http: GET/PATCH /api/users/{id} with last-admin guard
This commit is contained in:
@@ -15,6 +15,7 @@ import (
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/go-chi/chi/v5"
|
||||
"github.com/oklog/ulid/v2"
|
||||
|
||||
"gitea.dcglab.co.uk/steve/restic-manager/internal/store"
|
||||
@@ -182,3 +183,90 @@ func (s *Server) handleAPIUserCreate(w stdhttp.ResponseWriter, r *stdhttp.Reques
|
||||
SetupURL: s.deps.Cfg.BaseURL + "/setup?token=" + rawToken,
|
||||
})
|
||||
}
|
||||
|
||||
func (s *Server) handleAPIUserGet(w stdhttp.ResponseWriter, r *stdhttp.Request) {
|
||||
id := chi.URLParam(r, "id")
|
||||
u, err := s.deps.Store.GetUserByID(r.Context(), id)
|
||||
if err != nil {
|
||||
if errors.Is(err, store.ErrNotFound) {
|
||||
writeJSONError(w, stdhttp.StatusNotFound, "user_not_found", "")
|
||||
return
|
||||
}
|
||||
writeJSONError(w, stdhttp.StatusInternalServerError, "internal", err.Error())
|
||||
return
|
||||
}
|
||||
out := apiUser{
|
||||
ID: u.ID, Username: u.Username, Role: string(u.Role),
|
||||
Email: u.Email, Disabled: u.DisabledAt != nil,
|
||||
MustChangePassword: u.MustChangePassword,
|
||||
CreatedAt: u.CreatedAt.UTC().Format("2006-01-02T15:04:05Z"),
|
||||
}
|
||||
if u.LastLoginAt != nil {
|
||||
ll := u.LastLoginAt.UTC().Format("2006-01-02T15:04:05Z")
|
||||
out.LastLoginAt = &ll
|
||||
}
|
||||
w.Header().Set("Content-Type", "application/json; charset=utf-8")
|
||||
_ = json.NewEncoder(w).Encode(out)
|
||||
}
|
||||
|
||||
type patchUserRequest struct {
|
||||
Role *string `json:"role,omitempty"`
|
||||
Email *string `json:"email,omitempty"`
|
||||
}
|
||||
|
||||
func (s *Server) handleAPIUserPatch(w stdhttp.ResponseWriter, r *stdhttp.Request) {
|
||||
actor, _ := s.requireUser(r)
|
||||
id := chi.URLParam(r, "id")
|
||||
u, err := s.deps.Store.GetUserByID(r.Context(), id)
|
||||
if err != nil {
|
||||
writeJSONError(w, stdhttp.StatusNotFound, "user_not_found", "")
|
||||
return
|
||||
}
|
||||
var req patchUserRequest
|
||||
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
|
||||
writeJSONError(w, stdhttp.StatusBadRequest, "invalid_json", err.Error())
|
||||
return
|
||||
}
|
||||
if req.Role != nil {
|
||||
newRole, ok := validRole(*req.Role)
|
||||
if !ok {
|
||||
writeJSONError(w, stdhttp.StatusBadRequest, "invalid_role", "")
|
||||
return
|
||||
}
|
||||
// Last-admin guard: cannot demote the only enabled admin.
|
||||
if u.Role == store.RoleAdmin && newRole != store.RoleAdmin && u.DisabledAt == nil {
|
||||
n, _ := s.deps.Store.CountEnabledAdmins(r.Context())
|
||||
if n <= 1 {
|
||||
writeJSONError(w, stdhttp.StatusConflict, "last_admin", "")
|
||||
return
|
||||
}
|
||||
}
|
||||
if err := s.deps.Store.SetUserRole(r.Context(), id, newRole); err != nil {
|
||||
writeJSONError(w, stdhttp.StatusInternalServerError, "internal", err.Error())
|
||||
return
|
||||
}
|
||||
}
|
||||
if req.Email != nil {
|
||||
em := strings.TrimSpace(*req.Email)
|
||||
if em != "" {
|
||||
if _, err := mail.ParseAddress(em); err != nil {
|
||||
writeJSONError(w, stdhttp.StatusBadRequest, "invalid_email", err.Error())
|
||||
return
|
||||
}
|
||||
}
|
||||
if err := s.deps.Store.SetUserEmail(r.Context(), id, em); err != nil {
|
||||
writeJSONError(w, stdhttp.StatusInternalServerError, "internal", err.Error())
|
||||
return
|
||||
}
|
||||
}
|
||||
var actorID *string
|
||||
if actor != nil {
|
||||
actorID = &actor.ID
|
||||
}
|
||||
_ = s.deps.Store.AppendAudit(r.Context(), store.AuditEntry{
|
||||
ID: ulid.Make().String(), UserID: actorID, Actor: "user",
|
||||
Action: "user.updated", TargetKind: ptr("user"), TargetID: &id,
|
||||
TS: time.Now().UTC(),
|
||||
})
|
||||
w.WriteHeader(stdhttp.StatusOK)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user