aboutsummaryrefslogtreecommitdiff
path: root/src/main.lisp
diff options
context:
space:
mode:
Diffstat (limited to 'src/main.lisp')
-rw-r--r--src/main.lisp14
1 files changed, 14 insertions, 0 deletions
diff --git a/src/main.lisp b/src/main.lisp
index 11be7fd..2b64a57 100644
--- a/src/main.lisp
+++ b/src/main.lisp
@@ -442,6 +442,20 @@
(t
(http-err 401))))
+(defun can-revoke-contributor (requesting-contributor target-contributor)
+ "A contributor can revoke their own access, or an admin can revoke anybody's."
+ (or (eq requesting-contributor target-contributor)
+ (adminp requesting-contributor)))
+
+(defendpoint* :post "/revoke/:contributor a-user-handle:" ()
+ (:auth t)
+ "A contributor can revoke their own access (if for some reason their
+ API key ends up out of their control), or an admin can revoke
+ anybody's access token, forcing the to re-authenticate."
+ (if (can-revoke-contributor (request-contributor) contributor)
+ (revoke-access contributor)
+ (http-err 403)))
+
(defun authorized-to-invite ()
"To make a new invite, a contributor must be authorized and must not
have exceeded the invite limit."