Skip to main content

Change user status (Admin only)

POST 
/company/users/status/:id

Change the status of a user (activate/deactivate) via the status field. Only administrators can change user statuses.

Objective

Allow administrators to control user access to the platform by activating/deactivating accounts.

Use Cases

  • Temporarily deactivate a user
  • Activate a previously deactivated user
  • Suspend access for security reasons
  • Block a user for non-payment or non-compliance

Authentication & Authorization

  • Requires a valid JWT (middleware m.isLoged)
  • Requires admin or dev role (middleware m.isAdmin)

Behavior

  • reason = NONE: Activates user (status = true), clears reason, reasonDate, reasonMessage
  • reason ≠ NONE: Deactivates user (status = false), sets reason and reasonMessage
  • Validates reason with model.isValidReason()
  • Updates reasonDate if valid (ISO8601 format)

Valid Reasons

  • NONE: Normal active user without issues (activates user)
  • BAD_USER: Blocked for misconduct (reports, fraud)
  • PENDING: Registration completed, awaiting activation
  • ACTIVE: Verified and operational user
  • BLOCKED: Administratively blocked (non-payment, security)

Validation Flow

flowchart TD
  A[Receive POST /status/:id] --> B{Admin User?}
  B -->|No| C[403 Forbidden]
  B -->|Yes| D{User Exists?}
  D -->|No| E[404 Not Found]
  D -->|Yes| F{Reason === 'NONE'?}
  F -->|Yes| G[Activate User]
  G --> H[status = true]
  H --> I[reason = NONE]
  I --> J[Clear reasonDate and reasonMessage]
  F -->|No| K[Deactivate User]
  K --> L[status = false]
  L --> M[Set reason]
  M --> N[Set reasonDate]
  N --> O[Set reasonMessage]
  J --> P[Validate Role]
  O --> P
  P --> Q[Save and Return 200]

Notes

  • This is the preferred method for temporarily blocking/unblocking users
  • Different from soft delete (DELETE /:id) which removes the record

Request

Responses

User status changed successfully