gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-09-09 06:35:23 +08:00
Code Issues Projects Releases Packages Wiki Activity

fix: stability patches (#2698)

Browse source 
- avoid panic when deleting other admin users
- improve error handling
This commit is contained in:
Aceix 2023-11-29 16:12:37 +00:00 committed by GitHub
parent b78cc0a8a1
commit a9e3f1ce67
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 16 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
controllers/user.go
View file

@ -502,14 +502,14 @@ func deleteUser(w http.ResponseWriter, r *http.Request) {
if user.IsSuperAdmin {
slog.Error(
"failed to delete user: ", "user", username, "error", "superadmin cannot be deleted")
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("superadmin cannot be deleted"), "internal"))
return
}
if !caller.IsSuperAdmin {
if caller.IsAdmin && user.IsAdmin {
slog.Error(
"failed to delete user: ", "user", username, "error", "admin cannot delete another admin user")
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
"failed to delete user: ", "user", username, "error", "admin cannot delete another admin user, including oneself")
logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("admin cannot delete another admin user, including oneself"), "internal"))
return
}
}

15
logic/auth.go
View file

@ -8,6 +8,7 @@ import (
"github.com/go-playground/validator/v10"
"golang.org/x/crypto/bcrypt"
"golang.org/x/exp/slog"
"github.com/gravitl/netmaker/database"
"github.com/gravitl/netmaker/logger"
@ -165,11 +166,19 @@ func VerifyAuthRequest(authRequest models.UserAuthParams) (string, error) {
}
// Create a new JWT for the node
tokenString, _ := CreateUserJWT(authRequest.UserName, result.IsSuperAdmin, result.IsAdmin)
tokenString, err := CreateUserJWT(authRequest.UserName, result.IsSuperAdmin, result.IsAdmin)
if err != nil {
slog.Error("error creating jwt", "error", err)
return "", err
}
// update last login time
result.LastLoginTime = time.Now()
UpsertUser(result)
err = UpsertUser(result)
if err != nil {
slog.Error("error upserting user", "error", err)
return "", err
}
return tokenString, nil
}
@ -178,9 +187,11 @@ func VerifyAuthRequest(authRequest models.UserAuthParams) (string, error) {
func UpsertUser(user models.User) error {
data, err := json.Marshal(&user)
if err != nil {
slog.Error("error marshalling user", "user", user.UserName, "error", err.Error())
return err
}
if err = database.Insert(user.UserName, string(data), database.USERS_TABLE_NAME); err != nil {
slog.Error("error inserting user", "user", user.UserName, "error", err.Error())
return err
}
return nil