edit-db-perm: ensure user exists before applying changes

2024-08-06 23:41:11 +02:00 · 2024-08-06 23:41:11 +02:00 · fb7391a29c
parent 4353689a03
commit fb7391a29c
1 changed files with 8 additions and 1 deletions
--- a/src/cli/database_command.rs
+++ b/src/cli/database_command.rs
@ -11,7 +11,7 @@ use crate::core::{
    database_operations::{
        apply_permission_diffs, db_priv_field_human_readable_name, diff_permissions, yn,
        DatabasePrivileges, DATABASE_PRIVILEGE_FIELDS,
-    },
+    }, user_operations::user_exists,
 };

 // TODO: Support batch creation/dropping,showing of databases,
@ -519,6 +519,13 @@ pub async fn edit_permissions(
            .context("Could not parse permission data from editor")?
    };

+    for row in permissions_to_change.iter() {
+      if !user_exists(&row.user, conn).await? {
+        // TODO: allow user to return and correct their mistake
+        anyhow::bail!("User {} does not exist", row.user);
+      }
+    }
+
    let diffs = diff_permissions(permission_data, &permissions_to_change).await;

    if diffs.is_empty() {