[NEW] API `users.deactivateIdle` for mass-disabling of idle users (#16849)

5 years ago · 4ec72d5af8
parent 891e164861
commit 4ec72d5af8
2 changed files with 43 additions and 0 deletions
--- a/app/api/server/v1/users.js
+++ b/app/api/server/v1/users.js
@ -132,6 +132,30 @@ API.v1.addRoute('users.setActiveStatus', { authRequired: true }, {
 	},
 });

+API.v1.addRoute('users.deactivateIdle', { authRequired: true }, {
+	post() {
+		check(this.bodyParams, {
+			daysIdle: Match.Integer,
+			role: Match.Optional(String),
+		});
+
+		if (!hasPermission(this.userId, 'edit-other-user-active-status')) {
+			return API.v1.unauthorized();
+		}
+
+		const { daysIdle, role = 'user' } = this.bodyParams;
+
+		const lastLoggedIn = new Date();
+		lastLoggedIn.setDate(lastLoggedIn.getDate() - daysIdle);
+
+		const count = Users.setActiveNotLoggedInAfterWithRole(lastLoggedIn, role, false);
+
+		return API.v1.success({
+			count,
+		});
+	},
+});
+
 API.v1.addRoute('users.getPresence', { authRequired: true }, {
 	get() {
 		if (this.isUserFromParams()) {
--- a/app/models/server/models/Users.js
+++ b/app/models/server/models/Users.js
@ -973,6 +973,25 @@ export class Users extends Base {
 		return this.update({}, update, { multi: true });
 	}

+	setActiveNotLoggedInAfterWithRole(latestLastLoginDate, role = 'user', active = false) {
+		const neverActive = { lastLogin: { $exists: 0 }, createdAt: { $lte: latestLastLoginDate } };
+		const idleTooLong = { lastLogin: { $lte: latestLastLoginDate } };
+
+		const query = {
+			$or: [neverActive, idleTooLong],
+			active: true,
+			roles: role,
+		};
+
+		const update = {
+			$set: {
+				active,
+			},
+		};
+
+		return this.update(query, update, { multi: true });
+	}
+
 	unsetLoginTokens(_id) {
 		const update = {
 			$set: {