feat: allow LDAP users and groups to be deleted if LDAP gets disabled

2025-12-14 07:12:19 +00:00 · 2025-02-03 08:58:20 +01:00
parent ecd74b794f
commit 9ab178712a
11 changed files with 34 additions and 22 deletions
--- a/backend/internal/service/app_config_service.go
+++ b/backend/internal/service/app_config_service.go
@@ -119,6 +119,7 @@ var defaultDbConfig = model.AppConfig{
 	LdapEnabled: model.AppConfigVariable{
 		Key:          "ldapEnabled",
 		Type:         "bool",
+		IsPublic:     true,
 		DefaultValue: "false",
 	},
 	LdapUrl: model.AppConfigVariable{
--- a/backend/internal/service/user_group_service.go
+++ b/backend/internal/service/user_group_service.go
@@ -10,11 +10,12 @@ import (
 )

 type UserGroupService struct {
-	db *gorm.DB
+	db               *gorm.DB
+	appConfigService *AppConfigService
 }

-func NewUserGroupService(db *gorm.DB) *UserGroupService {
-	return &UserGroupService{db: db}
+func NewUserGroupService(db *gorm.DB, appConfigService *AppConfigService) *UserGroupService {
+	return &UserGroupService{db: db, appConfigService: appConfigService}
 }

 func (s *UserGroupService) List(name string, sortedPaginationRequest utils.SortedPaginationRequest) (groups []model.UserGroup, response utils.PaginationResponse, err error) {
@@ -51,7 +52,8 @@ func (s *UserGroupService) Delete(id string) error {
 		return err
 	}

-	if group.LdapID != nil {
+	// Disallow deleting the group if it is an LDAP group and LDAP is enabled
+	if group.LdapID != nil && s.appConfigService.DbConfig.LdapEnabled.Value == "true" {
 		return &common.LdapUserGroupUpdateError{}
 	}

@@ -83,7 +85,8 @@ func (s *UserGroupService) Update(id string, input dto.UserGroupCreateDto, allow
 		return model.UserGroup{}, err
 	}

-	if group.LdapID != nil && !allowLdapUpdate {
+	// Disallow updating the group if it is an LDAP group and LDAP is enabled
+	if !allowLdapUpdate && group.LdapID != nil && s.appConfigService.DbConfig.LdapEnabled.Value == "true" {
 		return model.UserGroup{}, &common.LdapUserGroupUpdateError{}
 	}

--- a/backend/internal/service/user_service.go
+++ b/backend/internal/service/user_service.go
@@ -17,14 +17,15 @@ import (
 )

 type UserService struct {
-	db              *gorm.DB
-	jwtService      *JwtService
-	auditLogService *AuditLogService
-	emailService    *EmailService
+	db               *gorm.DB
+	jwtService       *JwtService
+	auditLogService  *AuditLogService
+	emailService     *EmailService
+	appConfigService *AppConfigService
 }

-func NewUserService(db *gorm.DB, jwtService *JwtService, auditLogService *AuditLogService, emailService *EmailService) *UserService {
-	return &UserService{db: db, jwtService: jwtService, auditLogService: auditLogService, emailService: emailService}
+func NewUserService(db *gorm.DB, jwtService *JwtService, auditLogService *AuditLogService, emailService *EmailService, appConfigService *AppConfigService) *UserService {
+	return &UserService{db: db, jwtService: jwtService, auditLogService: auditLogService, emailService: emailService, appConfigService: appConfigService}
 }

 func (s *UserService) ListUsers(searchTerm string, sortedPaginationRequest utils.SortedPaginationRequest) ([]model.User, utils.PaginationResponse, error) {
@@ -52,7 +53,8 @@ func (s *UserService) DeleteUser(userID string) error {
 		return err
 	}

-	if user.LdapID != nil {
+	// Disallow deleting the user if it is an LDAP user and LDAP is enabled
+	if user.LdapID != nil && s.appConfigService.DbConfig.LdapEnabled.Value == "true" {
 		return &common.LdapUserUpdateError{}
 	}

@@ -86,7 +88,8 @@ func (s *UserService) UpdateUser(userID string, updatedUser dto.UserCreateDto, u
 		return model.User{}, err
 	}

-	if user.LdapID != nil && !allowLdapUpdate {
+	// Disallow updating the user if it is an LDAP group and LDAP is enabled
+	if !allowLdapUpdate && user.LdapID != nil && s.appConfigService.DbConfig.LdapEnabled.Value == "true" {
 		return model.User{}, &common.LdapUserUpdateError{}
 	}