aykhans/slash-e
1
0
Fork 0
mirror of https://github.com/aykhans/slash-e.git synced 2025-04-18 21:19:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore: disallow to revert the last admin user

Browse Source
This commit is contained in:
Steven 2023-07-29 15:12:19 +08:00
parent 1ce4b91433
commit a44b6494bf
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
api/v1/user.go
View File

@ -231,6 +231,16 @@ func (s *APIV1Service) registerUserRoutes(g *echo.Group) {
updateUser.RowStatus = &rowStatus updateUser.RowStatus = &rowStatus
} }
if userPatch.Role != nil { if userPatch.Role != nil {
adminRole := store.RoleAdmin
adminUsers, err := s.Store.ListUsers(ctx, &store.FindUser{
Role: &adminRole,
})
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to list admin users, err: %s", err)).SetInternal(err)
}
if len(adminUsers) == 1 && adminUsers[0].ID == userID && *userPatch.Role != RoleAdmin {
return echo.NewHTTPError(http.StatusBadRequest, "cannot remove admin role from the last admin user")
}
role := store.Role(*userPatch.Role) role := store.Role(*userPatch.Role)
updateUser.Role = &role updateUser.Role = &role
} }