From 22819ad3543b6bad4f6efcedbebb8437292cae3b Mon Sep 17 00:00:00 2001
From: Mike Crute <mike@crute.us>
Date: Mon, 22 Nov 2021 18:40:10 -0800
Subject: Disallow deleting account with PUT

---
 app/controllers/api_account.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/app/controllers/api_account.go b/app/controllers/api_account.go
index 259a7d4..8ef18ce 100644
--- a/app/controllers/api_account.go
+++ b/app/controllers/api_account.go
@@ -125,6 +125,13 @@ func (h *APIAccountHandler) HandlePut(c echo.Context) error {
 		}
 	}
 
+	if in.Deleted != nil && a.Deleted == nil {
+		return &echo.HTTPError{
+			Code:    http.StatusBadRequest,
+			Message: "Use the DELETE method to delete a record",
+		}
+	}
+
 	a.AccountNumber = in.AccountNumber
 	a.Name = in.Name
 	a.ConsoleSessionDuration = in.ConsoleSessionDuration
-- 
cgit v1.2.3