Added validation for users to not delete their own account (#633)

Also Implemented an option to show / hide actions in table wrapper Co-authored-by: Benjamin Perez <benjamin@bexsoft.net>
2021-03-08 23:38:19 -06:00
parent ebab2e1648
commit 81087ae910
15 changed files with 77 additions and 16 deletions
--- a/restapi/error.go
+++ b/restapi/error.go
@@ -34,6 +34,7 @@ var (
 	errChangePassword                     = errors.New("unable to update password, please check your current password")
 	errInvalidLicense                     = errors.New("invalid license key")
 	errLicenseNotFound                    = errors.New("license not found")
+	errAvoidSelfAccountDelete             = errors.New("logged in user cannot be deleted by itself")
 )

 // prepareError receives an error object and parse it against k8sErrors, returns the right error code paired with a generic error message
@@ -105,6 +106,10 @@ func prepareError(err ...error) *models.Error {
 			errorCode = 404
 			errorMessage = errInvalidLicense.Error()
 		}
+		if errors.Is(err[0], errAvoidSelfAccountDelete) {
+			errorCode = 403
+			errorMessage = errAvoidSelfAccountDelete.Error()
+		}
 		if madmin.ToErrorResponse(err[0]).Code == "InvalidAccessKeyId" {
 			errorCode = 401
 			errorMessage = errorGenericInvalidSession.Error()