nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

bugfix permission delete when only permissionId specified
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nathan Coad
2024-04-03 11:10:36 +11:00
parent ff16acc816
commit 526161f6b4
1 changed files with 34 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
controllers/controlPermissions.go
View File

@@ -146,33 +146,47 @@ func DeletePermissionHandler(c *gin.Context) {
p.Description = html.EscapeString(strings.TrimSpace(p.Description)) p.Description = html.EscapeString(strings.TrimSpace(p.Description))
// Check if permission definition already exists // Check if permission definition already exists
testPermission, _ := models.PermissionGetByDesc(p.Description) if len(p.Description) > 0 {
log.Printf("DeletePermissionHandler confirming permission with description '%s' exists\n", p.Description) log.Printf("DeletePermissionHandler confirming permission with description '%s' exists\n", p.Description)
if (models.Permission{} == testPermission) { testPermission, _ := models.PermissionGetByDesc(p.Description)
errString := fmt.Sprintf("attempt to delete non-existing permission with description '%s'", p.Description)
log.Printf("DeletePermissionHandler %s\n", errString)
c.JSON(http.StatusBadRequest, gin.H{"error": errString})
return
} else {
err := p.PermissionDelete()
// Create audit record if (models.Permission{} == testPermission) {
a := models.Audit{ errString := fmt.Sprintf("attempt to delete non-existing permission with description '%s'", p.Description)
UserId: RequestingUserId,
IpAddress: c.ClientIP(),
EventText: fmt.Sprintf("Deleted Permission '%s' with id %d", p.Description, p.PermissionId),
}
a.AuditLogAdd()
if err != nil {
errString := fmt.Sprintf("error deleting permission : '%s'", err)
log.Printf("DeletePermissionHandler %s\n", errString) log.Printf("DeletePermissionHandler %s\n", errString)
c.JSON(http.StatusBadRequest, gin.H{"error": errString}) c.JSON(http.StatusBadRequest, gin.H{"error": errString})
return return
} }
} else {
log.Printf("DeletePermissionHandler confirming permission with id '%d' exists\n", p.PermissionId)
testPermission, _ := models.PermissionGetById(p.PermissionId)
c.JSON(http.StatusOK, gin.H{"message": "permission deletion success"}) if (models.Permission{} == testPermission) {
errString := fmt.Sprintf("attempt to delete non-existing permission with id '%d'", p.PermissionId)
log.Printf("DeletePermissionHandler %s\n", errString)
c.JSON(http.StatusBadRequest, gin.H{"error": errString})
return
}
} }
err := p.PermissionDelete()
// Create audit record
a := models.Audit{
UserId: RequestingUserId,
IpAddress: c.ClientIP(),
EventText: fmt.Sprintf("Deleted Permission '%s' with id %d", p.Description, p.PermissionId),
}
a.AuditLogAdd()
if err != nil {
errString := fmt.Sprintf("error deleting permission : '%s'", err)
log.Printf("DeletePermissionHandler %s\n", errString)
c.JSON(http.StatusBadRequest, gin.H{"error": errString})
return
}
c.JSON(http.StatusOK, gin.H{"message": "permission deletion success"})
} }
func UpdatePermissionHandler(c *gin.Context) { func UpdatePermissionHandler(c *gin.Context) {