github/directus
1
0
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-01-23 03:08:08 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add last admin user check

Browse Source
This commit is contained in:
rijkvanzanten
2020-10-13 16:36:31 -04:00
parent 99b7ba0e2e
commit cbd08a82b0
2 changed files with 30 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api/src/services/roles.ts
View File

@@ -24,7 +24,7 @@ export class RolesService extends ItemsService {
.first();
const otherAdminRolesCount = +(otherAdminRoles?.count || 0);
if (otherAdminRolesCount === 0)
throw new UnprocessableEntityException('You have to have at least one admin role.');
throw new UnprocessableEntityException(`You can't delete the last admin role.`);
// Remove all permissions associated with this role
const permissionsService = new PermissionsService({

30
api/src/services/users.ts
View File

@@ -4,7 +4,11 @@ import jwt from 'jsonwebtoken';
import { sendInviteMail, sendPasswordResetMail } from '../mail';
import database from '../database';
import argon2 from 'argon2';
import { InvalidPayloadException, ForbiddenException } from '../exceptions';
import {
InvalidPayloadException,
ForbiddenException,
UnprocessableEntityException,
} from '../exceptions';
import { Accountability, PrimaryKey, Item, AbstractServiceOptions } from '../types';
import Knex from 'knex';
import env from '../env';
@@ -50,6 +54,30 @@ export class UsersService extends ItemsService {
return this.service.update(data, key as any);
}
delete(key: PrimaryKey): Promise<PrimaryKey>;
delete(keys: PrimaryKey[]): Promise<PrimaryKey[]>;
async delete(key: PrimaryKey | PrimaryKey[]): Promise<PrimaryKey | PrimaryKey[]> {
const keys = Array.isArray(key) ? key : [key];
// Make sure there's at least one admin user left after this deletion is done
const otherAdminUsers = await this.knex
.count('*', { as: 'count' })
.from('directus_users')
.whereNotIn('directus_users.id', keys)
.andWhere({ 'directus_roles.admin_access': true })
.leftJoin('directus_roles', 'directus_users.role', 'directus_roles.id')
.first();
const otherAdminUsersCount = +(otherAdminUsers?.count || 0);
if (otherAdminUsersCount === 0)
throw new UnprocessableEntityException(`You can't delete the last admin user.`);
await super.delete(keys as any);
return key;
}
async inviteUser(email: string, role: string) {
await this.service.create({ email, role, status: 'invited' });