X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=src%2FPVE%2FAPI2%2FUser.pm;h=8893d03caf11440942d555b5646160801d9e2bf2;hb=e780b46aabbf02abb1c5247a005f485526cb1d3e;hp=06cc6804fd9a9f13b5af7d08856fc6958526e02b;hpb=ba6cc98fcbfa64cf5e6d06f22bb2ace9fcb52c70;p=pve-access-control.git

diff --git a/src/PVE/API2/User.pm b/src/PVE/API2/User.pm
index 06cc680..8893d03 100644
--- a/src/PVE/API2/User.pm
+++ b/src/PVE/API2/User.pm
@@ -451,11 +451,19 @@ __PACKAGE__->register_method ({
 	    # know that it's OK to drop any TFA entry in that case.
 	    delete $usercfg->{users}->{$userid};
 
-	    PVE::AccessControl::user_set_tfa($userid, $realm, undef, undef, $usercfg, $domain_cfg);
-
-	    PVE::AccessControl::delete_user_group($userid, $usercfg);
-	    PVE::AccessControl::delete_user_acl($userid, $usercfg);
-	    cfs_write_file("user.cfg", $usercfg);
+	    my $partial_deletion = '';
+	    eval {
+		PVE::AccessControl::user_set_tfa($userid, $realm, undef, undef, $usercfg, $domain_cfg);
+		$partial_deletion = ' - but deleted related TFA';
+
+		PVE::AccessControl::delete_user_group($userid, $usercfg);
+		$partial_deletion .= ', Groups';
+		PVE::AccessControl::delete_user_acl($userid, $usercfg);
+		$partial_deletion .= ', ACLs';
+
+		cfs_write_file("user.cfg", $usercfg);
+	    };
+	    die "$@$partial_deletion\n" if $@;
 	}, "delete user failed");
 
 	return undef;