From f43a233795e2eebab904bdb048a621afce03d754 Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp <rhaferkamp@owncloud.com>
Date: Wed, 7 Sep 2022 18:13:41 +0200
Subject: [PATCH] Fix home space deletion when deleting user by name

DELETE requess on /graph/v1.0/users also work when specifing a user by
name. For deleting the home space in that case we need to get the User's
id from the backend first.

Fixes: #4195
---
 services/graph/pkg/service/v0/users.go | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/services/graph/pkg/service/v0/users.go b/services/graph/pkg/service/v0/users.go
index 5ccb76b8c..45ca10dfa 100644
--- a/services/graph/pkg/service/v0/users.go
+++ b/services/graph/pkg/service/v0/users.go
@@ -263,11 +263,21 @@ func (g Graph) DeleteUser(w http.ResponseWriter, r *http.Request) {
 		errorcode.InvalidRequest.Render(w, r, http.StatusBadRequest, "missing user id")
 		return
 	}
+	user, err := g.identityBackend.GetUser(r.Context(), userID, r.URL.Query())
+	if err != nil {
+		var errcode errorcode.Error
+		if errors.As(err, &errcode) {
+			errcode.Render(w, r)
+		} else {
+			errorcode.GeneralException.Render(w, r, http.StatusInternalServerError, err.Error())
+		}
+		return
+	}
 
 	currentUser := ctxpkg.ContextMustGetUser(r.Context())
 
 	opaque := utils.AppendPlainToOpaque(nil, "unrestricted", "T")
-	f := listStorageSpacesUserFilter(userID)
+	f := listStorageSpacesUserFilter(user.GetId())
 	lspr, err := g.gatewayClient.ListStorageSpaces(r.Context(), &storageprovider.ListStorageSpacesRequest{
 		Opaque:  opaque,
 		Filters: []*storageprovider.ListStorageSpacesRequest_Filter{f},
@@ -277,7 +287,7 @@ func (g Graph) DeleteUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	for _, sp := range lspr.GetStorageSpaces() {
-		if !(sp.SpaceType == "personal" && sp.Owner.Id.OpaqueId == userID) {
+		if !(sp.SpaceType == "personal" && sp.Owner.Id.OpaqueId == user.GetId()) {
 			continue
 		}
 		// TODO: check if request contains a homespace and if, check if requesting user has the privilege to
@@ -311,7 +321,7 @@ func (g Graph) DeleteUser(w http.ResponseWriter, r *http.Request) {
 		break
 	}
 
-	err = g.identityBackend.DeleteUser(r.Context(), userID)
+	err = g.identityBackend.DeleteUser(r.Context(), user.GetId())
 
 	if err != nil {
 		var errcode errorcode.Error
@@ -323,7 +333,7 @@ func (g Graph) DeleteUser(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 
-	g.publishEvent(events.UserDeleted{Executant: currentUser.Id, UserID: userID})
+	g.publishEvent(events.UserDeleted{Executant: currentUser.Id, UserID: user.GetId()})
 
 	render.Status(r, http.StatusNoContent)
 	render.NoContent(w, r)