feat: update delete user api

server/user.go

@@ -104,43 +104,11 @@ func (s *Server) registerUserRoutes(g *echo.Group) {
 		return nil
 	})
 
-	g.PATCH("/user/me", func(c echo.Context) error {
-		userID := c.Get(getUserIDContextKey()).(int)
-		userPatch := &api.UserPatch{
-			ID: userID,
-		}
-		if err := json.NewDecoder(c.Request().Body).Decode(userPatch); err != nil {
-			return echo.NewHTTPError(http.StatusBadRequest, "Malformatted patch user request").SetInternal(err)
-		}
-
-		if userPatch.Password != nil && *userPatch.Password != "" {
-			passwordHash, err := bcrypt.GenerateFromPassword([]byte(*userPatch.Password), bcrypt.DefaultCost)
-			if err != nil {
-				return echo.NewHTTPError(http.StatusInternalServerError, "Failed to generate password hash").SetInternal(err)
-			}
-
-			passwordHashStr := string(passwordHash)
-			userPatch.PasswordHash = &passwordHashStr
-		}
-
-		if userPatch.ResetOpenID != nil && *userPatch.ResetOpenID {
-			openID := common.GenUUID()
-			userPatch.OpenID = &openID
-		}
-
-		user, err := s.Store.PatchUser(userPatch)
+	g.PATCH("/user/:id", func(c echo.Context) error {
+		userID, err := strconv.Atoi(c.Param("id"))
 		if err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to patch user").SetInternal(err)
+			return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("id"))).SetInternal(err)
 		}
-
-		c.Response().Header().Set(echo.HeaderContentType, echo.MIMEApplicationJSONCharsetUTF8)
-		if err := json.NewEncoder(c.Response().Writer).Encode(composeResponse(user)); err != nil {
-			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to encode user response").SetInternal(err)
-		}
-		return nil
-	})
-
-	g.PATCH("/user/:userId", func(c echo.Context) error {
 		currentUserID := c.Get(getUserIDContextKey()).(int)
 		currentUser, err := s.Store.FindUser(&api.UserFind{
 			ID: &currentUserID,
@@ -150,15 +118,10 @@ func (s *Server) registerUserRoutes(g *echo.Group) {
 		}
 		if currentUser == nil {
 			return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Current session user not found with ID: %d", currentUserID)).SetInternal(err)
-		} else if currentUser.Role != api.Host {
+		} else if currentUser.Role != api.Host && currentUserID != userID {
 			return echo.NewHTTPError(http.StatusForbidden, "Access forbidden for current session user").SetInternal(err)
 		}
 
-		userID, err := strconv.Atoi(c.Param("userId"))
-		if err != nil {
-			return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("userId"))).SetInternal(err)
-		}
-
 		userPatch := &api.UserPatch{
 			ID: userID,
 		}
@@ -176,6 +139,11 @@ func (s *Server) registerUserRoutes(g *echo.Group) {
 			userPatch.PasswordHash = &passwordHashStr
 		}
 
+		if userPatch.ResetOpenID != nil && *userPatch.ResetOpenID {
+			openID := common.GenUUID()
+			userPatch.OpenID = &openID
+		}
+
 		user, err := s.Store.PatchUser(userPatch)
 		if err != nil {
 			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to patch user").SetInternal(err)
@@ -188,7 +156,7 @@ func (s *Server) registerUserRoutes(g *echo.Group) {
 		return nil
 	})
 
-	g.DELETE("/user/:userId", func(c echo.Context) error {
+	g.DELETE("/user/:id", func(c echo.Context) error {
 		currentUserID := c.Get(getUserIDContextKey()).(int)
 		currentUser, err := s.Store.FindUser(&api.UserFind{
 			ID: &currentUserID,
@@ -202,9 +170,9 @@ func (s *Server) registerUserRoutes(g *echo.Group) {
 			return echo.NewHTTPError(http.StatusForbidden, "Access forbidden for current session user").SetInternal(err)
 		}
 
-		userID, err := strconv.Atoi(c.Param("userId"))
+		userID, err := strconv.Atoi(c.Param("id"))
 		if err != nil {
-			return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("userId"))).SetInternal(err)
+			return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("id"))).SetInternal(err)
 		}
 
 		userDelete := &api.UserDelete{
@@ -216,5 +184,4 @@ func (s *Server) registerUserRoutes(g *echo.Group) {
 
 		return c.JSON(http.StatusOK, true)
 	})
-
 }

store/memo.go

@@ -284,7 +284,10 @@ func findMemoRawList(db *sql.DB, find *api.MemoFind) ([]*memoRaw, error) {
 }
 
 func deleteMemo(db *sql.DB, delete *api.MemoDelete) error {
-	result, err := db.Exec(`DELETE FROM memo WHERE id = ?`, delete.ID)
+	result, err := db.Exec(`
+		PRAGMA foreign_keys = ON;
+		DELETE FROM resource WHERE id = ?
+	`, delete.ID)
 	if err != nil {
 		return FormatError(err)
 	}

store/resource.go

@@ -190,7 +190,10 @@ func findResourceList(db *sql.DB, find *api.ResourceFind) ([]*resourceRaw, error
 }
 
 func deleteResource(db *sql.DB, delete *api.ResourceDelete) error {
-	result, err := db.Exec(`DELETE FROM resource WHERE id = ?`, delete.ID)
+	result, err := db.Exec(`
+		PRAGMA foreign_keys = ON;
+		DELETE FROM resource WHERE id = ?
+	`, delete.ID)
 	if err != nil {
 		return FormatError(err)
 	}

store/shortcut.go

@@ -238,7 +238,10 @@ func findShortcutList(db *sql.DB, find *api.ShortcutFind) ([]*shortcutRaw, error
 }
 
 func deleteShortcut(db *sql.DB, delete *api.ShortcutDelete) error {
-	result, err := db.Exec(`DELETE FROM shortcut WHERE id = ?`, delete.ID)
+	result, err := db.Exec(`
+		PRAGMA foreign_keys = ON;
+		DELETE FROM shortcut WHERE id = ?
+	`, delete.ID)
 	if err != nil {
 		return FormatError(err)
 	}

store/user.go

@@ -270,7 +270,10 @@ func findUserList(db *sql.DB, find *api.UserFind) ([]*userRaw, error) {
 }
 
 func deleteUser(db *sql.DB, delete *api.UserDelete) error {
-	result, err := db.Exec(`DELETE FROM user WHERE id = ?`, delete.ID)
+	result, err := db.Exec(`
+		PRAGMA foreign_keys = ON;
+		DELETE FROM user WHERE id = ?
+	`, delete.ID)
 	if err != nil {
 		return FormatError(err)
 	}