Skip to main content

Change user status (Admin only)

POST 

/company/users/status/:id

Change the status of a user (activate/deactivate) via the status field. Only administrators can change user statuses.

Objective

Allow administrators to control user access to the platform by activating/deactivating accounts.

Use Cases

  • Temporarily deactivate a user
  • Activate a previously deactivated user
  • Suspend access for security reasons
  • Block a user for non-payment or non-compliance

Authentication & Authorization

  • Requires a valid JWT (middleware m.isLoged)
  • Requires admin or dev role (middleware m.isAdmin)

Behavior

  • reason = NONE: Activates user (status = true), clears reason, reasonDate, reasonMessage
  • reason ≠ NONE: Deactivates user (status = false), sets reason and reasonMessage
  • Validates reason with model.isValidReason()
  • Updates reasonDate if valid (ISO8601 format)

Valid Reasons

  • NONE: Normal active user without issues (activates user)
  • BAD_USER: Blocked for misconduct (reports, fraud)
  • PENDING: Registration completed, awaiting activation
  • ACTIVE: Verified and operational user
  • BLOCKED: Administratively blocked (non-payment, security)

Validation Flow

flowchart TD
A[Receive POST /status/:id] --> B{Admin User?}
B -->|No| C[403 Forbidden]
B -->|Yes| D{User Exists?}
D -->|No| E[404 Not Found]
D -->|Yes| F{Reason === 'NONE'?}
F -->|Yes| G[Activate User]
G --> H[status = true]
H --> I[reason = NONE]
I --> J[Clear reasonDate and reasonMessage]
F -->|No| K[Deactivate User]
K --> L[status = false]
L --> M[Set reason]
M --> N[Set reasonDate]
N --> O[Set reasonMessage]
J --> P[Validate Role]
O --> P
P --> Q[Save and Return 200]

Notes

  • This is the preferred method for temporarily blocking/unblocking users
  • Different from soft delete (DELETE /:id) which removes the record

Request

Responses

User status changed successfully