Mirrors/filebrowser
1
0
Fork 0
mirror of https://github.com/filebrowser/filebrowser.git synced 2026-01-23 02:35:10 +00:00
Code Issues Projects Releases Wiki Activity

fix: don't allow to remove root user

Browse source
This commit is contained in:
Oleg Lobanov 2021-01-11 22:33:36 +01:00
parent 8cea2f75b3
commit 019ce80fc5
No known key found for this signature in database
GPG key ID: 7CC64E41212621B0
6 changed files with 22 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

4
http/users.go
View file

@ -99,8 +99,8 @@ var userGetHandler = withSelfOrAdmin(func(w http.ResponseWriter, r *http.Request
var userDeleteHandler = withSelfOrAdmin(func(w http.ResponseWriter, r *http.Request, d *data) (int, error) {
err := d.store.Users.Delete(d.raw.(uint))
if err == errors.ErrNotExist {
return http.StatusNotFound, err
if err != nil {
return errToStatus(err), err
}
return http.StatusOK, nil

2
http/utils.go
View file

@ -40,6 +40,8 @@ func errToStatus(err error) int {
return http.StatusForbidden
case errors.Is(err, libErrors.ErrInvalidRequestParams):
return http.StatusBadRequest
case errors.Is(err, libErrors.ErrRootUserDeletion):
return http.StatusForbidden
default:
return http.StatusInternalServerError
}