Remove invite_admin route.

app/controllers/admin/users_controller.rb

@@ -458,41 +458,6 @@ class Admin::UsersController < Admin::AdminController
     render json: { total: AdminUserIndexQuery.new(params).count_users }
   end
 
-  def invite_admin
-    raise Discourse::InvalidAccess.new unless is_api?
-
-    email = params[:email]
-    unless user = User.find_by_email(email)
-      name = params[:name] if params[:name].present?
-      username = params[:username] if params[:username].present?
-
-      user = User.new(email: email)
-      user.password = SecureRandom.hex
-      user.username = UserNameSuggester.suggest(username || name || email)
-      user.name = User.suggest_name(name || username || email)
-    end
-
-    user.active = true
-    user.save!
-    user.grant_admin!
-    user.change_trust_level!(4)
-    user.email_tokens.update_all confirmed: true
-
-    email_token = user.email_tokens.create(email: user.email)
-
-    unless params[:send_email] == '0' || params[:send_email] == 'false'
-      Jobs.enqueue(:critical_user_email,
-                    type: :account_created,
-                    user_id: user.id,
-                    email_token: email_token.token)
-    end
-
-    render json: success_json.merge!(
-      password_url: "#{Discourse.base_url}#{password_reset_token_path(token: email_token.token)}"
-    )
-
-  end
-
   def anonymize
     guardian.ensure_can_anonymize_user!(@user)
     if user = UserAnonymizer.new(@user, current_user).make_anonymous

config/routes.rb

@@ -140,7 +140,6 @@ Discourse::Application.routes.draw do
     get 'users/:id/:username/tl3_requirements' => 'users#show'
 
     post "users/sync_sso" => "users#sync_sso", constraints: AdminConstraint.new
-    post "users/invite_admin" => "users#invite_admin", constraints: AdminConstraint.new
 
     resources :impersonate, constraints: AdminConstraint.new
 

spec/requests/admin/users_controller_spec.rb

@@ -757,50 +757,6 @@ RSpec.describe Admin::UsersController do
     end
   end
 
-  describe '#invite_admin' do
-    let(:api_key) { Fabricate(:api_key, user: admin) }
-    let(:api_params) do
-      { api_key: api_key.key, api_username: admin.username }
-    end
-
-    it "doesn't work when not via API" do
-      post "/admin/users/invite_admin.json", params: {
-        name: 'Bill', username: 'bill22', email: 'bill@bill.com'
-      }
-
-      expect(response.status).to eq(403)
-    end
-
-    it 'should invite admin' do
-      expect do
-        post "/admin/users/invite_admin.json", params: api_params.merge(
-          name: 'Bill', username: 'bill22', email: 'bill@bill.com'
-        )
-      end.to change { Jobs::CriticalUserEmail.jobs.size }.by(1)
-
-      expect(response.status).to eq(200)
-
-      u = User.find_by_email('bill@bill.com')
-      expect(u.name).to eq("Bill")
-      expect(u.username).to eq("bill22")
-      expect(u.admin).to eq(true)
-      expect(u.active).to eq(true)
-      expect(u.approved).to eq(true)
-    end
-
-    it "doesn't send the email with send_email falsey" do
-      expect do
-        post "/admin/users/invite_admin.json", params: api_params.merge(
-          name: 'Bill', username: 'bill22', email: 'bill@bill.com', send_email: '0'
-        )
-      end.to change { Jobs::CriticalUserEmail.jobs.size }.by(0)
-
-      expect(response.status).to eq(200)
-      json = ::JSON.parse(response.body)
-      expect(json["password_url"]).to be_present
-    end
-  end
-
   describe '#sync_sso' do
     let(:sso) { SingleSignOn.new }
     let(:sso_secret) { "sso secret" }