USEFULL/drone
1
0
Fork 0
mirror of https://github.com/harness/drone.git synced 2025-05-17 04:53:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: disallow last admin to remove self admin status

Browse Source
This commit is contained in:
Akhilesh Pandey 2023-09-15 00:26:10 +05:30
parent ae42cabc15
commit 948c4dbd71
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
internal/api/controller/user/update_admin.go
View File

@ -6,9 +6,11 @@ package user
import ( import (
"context" "context"
"fmt"
"time" "time"
apiauth "github.com/harness/gitness/internal/api/auth" apiauth "github.com/harness/gitness/internal/api/auth"
"github.com/harness/gitness/internal/api/usererror"
"github.com/harness/gitness/internal/auth" "github.com/harness/gitness/internal/auth"
"github.com/harness/gitness/types" "github.com/harness/gitness/types"
"github.com/harness/gitness/types/enum" "github.com/harness/gitness/types/enum"
@ -31,6 +33,19 @@ func (c *Controller) UpdateAdmin(ctx context.Context, session *auth.Session,
return nil, err return nil, err
} }
// Fail if the user being updated is the only admin in DB.
if request.Admin == false && user.Admin == true {
admUsrCount, err := c.principalStore.CountUsers(ctx, &types.UserFilter{Admin: true})
if err != nil {
return nil, fmt.Errorf("failed to check admin user count: %w", err)
}
if admUsrCount == 1 {
return nil, usererror.BadRequest("cannot remove admin from the only admin user")
}
return user, nil
}
user.Admin = request.Admin user.Admin = request.Admin
user.Updated = time.Now().UnixMilli() user.Updated = time.Now().UnixMilli()