Commit 31e8310c authored by Benedikt Heinrichs's avatar Benedikt Heinrichs

Fix: Last Owner is not able to be deleted (coscine/issues#251)

parent c44d1dc2
......@@ -85,6 +85,8 @@ namespace Coscine.Api.Project.Controllers
ProjectModel projectModel = new ProjectModel();
if (projectModel.OwnsProject(user, projectModel.GetById(projectId)))
{
_projectRoleModel.CheckIfLastOwnerWillBeRemoved(roleId, projectId);
return _projectRoleModel.Delete(_projectRoleModel.GetWhere((projectRole) =>
projectRole.ProjectId == projectId
&& projectRole.UserId == userId
......
using Coscine.Api.Project.ReturnObjects;
using Coscine.ApiCommons.Exceptions;
using Coscine.ApiCommons.Models;
using Coscine.Database.Model;
using LinqToDB;
......@@ -18,11 +19,13 @@ namespace Coscine.Api.Project.Models
public ProjectRole SetFromObject(ProjectRoleObject projectRoleObject)
{
// Remove existing roles if they exist
var existingRoles = GetAllWhere((dbProjectRole) => dbProjectRole.ProjectId == projectRoleObject.ProjectId && dbProjectRole.UserId == projectRoleObject.User.Id);
if(existingRoles.Count() > 0)
var existingRoles = GetAllWhere((dbProjectRole) => dbProjectRole.ProjectId == projectRoleObject.ProjectId && dbProjectRole.UserId == projectRoleObject.User.Id);
if (existingRoles.Count() > 0)
{
foreach(var role in existingRoles)
{
CheckIfLastOwnerWillBeRemoved(role.RoleId, projectRoleObject.ProjectId);
Delete(role);
}
}
......@@ -36,6 +39,24 @@ namespace Coscine.Api.Project.Models
return projectRole;
}
public void CheckIfLastOwnerWillBeRemoved(Guid roleId, Guid projectId)
{
RoleModel roleModel = new RoleModel();
var ownerRole = roleModel.GetOwnerRole();
if (roleId == ownerRole.Id)
{
var moreThanOneOwnerExists = GetAllWhere((projectRole) =>
projectRole.ProjectId == projectId
&& projectRole.RoleId == ownerRole.Id
).Count() > 1;
if (!moreThanOneOwnerExists)
{
throw new NotAuthorizedException("The last owner cannot be removed!");
}
}
}
public override Expression<Func<ProjectRole, Guid>> GetIdFromObject()
{
return databaseObject => databaseObject.RelationId;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment