Merge pull request #863 from utmstack/bugfix/v10.5.10/system-requires-at-least-one-admin-user

c3s4rfred · web-flow · commit 0098c8767c46 · 2024-10-22T06:00:21.000-07:00
fix: Add validation to prevent deletion of the last admin user
diff --git a/backend/src/main/java/com/park/utmstack/repository/UserRepository.java b/backend/src/main/java/com/park/utmstack/repository/UserRepository.java
@@ -39,7 +39,7 @@ public interface UserRepository extends JpaRepository<User, Long> {
     List<User> findAllAdmins();
 
     @Query("SELECT u FROM User u JOIN FETCH u.authorities a WHERE a.name = 'ROLE_ADMIN' AND u.activated = true")
-    Optional<User> findAnyAdminUser();
+    List<User> findAdminUsers();
 
     @EntityGraph(attributePaths = "authorities")
     Optional<User> findOneWithAuthoritiesById(Long id);
diff --git a/backend/src/main/java/com/park/utmstack/security/internalApiKey/InternalApiKeyProvider.java b/backend/src/main/java/com/park/utmstack/security/internalApiKey/InternalApiKeyProvider.java
@@ -1,6 +1,5 @@
 package com.park.utmstack.security.internalApiKey;
 
-import com.park.utmstack.config.Constants;
 import com.park.utmstack.repository.UserRepository;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -26,8 +25,7 @@ public InternalApiKeyProvider(UserRepository userRepository) {
     public UsernamePasswordAuthenticationToken getAuthentication(String apiKey) {
         final String ctx = CLASSNAME + ".getAuthentication";
         try {
-            com.park.utmstack.domain.User user = userRepository.findAnyAdminUser()
-                .orElseThrow(() -> new RuntimeException("User not found"));
+            com.park.utmstack.domain.User user = this.findFirstActiveAdmin();
             List<SimpleGrantedAuthority> authorities = user.getAuthorities().stream().map(d -> new SimpleGrantedAuthority(d.getName()))
                 .collect(Collectors.toList());
             User principal = new User(user.getLogin(), "", authorities);
@@ -38,5 +36,15 @@ public UsernamePasswordAuthenticationToken getAuthentication(String apiKey) {
             throw new RuntimeException(msg);
         }
     }
+
+    private com.park.utmstack.domain.User findFirstActiveAdmin() throws Exception {
+        List<com.park.utmstack.domain.User> users = userRepository.findAdminUsers();
+
+        if (!users.isEmpty()) {
+            return users.get(0);
+        } else {
+            throw new Exception("No active admin user found");
+        }
+    }
 }
 
diff --git a/version.yml b/version.yml
@@ -1 +1 @@
-version: 10.5.11
+version: 10.5.12
