Skip to content

Commit

Permalink
fix(api): check groups on user deletion (#6401)
Browse files Browse the repository at this point in the history
  • Loading branch information
@richardlt
richardlt authored Jan 2, 2023
1 parent b29d61c commit 0da638e
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 3 deletions.
5 changes: 3 additions & 2 deletions engine/api/user.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,10 @@ package api

import (
"context"
"github.com/ovh/cds/engine/api/organization"
"net/http"

"github.com/ovh/cds/engine/api/organization"

"github.com/gorilla/mux"
"github.com/lib/pq"

Expand Down Expand Up @@ -234,7 +235,7 @@ func (api *API) deleteUserHandler() service.Handler {
}
for i := range gus {
if gus[i].Admin {
adminGroupIDs = append(adminGroupIDs, gus[i].ID)
adminGroupIDs = append(adminGroupIDs, gus[i].GroupID)
}
}
if len(adminGroupIDs) > 0 {
Expand Down
10 changes: 9 additions & 1 deletion engine/api/user_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,12 @@ package api
import (
"context"
"encoding/json"
"github.com/ovh/cds/engine/api/organization"
"net/http"
"net/http/httptest"
"testing"

"github.com/ovh/cds/engine/api/organization"

"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"

Expand Down Expand Up @@ -229,6 +230,7 @@ func Test_deleteUserHandler(t *testing.T) {

initial1, jwtInitial1Raw := assets.InsertLambdaUser(t, db)
initial2, _ := assets.InsertLambdaUser(t, db)
initial3, _ := assets.InsertLambdaUser(t, db, &sdk.Group{Name: sdk.RandomString(10)})
admin1, jwtAdmin1Raw := assets.InsertAdminUser(t, db)
admin2, _ := assets.InsertAdminUser(t, db)

Expand Down Expand Up @@ -262,6 +264,12 @@ func Test_deleteUserHandler(t *testing.T) {
TargetUsername: admin1.Username,
ExpectedStatus: http.StatusForbidden,
},
{
Name: "A user can be removed if last admin of a group",
JWT: jwtAdmin1Raw,
TargetUsername: initial3.Username,
ExpectedStatus: http.StatusForbidden,
},
}

for _, c := range cases {
Expand Down

0 comments on commit 0da638e

Please sign in to comment.