@@ -709,7 +709,7 @@ class ServerClient(bb.asyncrpc.AsyncServerConnection):
"token": token,
}
- @permissions(USER_ADMIN_PERM, allow_anon=False)
+ @permissions(USER_ADMIN_PERM, allow_self_service=True, allow_anon=False)
async def handle_delete_user(self, request):
username = str(request["username"])
@@ -683,10 +683,13 @@ class HashEquivalenceCommonTests(object):
user = self.create_user("test-user", [])
- # No self service
- with self.auth_client(user) as client, self.assertRaises(InvokeError):
+ # self service
+ with self.auth_client(user) as client:
client.delete_user(user["username"])
+ self.assertIsNone(admin_client.get_user(user["username"]))
+ user = self.create_user("test-user", [])
+
with self.auth_perms() as client, self.assertRaises(InvokeError):
client.delete_user(user["username"])
Allows users to self-service deletion of their own user accounts (meaning, they can delete their own accounts without special permissions). Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> --- lib/hashserv/server.py | 2 +- lib/hashserv/tests.py | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-)