3pp-mirror/pushbits
1
0
Fork 0
mirror of https://github.com/pushbits/server.git synced 2025-05-25 14:56:34 +02:00
Code Issues Projects Releases Packages Wiki Activity

Prevent deletion of last admin account

Browse source
This commit is contained in:
eikendev 2020-07-28 22:44:22 +02:00
parent 470a3f819d
commit c0ac5c3d16
No known key found for this signature in database
GPG key ID: A1BDB1B28C8EF694
2 changed files with 20 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
api/user.go
View file

@ -17,6 +17,7 @@ type UserDatabase interface {
GetUserByID(ID uint) (*model.User, error) GetUserByID(ID uint) (*model.User, error)
GetUserByName(name string) (*model.User, error) GetUserByName(name string) (*model.User, error)
GetApplications(user *model.User) ([]model.Application, error) GetApplications(user *model.User) ([]model.Application, error)
AdminUserCount() (int64, error)
} }
// The UserDispatcher interface for relaying notifications. // The UserDispatcher interface for relaying notifications.
@ -70,6 +71,16 @@ func (h *UserHandler) DeleteUser(ctx *gin.Context) {
return return
} }
if user.IsAdmin {
if count, err := h.DB.AdminUserCount(); err != nil {
ctx.AbortWithError(http.StatusInternalServerError, err)
return
} else if count == 1 {
ctx.AbortWithError(http.StatusBadRequest, errors.New("cannot delete last admin user"))
return
}
}
log.Printf("Deleting user %s.\n", user.Name) log.Printf("Deleting user %s.\n", user.Name)
applications, err := h.DB.GetApplications(user) applications, err := h.DB.GetApplications(user)

9
database/user.go
View file

@ -56,3 +56,12 @@ func (d *Database) GetApplications(user *model.User) ([]model.Application, error
return applications, err return applications, err
} }
// AdminUserCount returns the number of admins or an error.
func (d *Database) AdminUserCount() (int64, error) {
var users []model.User
query := d.gormdb.Where("is_admin = ?", true).Find(&users)
return query.RowsAffected, query.Error
}