extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-08-15 01:32:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix/user deletion (#1157)

Browse Source 
Extend the deleted user info with the username
- Because initially, we did not store the user name in the activity db 
Sometimes, we can not provide the user name in the API response.

Fix service user deletion
  - In case of service user deletion, do not invoke the IdP delete function
  - Prevent self deletion
This commit is contained in:
Zoltan Papp
2023-09-23 10:47:49 +02:00
committed by GitHub
parent e260270825
commit da7b6b11ad
9 changed files with 186 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
management/server/user.go
View File

@ -309,6 +309,9 @@ func (am *DefaultAccountManager) GetUser(claims jwtclaims.AuthorizationClaims) (
// DeleteUser deletes a user from the given account.
func (am *DefaultAccountManager) DeleteUser(accountID, initiatorUserID string, targetUserID string) error {
if initiatorUserID == targetUserID {
return status.Errorf(status.InvalidArgument, "self deletion is not allowed")
}
unlock := am.Store.AcquireAccountLock(accountID)
defer unlock()
@ -340,7 +343,7 @@ func (am *DefaultAccountManager) DeleteUser(accountID, initiatorUserID string, t
return err
}
targetUserEmail, err := am.getEmailOfTargetUser(account.Id, initiatorUserID, targetUserID)
tuEmail, tuName, err := am.getEmailAndNameOfTargetUser(account.Id, initiatorUserID, targetUserID)
if err != nil {
log.Errorf("failed to resolve email address: %s", err)
return err
@ -352,15 +355,15 @@ func (am *DefaultAccountManager) DeleteUser(accountID, initiatorUserID string, t
meta = map[string]any{"name": targetUser.ServiceUserName}
eventAction = activity.ServiceUserDeleted
} else {
meta = map[string]any{"email": targetUserEmail}
meta = map[string]any{"name": tuName, "email": tuEmail}
eventAction = activity.UserDeleted
}
am.storeEvent(initiatorUserID, targetUserID, accountID, eventAction, meta)
if !isNil(am.idpManager) {
if !targetUser.IsServiceUser && !isNil(am.idpManager) {
err := am.deleteUserFromIDP(targetUserID, accountID)
if err != nil {
log.Debugf("failed to delete user from IDP: %s", targetUserID)
return err
}
}
@ -876,18 +879,18 @@ func (am *DefaultAccountManager) deleteUserFromIDP(targetUserID, accountID strin
return nil
}
func (am *DefaultAccountManager) getEmailOfTargetUser(accountId string, initiatorId, targetId string) (string, error) {
func (am *DefaultAccountManager) getEmailAndNameOfTargetUser(accountId, initiatorId, targetId string) (string, string, error) {
userInfos, err := am.GetUsersFromAccount(accountId, initiatorId)
if err != nil {
return "", err
return "", "", err
}
for _, ui := range userInfos {
if ui.ID == targetId {
return ui.Email, nil
return ui.Email, ui.Name, nil
}
}
return "", fmt.Errorf("email not found for user: %s", targetId)
return "", "", fmt.Errorf("user info not found for user: %s", targetId)
}
func findUserInIDPUserdata(userID string, userData []*idp.UserData) (*idp.UserData, bool) {