zishuo/netmaker
1
0
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2026-04-23 00:17:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(go): skip delete and update superadmin on sync users;

Browse Source
This commit is contained in:
VishalDalwadi
2026-03-24 14:22:34 +05:30
parent ff0de2ce00
commit 03a4a2a9e9
1 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pro/auth/sync.go
+10 -5
View File
@@ -125,7 +125,7 @@ func SyncFromIDP() error {
} }
} }
err = syncUsers(idpUsers) err = syncUsers(idpUsers, settings.AuthProvider == "")
if err != nil { if err != nil {
return err return err
} }
@@ -134,7 +134,7 @@ func SyncFromIDP() error {
return err return err
} }
func syncUsers(idpUsers []idp.User) error { func syncUsers(idpUsers []idp.User, removeIntegration bool) error {
dbUsers, err := (&schema.User{}).ListAll(db.WithContext(context.TODO())) dbUsers, err := (&schema.User{}).ListAll(db.WithContext(context.TODO()))
if err != nil { if err != nil {
return err return err
@@ -203,9 +203,10 @@ func syncUsers(idpUsers []idp.User) error {
// can be deleted. // can be deleted.
_ = logic.DeletePendingUser(user.Username) _ = logic.DeletePendingUser(user.Username)
} else if dbUser.AuthType == schema.OAuth { } else if dbUser.AuthType == schema.OAuth {
if dbUser.AccountDisabled != user.AccountDisabled || if dbUser.PlatformRoleID != schema.SuperAdminRole &&
dbUser.DisplayName != user.DisplayName || (dbUser.AccountDisabled != user.AccountDisabled ||
dbUser.ExternalIdentityProviderID != user.ID { dbUser.DisplayName != user.DisplayName ||
dbUser.ExternalIdentityProviderID != user.ID) {
dbUser.AccountDisabled = user.AccountDisabled dbUser.AccountDisabled = user.AccountDisabled
dbUser.DisplayName = user.DisplayName dbUser.DisplayName = user.DisplayName
@@ -225,6 +226,10 @@ func syncUsers(idpUsers []idp.User) error {
for _, user := range dbUsersMap { for _, user := range dbUsersMap {
if user.ExternalIdentityProviderID != "" { if user.ExternalIdentityProviderID != "" {
if _, ok := idpUsersMap[user.Username]; !ok { if _, ok := idpUsersMap[user.Username]; !ok {
if user.PlatformRoleID == schema.SuperAdminRole && !removeIntegration {
continue
}
// delete the user if it has been deleted on idp // delete the user if it has been deleted on idp
// or is filtered out. // or is filtered out.
err = deleteAndCleanUpUser(user) err = deleteAndCleanUpUser(user)