Prevent any API requests on accounts that are in deleting

sapcc · Nov 7, 2024 · 3573584 · 3573584
1 parent a6265b1
commit 3573584
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 1 deletion.
diff --git a/internal/api/keppel/accounts.go b/internal/api/keppel/accounts.go
@@ -112,7 +112,12 @@ func (a *API) handlePutAccount(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, `malformed attribute "account.name" in request body is not allowed here`, http.StatusUnprocessableEntity)
 		return
 	}
-	// ... transfer it here into the struct, to make the below code simpler
+	// ... or state ...
+	if req.Account.State != "" {
+		http.Error(w, `malformed attribute "account.state" in request body is not allowed here`, http.StatusUnprocessableEntity)
+		return
+	}
+	// ... and transfer the name here into the struct, to make the below code simpler
 	req.Account.Name = models.AccountName(mux.Vars(r)["account"])
 
 	// check permission to create account

diff --git a/internal/api/keppel/api.go b/internal/api/keppel/api.go
@@ -184,6 +184,10 @@ func (a *API) findAccountFromRequest(w http.ResponseWriter, r *http.Request, _ *
 		http.Error(w, "account not found", http.StatusNotFound)
 		return nil
 	}
+	if account.IsDeleting && r.Method == http.MethodGet {
+		http.Error(w, "account is being deleted", http.StatusConflict)
+		return nil
+	}
 	return account
 }