libre.sh/rocketchat-scim
Archived
2
0
Fork 0
Code Issues 10 Pull requests Projects Releases Packages Wiki Activity Actions

protect admin user from deletion

Browse source
This commit is contained in:
Hugo Renard 2022-03-17 11:33:31 +01:00
parent e3aa537898
commit 907374b1c1
Signed by: hougo
GPG key ID: 3A285FD470209C59
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/endpoints/UserEndpoint.ts
View file

@ -44,6 +44,12 @@ export class UserEndpoint extends ScimEndpoint implements IScimEndpoint {
} }
public async _delete(ctx: Context): Promise<IApiResponse> { public async _delete(ctx: Context): Promise<IApiResponse> {
if (ctx.id() === (await ctx.rc.getUserId())) {
throw new SCIMError()
.setStatus(HttpStatusCode.FORBIDDEN)
.setScimType(SCIMErrorType.MUTABILITY)
.setDetail("The admin user can't be deleted");
}
const o = await ctx.rc.user.delete({ const o = await ctx.rc.user.delete({
userId: ctx.id(), userId: ctx.id(),
confirmRelinquish: true, confirmRelinquish: true,