edit-db-perm: ensure user exists before applying changes

This commit is contained in:
Oystein Kristoffer Tveit 2024-08-06 23:41:11 +02:00
parent 4353689a03
commit fb7391a29c
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
1 changed files with 8 additions and 1 deletions

View File

@ -11,7 +11,7 @@ use crate::core::{
database_operations::{
apply_permission_diffs, db_priv_field_human_readable_name, diff_permissions, yn,
DatabasePrivileges, DATABASE_PRIVILEGE_FIELDS,
},
}, user_operations::user_exists,
};
// TODO: Support batch creation/dropping,showing of databases,
@ -519,6 +519,13 @@ pub async fn edit_permissions(
.context("Could not parse permission data from editor")?
};
for row in permissions_to_change.iter() {
if !user_exists(&row.user, conn).await? {
// TODO: allow user to return and correct their mistake
anyhow::bail!("User {} does not exist", row.user);
}
}
let diffs = diff_permissions(permission_data, &permissions_to_change).await;
if diffs.is_empty() {