diff --git a/sync/routes.go b/sync/routes.go
index ac036d26..d4e85d78 100644
--- a/sync/routes.go
+++ b/sync/routes.go
@@ -78,6 +78,7 @@ func Router() chi.Router {
 	r.Method("GET", "/upload/pool/create", authenticatedHandler(getUploadPoolCreate))
 	r.Method("POST", "/upload/pool/create", authenticatedHandlerPostMultipart(postUploadPoolCreate))
 	r.Method("GET", "/upload/{id}", authenticatedHandler(getUploadByID))
+	r.Method("POST", "/upload/{id}/discard", authenticatedHandlerPost(postUploadDiscard))
 
 	html.AddStaticRoute(r, "/static")
 	return r
@@ -165,7 +166,7 @@ func authenticatedHandler[T any](f handlerFunctionGet[T]) http.Handler {
 	})
 }
 
-type handlerFunctionPost[T any] func(context.Context, *http.Request, *models.User, T) (string, *errorWithStatus)
+type handlerFunctionPost[T any] func(context.Context, *http.Request, *models.Organization, *models.User, T) (string, *errorWithStatus)
 
 func authenticatedHandlerPost[T any](f handlerFunctionPost[T]) http.Handler {
 	return auth.NewEnsureAuth(func(w http.ResponseWriter, r *http.Request, u *models.User) {
@@ -183,7 +184,12 @@ func authenticatedHandlerPost[T any](f handlerFunctionPost[T]) http.Handler {
 			return
 		}
 		ctx := r.Context()
-		path, e := f(ctx, r, u, content)
+		org, err := u.Organization().One(ctx, db.PGInstance.BobDB)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		path, e := f(ctx, r, org, u, content)
 		if e != nil {
 			http.Error(w, e.Error(), e.Status)
 			return
@@ -207,7 +213,12 @@ func authenticatedHandlerPostMultipart[T any](f handlerFunctionPost[T]) http.Han
 			return
 		}
 		ctx := r.Context()
-		path, e := f(ctx, r, u, content)
+		org, err := u.Organization().One(ctx, db.PGInstance.BobDB)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		path, e := f(ctx, r, org, u, content)
 		if e != nil {
 			http.Error(w, e.Error(), e.Status)
 			return
diff --git a/sync/sudo.go b/sync/sudo.go
index a7e0c4da..2e485ac6 100644
--- a/sync/sudo.go
+++ b/sync/sudo.go
@@ -42,7 +42,7 @@ type FormEmail struct {
 	To      string `schema:"emailTo"`
 }
 
-func postSudoEmail(ctx context.Context, r *http.Request, u *models.User, e FormEmail) (string, *errorWithStatus) {
+func postSudoEmail(ctx context.Context, r *http.Request, org *models.Organization, u *models.User, e FormEmail) (string, *errorWithStatus) {
 	if u.Role != enums.UserroleRoot {
 		return "", &errorWithStatus{
 			Message: "You must have sudo powers to do this",
@@ -71,7 +71,7 @@ type FormSMS struct {
 	Phone   string `schema:"smsPhone"`
 }
 
-func postSudoSMS(ctx context.Context, r *http.Request, u *models.User, sms FormSMS) (string, *errorWithStatus) {
+func postSudoSMS(ctx context.Context, r *http.Request, org *models.Organization, u *models.User, sms FormSMS) (string, *errorWithStatus) {
 	if u.Role != enums.UserroleRoot {
 		return "", &errorWithStatus{
 			Message: "You must have sudo powers to do this",
diff --git a/sync/upload.go b/sync/upload.go
index 9627f64a..5589a480 100644
--- a/sync/upload.go
+++ b/sync/upload.go
@@ -7,7 +7,6 @@ import (
 	"strconv"
 
 	"github.com/Gleipnir-Technology/nidus-sync/config"
-	"github.com/Gleipnir-Technology/nidus-sync/db"
 	"github.com/Gleipnir-Technology/nidus-sync/db/models"
 	"github.com/Gleipnir-Technology/nidus-sync/platform"
 	"github.com/Gleipnir-Technology/nidus-sync/userfile"
@@ -64,10 +63,6 @@ func getUploadPoolCreate(ctx context.Context, r *http.Request, org *models.Organ
 	return newResponse("sync/pool-csv-upload.html", data), nil
 }
 func getUploadByID(ctx context.Context, r *http.Request, org *models.Organization, u *models.User) (*response[contentUploadDetail], *errorWithStatus) {
-	org, err := u.Organization().One(ctx, db.PGInstance.BobDB)
-	if err != nil {
-		return nil, newError("Failed to get organization: %w", err)
-	}
 	file_id_str := chi.URLParam(r, "id")
 	file_id_, err := strconv.ParseInt(file_id_str, 10, 32)
 	if err != nil {
@@ -87,9 +82,24 @@ func getUploadByID(ctx context.Context, r *http.Request, org *models.Organizatio
 	return newResponse("sync/upload-by-id.html", data), nil
 }
 
+type FormUploadDiscard struct{}
+
+func postUploadDiscard(ctx context.Context, r *http.Request, org *models.Organization, u *models.User, f FormUploadDiscard) (string, *errorWithStatus) {
+	file_id_str := chi.URLParam(r, "id")
+	file_id_, err := strconv.ParseInt(file_id_str, 10, 32)
+	if err != nil {
+		return "", newError("Failed to parse file_id: %w", err)
+	}
+	err = platform.UploadDiscard(ctx, org, int32(file_id_))
+	if err != nil {
+		return "", newError("Failed to mark discarded: %w", err)
+	}
+	return "/upload", nil
+}
+
 type FormUploadPool struct{}
 
-func postUploadPoolCreate(ctx context.Context, r *http.Request, u *models.User, f FormUploadPool) (string, *errorWithStatus) {
+func postUploadPoolCreate(ctx context.Context, r *http.Request, org *models.Organization, u *models.User, f FormUploadPool) (string, *errorWithStatus) {
 	uploads, err := userfile.SaveFileUpload(r, "csvfile", userfile.CollectionCSV)
 	if err != nil {
 		return "", newError("Failed to extract image uploads: %s", err)