feat: update delete user api

server/user.go

@@ -104,8 +104,24 @@ func (s *Server) registerUserRoutes(g *echo.Group) {
 		return nil
 	})
 
-	g.PATCH("/user/me", func(c echo.Context) error {
-		userID := c.Get(getUserIDContextKey()).(int)
+	g.PATCH("/user/:id", func(c echo.Context) error {
+		userID, err := strconv.Atoi(c.Param("id"))
+		if err != nil {
+			return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("id"))).SetInternal(err)
+		}
+		currentUserID := c.Get(getUserIDContextKey()).(int)
+		currentUser, err := s.Store.FindUser(&api.UserFind{
+			ID: &currentUserID,
+		})
+		if err != nil {
+			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find user").SetInternal(err)
+		}
+		if currentUser == nil {
+			return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Current session user not found with ID: %d", currentUserID)).SetInternal(err)
+		} else if currentUser.Role != api.Host && currentUserID != userID {
+			return echo.NewHTTPError(http.StatusForbidden, "Access forbidden for current session user").SetInternal(err)
+		}
+
 		userPatch := &api.UserPatch{
 			ID: userID,
 		}
@@ -140,7 +156,7 @@ func (s *Server) registerUserRoutes(g *echo.Group) {
 		return nil
 	})
 
-	g.PATCH("/user/:userId", func(c echo.Context) error {
+	g.DELETE("/user/:id", func(c echo.Context) error {
 		currentUserID := c.Get(getUserIDContextKey()).(int)
 		currentUser, err := s.Store.FindUser(&api.UserFind{
 			ID: &currentUserID,
@@ -154,57 +170,9 @@ func (s *Server) registerUserRoutes(g *echo.Group) {
 			return echo.NewHTTPError(http.StatusForbidden, "Access forbidden for current session user").SetInternal(err)
 		}
 
-		userID, err := strconv.Atoi(c.Param("userId"))
+		userID, err := strconv.Atoi(c.Param("id"))
 		if err != nil {
-			return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("userId"))).SetInternal(err)
-		}
-
-		userPatch := &api.UserPatch{
-			ID: userID,
-		}
-		if err := json.NewDecoder(c.Request().Body).Decode(userPatch); err != nil {
-			return echo.NewHTTPError(http.StatusBadRequest, "Malformatted patch user request").SetInternal(err)
-		}
-
-		if userPatch.Password != nil && *userPatch.Password != "" {
-			passwordHash, err := bcrypt.GenerateFromPassword([]byte(*userPatch.Password), bcrypt.DefaultCost)
-			if err != nil {
-				return echo.NewHTTPError(http.StatusInternalServerError, "Failed to generate password hash").SetInternal(err)
-			}
-
-			passwordHashStr := string(passwordHash)
-			userPatch.PasswordHash = &passwordHashStr
-		}
-
-		user, err := s.Store.PatchUser(userPatch)
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to patch user").SetInternal(err)
-		}
-
-		c.Response().Header().Set(echo.HeaderContentType, echo.MIMEApplicationJSONCharsetUTF8)
-		if err := json.NewEncoder(c.Response().Writer).Encode(composeResponse(user)); err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to encode user response").SetInternal(err)
-		}
-		return nil
-	})
-
-	g.DELETE("/user/:userId", func(c echo.Context) error {
-		currentUserID := c.Get(getUserIDContextKey()).(int)
-		currentUser, err := s.Store.FindUser(&api.UserFind{
-			ID: &currentUserID,
-		})
-		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find user").SetInternal(err)
-		}
-		if currentUser == nil {
-			return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Current session user not found with ID: %d", currentUserID)).SetInternal(err)
-		} else if currentUser.Role != api.Host {
-			return echo.NewHTTPError(http.StatusForbidden, "Access forbidden for current session user").SetInternal(err)
-		}
-
-		userID, err := strconv.Atoi(c.Param("userId"))
-		if err != nil {
-			return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("userId"))).SetInternal(err)
+			return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("id"))).SetInternal(err)
 		}
 
 		userDelete := &api.UserDelete{
@@ -216,5 +184,4 @@ func (s *Server) registerUserRoutes(g *echo.Group) {
 
 		return c.JSON(http.StatusOK, true)
 	})
-
 }

store/memo.go

@@ -284,7 +284,10 @@ func findMemoRawList(db *sql.DB, find *api.MemoFind) ([]*memoRaw, error) {
 }
 
 func deleteMemo(db *sql.DB, delete *api.MemoDelete) error {
-	result, err := db.Exec(`DELETE FROM memo WHERE id = ?`, delete.ID)
+	result, err := db.Exec(`
+		PRAGMA foreign_keys = ON;
+		DELETE FROM resource WHERE id = ?
+	`, delete.ID)
 	if err != nil {
 		return FormatError(err)
 	}

store/resource.go

@@ -190,7 +190,10 @@ func findResourceList(db *sql.DB, find *api.ResourceFind) ([]*resourceRaw, error
 }
 
 func deleteResource(db *sql.DB, delete *api.ResourceDelete) error {
-	result, err := db.Exec(`DELETE FROM resource WHERE id = ?`, delete.ID)
+	result, err := db.Exec(`
+		PRAGMA foreign_keys = ON;
+		DELETE FROM resource WHERE id = ?
+	`, delete.ID)
 	if err != nil {
 		return FormatError(err)
 	}

store/shortcut.go

@@ -238,7 +238,10 @@ func findShortcutList(db *sql.DB, find *api.ShortcutFind) ([]*shortcutRaw, error
 }
 
 func deleteShortcut(db *sql.DB, delete *api.ShortcutDelete) error {
-	result, err := db.Exec(`DELETE FROM shortcut WHERE id = ?`, delete.ID)
+	result, err := db.Exec(`
+		PRAGMA foreign_keys = ON;
+		DELETE FROM shortcut WHERE id = ?
+	`, delete.ID)
 	if err != nil {
 		return FormatError(err)
 	}

store/user.go

@@ -270,7 +270,10 @@ func findUserList(db *sql.DB, find *api.UserFind) ([]*userRaw, error) {
 }
 
 func deleteUser(db *sql.DB, delete *api.UserDelete) error {
-	result, err := db.Exec(`DELETE FROM user WHERE id = ?`, delete.ID)
+	result, err := db.Exec(`
+		PRAGMA foreign_keys = ON;
+		DELETE FROM user WHERE id = ?
+	`, delete.ID)
 	if err != nil {
 		return FormatError(err)
 	}