diff --git a/src/main/java/me/kavin/piped/utils/ResponseHelper.java b/src/main/java/me/kavin/piped/utils/ResponseHelper.java index 4c5898e..d667d2d 100644 --- a/src/main/java/me/kavin/piped/utils/ResponseHelper.java +++ b/src/main/java/me/kavin/piped/utils/ResponseHelper.java @@ -47,7 +47,6 @@ import org.springframework.security.crypto.argon2.Argon2PasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import javax.persistence.criteria.CriteriaBuilder; -import javax.persistence.criteria.CriteriaDelete; import javax.persistence.criteria.CriteriaQuery; import javax.persistence.criteria.JoinType; import javax.persistence.criteria.Root; @@ -633,7 +632,7 @@ public class ResponseHelper { try (Session s = DatabaseSessionFactory.createSession()) { User user = DatabaseHelper.getUserFromSession(session); - + if (user != null) { String hash = user.getPassword(); boolean passMatch = @@ -641,24 +640,26 @@ public class ResponseHelper { if (!passMatch) return Constants.mapper.writeValueAsBytes(new IncorrectCredentialsResponse()); - - CriteriaBuilder cb = s.getCriteriaBuilder(); - CriteriaDelete cd = cb.createCriteriaDelete(User.class); - Root root = cd.from(User.class); - cd.where(cb.equal(root.get("session_id"), session)); try { s.getTransaction().begin(); - s.createQuery(cd).executeUpdate(); + + s.createNativeQuery("delete from users_subscribed where subscriber = :id") + .setParameter("id", user.getId()).executeUpdate(); + s.createNativeQuery("delete from playlists where owner = :ownerId") + .setParameter("ownerId", user.getId()).executeUpdate(); + s.createNativeQuery("delete from users where id = :id") + .setParameter("id", user.getId()).executeUpdate(); + s.getTransaction().commit(); + + return Constants.mapper.writeValueAsBytes(new DeleteUserResponse(user.getUsername())); } catch (Exception e) { return Constants.mapper.writeValueAsBytes(new ErrorResponse(ExceptionUtils.getStackTrace(e), e.getMessage())); } - - return Constants.mapper.writeValueAsBytes(new DeleteUserResponse(user.getUsername())); } } - + return Constants.mapper.writeValueAsBytes(new AuthenticationFailureResponse()); } diff --git a/testing/api-test.sh b/testing/api-test.sh index 127cecd..27a17d7 100755 --- a/testing/api-test.sh +++ b/testing/api-test.sh @@ -108,7 +108,5 @@ curl ${CURLOPTS[@]} $HOST/user/playlists/remove -X POST -H "Content-Type: applic # Delete Playlist Test curl ${CURLOPTS[@]} $HOST/user/playlists/delete -X POST -H "Content-Type: application/json" -H "Authorization: $AUTH_TOKEN" -d $(jq -n --compact-output --arg playlistId $PLAYLIST_ID '{"playlistId": $playlistId}') || exit 1 -DELETE_REQ=$(jq -n --compact-output --arg password "$PASS" '{"password": $password}') - # Delete User Test -curl ${CURLOPTS[@]} $HOST/user/delete -X POST -H "Content-Type: application/json" -H "Authorization: $AUTH_TOKEN" -d $DELETE_REQ || exit 1 +curl ${CURLOPTS[@]} $HOST/user/delete -X POST -H "Content-Type: application/json" -H "Authorization: $AUTH_TOKEN" -d $(jq -n --compact-output --arg password "$PASS" '{"password": $password}') || exit 1