FEATURE: Add bulk destroy to admin users list (#29744)

This commit introduces a new feature that allows staff to bulk select and delete users directly from the users list at `/admin/users/list`. The main use-case for this feature is make deleting spammers easier when a site is under a large spam attack. Internal topic: t/140321.
2025-05-30 02:18:09 +08:00 · 2024-11-25 11:13:35 +03:00
parent eaa3f813c1
commit 118f7869bb
22 changed files with 995 additions and 44 deletions
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@ -32,7 +32,7 @@ class Admin::UsersController < Admin::StaffController
  def index
    users = ::AdminUserIndexQuery.new(params).find_users

-    opts = {}
+    opts = { include_can_be_deleted: true }
    if params[:show_emails] == "true"
      StaffActionLogger.new(current_user).log_show_emails(users, context: request.path)
      opts[:emails_desired] = true
@ -402,6 +402,24 @@ class Admin::UsersController < Admin::StaffController
    end
  end

+  def destroy_bulk
+    hijack do
+      User::BulkDestroy.call(service_params) do
+        on_success { render json: { deleted: true } }
+
+        on_failed_contract do |contract|
+          render json: failed_json.merge(errors: contract.errors.full_messages), status: 400
+        end
+
+        on_failed_policy(:can_delete_users) do
+          render json: failed_json.merge(errors: [I18n.t("user.cannot_bulk_delete")]), status: 403
+        end
+
+        on_model_not_found(:users) { render json: failed_json, status: 404 }
+      end
+    end
+  end
+
  def badges
  end