refactor(server/api): resolveByID helper for parseUUID->fetch->404 (T4)

This commit is contained in:
2026-05-07 21:28:20 -04:00
parent 754a7955cc
commit 49218e5231
6 changed files with 168 additions and 102 deletions
+5 -14
View File
@@ -212,20 +212,11 @@ func (h *handlers) handleAdminDeleteUser(w http.ResponseWriter, r *http.Request)
writeErr(w, apierror.Unauthorized("auth_required", ""))
return
}
targetID, ok := parseUUID(chi.URLParam(r, "id"))
if !ok {
writeErr(w, apierror.BadRequest("invalid_id", ""))
return
}
q := dbq.New(h.pool)
target, err := q.GetUserByID(r.Context(), targetID)
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
writeErr(w, &apierror.Error{Status: http.StatusNotFound, Code: "not_found", Message: ""})
return
}
writeErrWithLog(w, h.logger, "admin delete user: lookup failed", apierror.Internal(err))
target, apiErr := resolveByID(r, "id", q.GetUserByID, "user")
if apiErr != nil {
writeErr(w, apiErr)
return
}
@@ -243,12 +234,12 @@ func (h *handlers) handleAdminDeleteUser(w http.ResponseWriter, r *http.Request)
}
}
if err := q.DeleteUser(r.Context(), targetID); err != nil {
if err := q.DeleteUser(r.Context(), target.ID); err != nil {
writeErrWithLog(w, h.logger, "admin delete user: delete failed", apierror.Internal(err))
return
}
if err := audit.Write(r.Context(), h.pool, caller.ID, targetID, audit.ActionDeleteUser,
if err := audit.Write(r.Context(), h.pool, caller.ID, target.ID, audit.ActionDeleteUser,
map[string]any{"username": target.Username, "was_admin": target.IsAdmin}); err != nil {
h.logger.Warn("admin delete user: audit failed", "err", err)
}