aykhans/slash-e
1
0
Fork 0
mirror of https://github.com/aykhans/slash-e.git synced 2025-04-19 05:25:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: delete workspace user

Browse Source
This commit is contained in:
steven 2022-09-29 22:50:58 +08:00
parent 4a88bace66
commit 67e619ab4a
2 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
server/workspace_user.go
View File

@ -117,7 +117,7 @@ func (s *Server) registerWorkspaceUserRoutes(g *echo.Group) {
g.DELETE("/workspace/:workspaceId/user/:userId", func(c echo.Context) error { g.DELETE("/workspace/:workspaceId/user/:userId", func(c echo.Context) error {
ctx := c.Request().Context() ctx := c.Request().Context()
userID, ok := c.Get(getUserIDContextKey()).(int) currentUserID, ok := c.Get(getUserIDContextKey()).(int)
if !ok { if !ok {
return echo.NewHTTPError(http.StatusUnauthorized, "Missing auth session") return echo.NewHTTPError(http.StatusUnauthorized, "Missing auth session")
} }
@ -127,22 +127,22 @@ func (s *Server) registerWorkspaceUserRoutes(g *echo.Group) {
return echo.NewHTTPError(http.StatusBadRequest, "Malformatted workspace id").SetInternal(err) return echo.NewHTTPError(http.StatusBadRequest, "Malformatted workspace id").SetInternal(err)
} }
userID, err := strconv.Atoi(c.Param("userId"))
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, "Malformatted user id").SetInternal(err)
}
currentWorkspaceUser, err := s.Store.FindWordspaceUser(ctx, &api.WorkspaceUserFind{ currentWorkspaceUser, err := s.Store.FindWordspaceUser(ctx, &api.WorkspaceUserFind{
WorkspaceID: &workspaceID, WorkspaceID: &workspaceID,
UserID: &userID, UserID: &currentUserID,
}) })
if err != nil { if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find workspace user").SetInternal(err) return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find workspace user").SetInternal(err)
} }
if currentWorkspaceUser.UserID != userID && currentWorkspaceUser.Role != api.RoleAdmin { if currentUserID != userID && currentWorkspaceUser.Role != api.RoleAdmin {
return echo.NewHTTPError(http.StatusForbidden, "Access forbidden to delete workspace user").SetInternal(err) return echo.NewHTTPError(http.StatusForbidden, "Access forbidden to delete workspace user").SetInternal(err)
} }
userID, err = strconv.Atoi(c.Param("userId"))
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, "Malformatted user id").SetInternal(err)
}
workspaceUserDelete := &api.WorkspaceUserDelete{ workspaceUserDelete := &api.WorkspaceUserDelete{
WorkspaceID: workspaceID, WorkspaceID: workspaceID,
UserID: userID, UserID: userID,

2
store/shortcut.go
View File

@ -182,7 +182,9 @@ func (s *Store) DeleteShortcut(ctx context.Context, delete *api.ShortcutDelete)
return FormatError(err) return FormatError(err)
} }
if delete.ID != nil {
s.cache.DeleteCache(api.ShortcutCache, *delete.ID) s.cache.DeleteCache(api.ShortcutCache, *delete.ID)
}
return nil return nil
} }