[fix] Delete user should remove project relationships

Leantime · Apr 28, 2024 · cb95173 · cb95173
1 parent 11f02af
commit cb95173
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 6 deletions.
diff --git a/app/Domain/Users/Controllers/DelUser.php b/app/Domain/Users/Controllers/DelUser.php
@@ -4,25 +4,25 @@
 
     use Leantime\Core\Controller;
     use Leantime\Domain\Auth\Models\Roles;
-    use Leantime\Domain\Users\Repositories\Users as UserRepository;
     use Leantime\Domain\Auth\Services\Auth;
     use Leantime\Core\Frontcontroller;
+    use Leantime\Domain\Users\Services\Users;
 
     /**
      *
      */
     class DelUser extends Controller
     {
-        private UserRepository $userRepo;
+        private Users $userService;
 
         /**
          * init - initialize private variables
          *
          * @access public
          */
-        public function init(UserRepository $userRepo)
+        public function init(Users $userService)
         {
-            $this->userRepo = $userRepo;
+            $this->userService = $userService;
         }
 
         /**
@@ -39,12 +39,12 @@ public function run()
             if (isset($_GET['id']) === true) {
                 $id = (int)($_GET['id']);
 
-                $user = $this->userRepo->getUser($id);
+                $user = $this->userService->getUser($id);
 
                 //Delete User
                 if (isset($_POST['del']) === true) {
                     if (isset($_POST[$_SESSION['formTokenName']]) && $_POST[$_SESSION['formTokenName']] == $_SESSION['formTokenValue']) {
-                        $this->userRepo->deleteUser($id);
+                        $this->userService->deleteUser($id);
 
                         $this->tpl->setNotification($this->language->__("notifications.user_deleted"), "success", "user_deleted");
 

diff --git a/app/Domain/Users/Services/Users.php b/app/Domain/Users/Services/Users.php
@@ -6,6 +6,8 @@
     use Leantime\Core\Eventhelpers;
     use Leantime\Core\Language as LanguageCore;
     use Leantime\Core\Mailer as MailerCore;
+    use Leantime\Domain\Auth\Models\Roles;
+    use Leantime\Domain\Auth\Services\Auth;
     use Leantime\Domain\Users\Repositories\Users as UserRepository;
     use Leantime\Domain\Projects\Repositories\Projects as ProjectRepository;
     use Leantime\Domain\Clients\Repositories\Clients as ClientRepository;
@@ -369,5 +371,25 @@ public function editOwn($values, $id): void
 
             self::dispatch_event("editUser", ["id" => $id, "values" => $values]);
         }
+
+        /**
+         * Delete the user with the specified id.
+         *
+         * @param int $id The id of the user to delete.
+         * @return bool True if the user was deleted successfully, false otherwise.
+         * @throws \Exception If the user is not authorized to delete the user.
+         */
+        public function deleteUser(int $id): bool
+        {
+
+            if(Auth::userIsAtLeast(Roles::$admin, true)) {
+                $this->userRepo->deleteUser($id);
+                $this->projectRepository->deleteAllProjectRelations($id);
+                return true;
+            }
+
+            throw new \Exception("Not authorized");
+
+        }
     }
 }