mirror of https://github.com/coder/coder.git
fix: Deleting a user from a group should only delete from a single group (#5977)
This commit is contained in:
parent
271d68c862
commit
ab1f6ce090
|
@ -3551,12 +3551,12 @@ func (q *fakeQuerier) InsertGroupMember(_ context.Context, arg database.InsertGr
|
|||
return nil
|
||||
}
|
||||
|
||||
func (q *fakeQuerier) DeleteGroupMember(_ context.Context, userID uuid.UUID) error {
|
||||
func (q *fakeQuerier) DeleteGroupMemberFromGroup(_ context.Context, arg database.DeleteGroupMemberFromGroupParams) error {
|
||||
q.mutex.Lock()
|
||||
defer q.mutex.Unlock()
|
||||
|
||||
for i, member := range q.groupMembers {
|
||||
if member.UserID == userID {
|
||||
if member.UserID == arg.UserID && member.GroupID == arg.GroupID {
|
||||
q.groupMembers = append(q.groupMembers[:i], q.groupMembers[i+1:]...)
|
||||
}
|
||||
}
|
||||
|
|
|
@ -23,7 +23,7 @@ type sqlcQuerier interface {
|
|||
DeleteAPIKeysByUserID(ctx context.Context, userID uuid.UUID) error
|
||||
DeleteGitSSHKey(ctx context.Context, userID uuid.UUID) error
|
||||
DeleteGroupByID(ctx context.Context, id uuid.UUID) error
|
||||
DeleteGroupMember(ctx context.Context, userID uuid.UUID) error
|
||||
DeleteGroupMemberFromGroup(ctx context.Context, arg DeleteGroupMemberFromGroupParams) error
|
||||
DeleteLicense(ctx context.Context, id int32) (int32, error)
|
||||
DeleteOldAgentStats(ctx context.Context) error
|
||||
DeleteParameterValueByID(ctx context.Context, id uuid.UUID) error
|
||||
|
|
|
@ -990,15 +990,21 @@ func (q *sqlQuerier) DeleteGroupByID(ctx context.Context, id uuid.UUID) error {
|
|||
return err
|
||||
}
|
||||
|
||||
const deleteGroupMember = `-- name: DeleteGroupMember :exec
|
||||
const deleteGroupMemberFromGroup = `-- name: DeleteGroupMemberFromGroup :exec
|
||||
DELETE FROM
|
||||
group_members
|
||||
WHERE
|
||||
user_id = $1
|
||||
user_id = $1 AND
|
||||
group_id = $2
|
||||
`
|
||||
|
||||
func (q *sqlQuerier) DeleteGroupMember(ctx context.Context, userID uuid.UUID) error {
|
||||
_, err := q.db.ExecContext(ctx, deleteGroupMember, userID)
|
||||
type DeleteGroupMemberFromGroupParams struct {
|
||||
UserID uuid.UUID `db:"user_id" json:"user_id"`
|
||||
GroupID uuid.UUID `db:"group_id" json:"group_id"`
|
||||
}
|
||||
|
||||
func (q *sqlQuerier) DeleteGroupMemberFromGroup(ctx context.Context, arg DeleteGroupMemberFromGroupParams) error {
|
||||
_, err := q.db.ExecContext(ctx, deleteGroupMemberFromGroup, arg.UserID, arg.GroupID)
|
||||
return err
|
||||
}
|
||||
|
||||
|
@ -1220,7 +1226,7 @@ INSERT INTO group_members (
|
|||
user_id,
|
||||
group_id
|
||||
)
|
||||
VALUES ( $1, $2)
|
||||
VALUES ($1, $2)
|
||||
`
|
||||
|
||||
type InsertGroupMemberParams struct {
|
||||
|
|
|
@ -85,13 +85,14 @@ INSERT INTO group_members (
|
|||
user_id,
|
||||
group_id
|
||||
)
|
||||
VALUES ( $1, $2);
|
||||
VALUES ($1, $2);
|
||||
|
||||
-- name: DeleteGroupMember :exec
|
||||
-- name: DeleteGroupMemberFromGroup :exec
|
||||
DELETE FROM
|
||||
group_members
|
||||
WHERE
|
||||
user_id = $1;
|
||||
user_id = $1 AND
|
||||
group_id = $2;
|
||||
|
||||
-- name: DeleteGroupByID :exec
|
||||
DELETE FROM
|
||||
|
|
|
@ -207,16 +207,27 @@ func (api *API) patchGroup(rw http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
for _, id := range req.AddUsers {
|
||||
err := tx.InsertGroupMember(ctx, database.InsertGroupMemberParams{
|
||||
userID, err := uuid.Parse(id)
|
||||
if err != nil {
|
||||
return xerrors.Errorf("parse user ID %q: %w", id, err)
|
||||
}
|
||||
err = tx.InsertGroupMember(ctx, database.InsertGroupMemberParams{
|
||||
GroupID: group.ID,
|
||||
UserID: uuid.MustParse(id),
|
||||
UserID: userID,
|
||||
})
|
||||
if err != nil {
|
||||
return xerrors.Errorf("insert group member %q: %w", id, err)
|
||||
}
|
||||
}
|
||||
for _, id := range req.RemoveUsers {
|
||||
err := tx.DeleteGroupMember(ctx, uuid.MustParse(id))
|
||||
userID, err := uuid.Parse(id)
|
||||
if err != nil {
|
||||
return xerrors.Errorf("parse user ID %q: %w", id, err)
|
||||
}
|
||||
err = tx.DeleteGroupMemberFromGroup(ctx, database.DeleteGroupMemberFromGroupParams{
|
||||
UserID: userID,
|
||||
GroupID: group.ID,
|
||||
})
|
||||
if err != nil {
|
||||
return xerrors.Errorf("insert group member %q: %w", id, err)
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue