Home Explore Help
Sign In
golang
/
netmaker
mirror of https://github.com/gravitl/netmaker
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

fix: stability patches (#2698)

- avoid panic when deleting other admin users
- improve error handling
Aceix 1 year ago
parent
b78cc0a8a1
commit
a9e3f1ce67
2 changed files with 16 additions and 5 deletions
Split View Show Diff Stats
  1. 3 3
      controllers/user.go
  2. 13 2
      logic/auth.go

+ 3 - 3
controllers/user.go
View File 

@@ -502,14 +502,14 @@ func deleteUser(w http.ResponseWriter, r *http.Request) {
 
 	if user.IsSuperAdmin {
 
 		slog.Error(
 
 			"failed to delete user: ", "user", username, "error", "superadmin cannot be deleted")
 
-		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 
+		logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("superadmin cannot be deleted"), "internal"))
 
 		return
 
 	}
 
 	if !caller.IsSuperAdmin {
 
 		if caller.IsAdmin && user.IsAdmin {
 
 			slog.Error(
 
-				"failed to delete user: ", "user", username, "error", "admin cannot delete another admin user")
 
-			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 
+				"failed to delete user: ", "user", username, "error", "admin cannot delete another admin user, including oneself")
 
+			logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("admin cannot delete another admin user, including oneself"), "internal"))
 
 			return
 
 		}
 
 	}

+ 13 - 2
logic/auth.go
View File 

@@ -8,6 +8,7 @@ import (
 
 
 	"github.com/go-playground/validator/v10"
 
 	"golang.org/x/crypto/bcrypt"
 
+	"golang.org/x/exp/slog"
 
 
 	"github.com/gravitl/netmaker/database"
 
 	"github.com/gravitl/netmaker/logger"
 
@@ -165,11 +166,19 @@ func VerifyAuthRequest(authRequest models.UserAuthParams) (string, error) {
 
 	}
 
 
 	// Create a new JWT for the node
 
-	tokenString, _ := CreateUserJWT(authRequest.UserName, result.IsSuperAdmin, result.IsAdmin)
 
+	tokenString, err := CreateUserJWT(authRequest.UserName, result.IsSuperAdmin, result.IsAdmin)
 
+	if err != nil {
 
+		slog.Error("error creating jwt", "error", err)
 
+		return "", err
 
+	}
 
 
 	// update last login time
 
 	result.LastLoginTime = time.Now()
 
-	UpsertUser(result)
 
+	err = UpsertUser(result)
 
+	if err != nil {
 
+		slog.Error("error upserting user", "error", err)
 
+		return "", err
 
+	}
 
 
 	return tokenString, nil
 
 }
 
@@ -178,9 +187,11 @@ func VerifyAuthRequest(authRequest models.UserAuthParams) (string, error) {
 
 func UpsertUser(user models.User) error {
 
 	data, err := json.Marshal(&user)
 
 	if err != nil {
 
+		slog.Error("error marshalling user", "user", user.UserName, "error", err.Error())
 
 		return err
 
 	}
 
 	if err = database.Insert(user.UserName, string(data), database.USERS_TABLE_NAME); err != nil {
 
+		slog.Error("error inserting user", "user", user.UserName, "error", err.Error())
 
 		return err
 
 	}
 
 	return nil