Skip to main content
PUT
/
api
/
admin
/
users
/
:userID
/
limits
Update User Limits
curl --request PUT \
  --url https://api.example.com/api/admin/users/:userID/limits \
  --header 'Content-Type: application/json' \
  --data '
{
  "max_files": 123,
  "max_storage": 123
}
'
{
  "message": "<string>",
  "user": {
    "id": 123,
    "username": "<string>",
    "max_files": 123,
    "max_storage": 123
  },
  "error": "<string>"
}
Modify the maximum file count and storage capacity allowed for a specific user. Both limits are optional in the request body.

Endpoint

PUT /api/admin/users/:userID/limits

Authentication

Requires authentication via JWT token in Authorization header. Currently uses standard AuthRequired() middleware. Admin-specific authorization is planned for future implementation.
Authorization: Bearer <jwt_token>
Source: routes/routes.go:58

Parameters

userID
string
required
The unique identifier of the user whose limits should be updated

Request Body

max_files
integer
Maximum number of files the user can upload. Must be >= 0. Omit to leave unchanged.
max_storage
integer
Maximum storage capacity in bytes. Must be >= 0. Omit to leave unchanged.
Both fields are optional. You can update only max_files, only max_storage, or both in a single request.

Example Request

{
  "max_files": 2000,
  "max_storage": 21474836480
}
Update only storage: 
{
  "max_storage": 10737418240
}

Response

Success Response (200)

message
string
Confirmation message
user
object
Updated user information
id
integer
User’s unique identifier
username
string
User’s username
max_files
integer
Updated maximum file count
max_storage
integer
Updated maximum storage in bytes

Example Response

{
  "message": "User limits updated successfully",
  "user": {
    "id": 42,
    "username": "alice",
    "max_files": 2000,
    "max_storage": 21474836480
  }
}

Error Responses

400 Bad Request - Missing or invalid user ID
error
string
Error message
{
  "error": "User ID is required"
}
400 Bad Request - Invalid request body 
{
  "error": "<validation error details>"
}
400 Bad Request - Negative value validation 
{
  "error": "Max files cannot be negative"
}
Or: 
{
  "error": "Max storage cannot be negative"
}
Source: controllers/user.go:165-177 404 Not Found - User does not exist 
{
  "error": "User not found"
}
Source: controllers/user.go:159 500 Internal Server Error - Database save failed 
{
  "error": "Failed to update user limits"
}
Source: controllers/user.go:181

Implementation Details

Validation Logic

The endpoint enforces these validations:
  1. User ID required: Path parameter userID must be non-empty
  2. User exists: Queries database for user with matching ID
  3. Non-negative values: Both max_files and max_storage must be >= 0 if provided
Source: controllers/user.go:141-178

Partial Updates

The endpoint uses pointer types (*int and *int64) to distinguish between:
  • Field not provided (nil pointer) - no update
  • Field provided with value (non-nil pointer) - update to new value
This allows selective updates without requiring all fields. Source: controllers/user.go:147-150

Update Behavior

  • Only fields provided in the request body are modified
  • Database record is saved with DB.Save(&user) which updates all fields
  • No cascading effects on existing files or access records
Updating limits does not automatically delete or restrict access to existing files that may now exceed the new limits. Users with files exceeding their new limits may need to delete files before uploading new ones.

Storage Units Reference

UnitBytesExample Value
1 KB1,0241024
1 MB1,048,5761048576
1 GB1,073,741,8241073741824
10 GB10,737,418,24010737418240
20 GB21,474,836,48021474836480

Example Usage

curl -X PUT https://api.defdrive.com/api/admin/users/42/limits \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "max_files": 2000,
    "max_storage": 21474836480
  }'

Build docs developers (and LLMs) love

Get started for freeTalk to us