From 6891b52cee8c47e2dff5a910959a8cb38d095fb3 Mon Sep 17 00:00:00 2001
From: 0xdcarns <dillon.carns@gmail.com>
Date: Mon, 25 Oct 2021 16:38:59 -0400
Subject: [PATCH] updated logs, ensured admins could not be edited

---
 controllers/userHttpController.go |  4 ++--
 logic/auth.go                     | 14 +++++++++++---
 logic/wireguard.go                |  3 ++-
 3 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/controllers/userHttpController.go b/controllers/userHttpController.go
index 6f51e850..c150ddeb 100644
--- a/controllers/userHttpController.go
+++ b/controllers/userHttpController.go
@@ -274,12 +274,12 @@ func updateUserNetworks(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err = logic.UpdateUserNetworks(userchange.Networks, &user)
+	err = logic.UpdateUserNetworks(userchange.Networks, userchange.IsAdmin, &user)
 	if err != nil {
 		returnErrorResponse(w, r, formatError(err, "badrequest"))
 		return
 	}
-	functions.PrintUserLog(username, "networks were updated", 1)
+	functions.PrintUserLog(username, "status was updated", 1)
 	json.NewEncoder(w).Encode(user)
 }
 
diff --git a/logic/auth.go b/logic/auth.go
index 81904f70..d29a9ecf 100644
--- a/logic/auth.go
+++ b/logic/auth.go
@@ -3,6 +3,7 @@ package logic
 import (
 	"encoding/json"
 	"errors"
+	"fmt"
 
 	"github.com/go-playground/validator/v10"
 	"github.com/gravitl/netmaker/database"
@@ -153,12 +154,19 @@ func VerifyAuthRequest(authRequest models.UserAuthParams) (string, error) {
 }
 
 // UpdateUserNetworks - updates the networks of a given user
-func UpdateUserNetworks(newNetworks []string, currentUser *models.User) error {
+func UpdateUserNetworks(newNetworks []string, isadmin bool, currentUser *models.User) error {
 	// check if user exists
-	if _, err := GetUser(currentUser.UserName); err != nil {
+	if returnedUser, err := GetUser(currentUser.UserName); err != nil {
 		return err
+	} else if returnedUser.IsAdmin {
+		return fmt.Errorf("can not make changes to an admin user, attempted to change %s", returnedUser.UserName)
+	}
+	if isadmin {
+		currentUser.IsAdmin = true
+		currentUser.Networks = nil
+	} else {
+		currentUser.Networks = newNetworks
 	}
-	currentUser.Networks = newNetworks
 
 	data, err := json.Marshal(currentUser)
 	if err != nil {
diff --git a/logic/wireguard.go b/logic/wireguard.go
index 45191fbc..cb318f06 100644
--- a/logic/wireguard.go
+++ b/logic/wireguard.go
@@ -62,10 +62,11 @@ func setWGConfig(node models.Node, network string, peerupdate bool) error {
 		var iface string
 		iface = node.Interface
 		err = setServerPeers(iface, node.PersistentKeepalive, peers)
+		Log("updated peers on server "+node.Name, 2)
 	} else {
 		err = initWireguard(&node, privkey, peers, hasGateway, gateways)
+		Log("finished setting wg config on server "+node.Name, 3)
 	}
-	Log("finished setting wg config on server "+node.Name, 1)
 	return err
 }