From 5f21a1e6600844c92d6056bde4e4308d9b2e8dd8 Mon Sep 17 00:00:00 2001 From: DongYoung Kim Date: Tue, 29 Oct 2024 18:18:09 +0900 Subject: [PATCH] Fix condition not returning error during initial login (#4927) * Fix an error creating a project when the password is default Signed-off-by: DongYoung Kim * Separate logic into a single if block for better readability Signed-off-by: DongYoung Kim * Fix condition not returning error during initial login Signed-off-by: DongYoung Kim --------- Signed-off-by: DongYoung Kim --- .../api/handlers/rest/project_handler.go | 42 +++++++++++++++---- .../api/handlers/rest/user_handlers.go | 31 +++++++++++--- 2 files changed, 61 insertions(+), 12 deletions(-) diff --git a/chaoscenter/authentication/api/handlers/rest/project_handler.go b/chaoscenter/authentication/api/handlers/rest/project_handler.go index 8ebe227df8b..52e95a2932b 100644 --- a/chaoscenter/authentication/api/handlers/rest/project_handler.go +++ b/chaoscenter/authentication/api/handlers/rest/project_handler.go @@ -325,8 +325,12 @@ func CreateProject(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, userRequest.UserID) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } // checking if project name is empty @@ -456,8 +460,12 @@ func SendInvitation(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, c.MustGet("uid").(string)) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } // Validating member role @@ -558,8 +566,12 @@ func AcceptInvitation(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, c.MustGet("uid").(string)) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } err = validations.RbacValidator(c.MustGet("uid").(string), member.ProjectID, @@ -614,8 +626,12 @@ func DeclineInvitation(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, c.MustGet("uid").(string)) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } err = validations.RbacValidator(c.MustGet("uid").(string), member.ProjectID, @@ -684,8 +700,12 @@ func LeaveProject(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, c.MustGet("uid").(string)) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } err = validations.RbacValidator(c.MustGet("uid").(string), member.ProjectID, @@ -744,8 +764,12 @@ func RemoveInvitation(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, c.MustGet("uid").(string)) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } err = validations.RbacValidator(c.MustGet("uid").(string), member.ProjectID, @@ -824,8 +848,12 @@ func UpdateProjectName(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, c.MustGet("uid").(string)) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } err = validations.RbacValidator(c.MustGet("uid").(string), diff --git a/chaoscenter/authentication/api/handlers/rest/user_handlers.go b/chaoscenter/authentication/api/handlers/rest/user_handlers.go index 904969f16ab..d8bcf5d9afa 100644 --- a/chaoscenter/authentication/api/handlers/rest/user_handlers.go +++ b/chaoscenter/authentication/api/handlers/rest/user_handlers.go @@ -136,13 +136,18 @@ func UpdateUser(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, uid) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } err = service.UpdateUser(&userRequest) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) + return } c.JSON(http.StatusOK, gin.H{"message": "User details updated successfully"}) } @@ -554,8 +559,12 @@ func ResetPassword(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, uid) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } if userPasswordRequest.NewPassword != "" { @@ -610,8 +619,12 @@ func UpdateUserState(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, adminUser.ID) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } if entities.Role(userRole) != entities.RoleAdmin { @@ -689,8 +702,12 @@ func CreateApiToken(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, apiTokenRequest.UserID) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } // Checking if user exists @@ -785,8 +802,12 @@ func DeleteApiToken(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, deleteApiTokenRequest.UserID) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } token := deleteApiTokenRequest.Token