $playlistId}') || exit 1
DELETE_REQ=$(jq -n --compact-output --arg password "$PASS" '{"password": $password}')
# Delete User Test
curl ${CURLOPTS[@]} $HOST/user/delete -X POST -H "Content-Type: application/json" -H "Authorization: $AUTH_TOKEN" -d $DELETE_REQ || exit 1
curl ${CURLOPTS[@]} $HOST/user/delete -X POST -H "Content-Type: application/json" -H "Authorization: $AUTH_TOKEN" -d $(jq -n --compact-output --arg password "$PASS" '{"password": $password}') || exit 1