From 575392d6d4bab1be3aabe60f0c05841dea05e3a5 Mon Sep 17 00:00:00 2001
From: mStar <me@mstar.dev>
Date: Thu, 7 Nov 2024 10:45:02 +0100
Subject: [PATCH] New storage error and role deletion function

New error is for indicating actions that are not ever allowed, even for
admins
And you can now delete roles
---
 storage/errors.go |  1 +
 storage/roles.go  | 13 +++++++++++++
 2 files changed, 14 insertions(+)

diff --git a/storage/errors.go b/storage/errors.go
index fae61e0..be599e6 100644
--- a/storage/errors.go
+++ b/storage/errors.go
@@ -12,3 +12,4 @@ var ErrEntryNotFound = errors.New("entry not found")
 var ErrEntryAlreadyExists = errors.New("entry already exists")
 var ErrNothingToChange = errors.New("nothing to change")
 var ErrInvalidData = errors.New("invalid data")
+var ErrNotAllowed = errors.New("action not allowed")
diff --git a/storage/roles.go b/storage/roles.go
index 2413979..92b446f 100644
--- a/storage/roles.go
+++ b/storage/roles.go
@@ -2,6 +2,7 @@ package storage
 
 import (
 	"github.com/rs/zerolog/log"
+	"gitlab.com/mstarongitlab/goutils/sliceutils"
 	"gitlab.com/mstarongitlab/linstrom/util"
 	"gorm.io/gorm"
 )
@@ -215,3 +216,15 @@ func (s *Storage) UpdateRole(role *Role) error {
 	defer util.Untrace(util.Trace(&log.Logger))
 	return s.db.Save(role).Error
 }
+
+func (s *Storage) DeleteRoleByName(name string) error {
+	// Prevent deletion of built-in roles
+	if sliceutils.Contains(
+		sliceutils.Map(allDefaultRoles, func(t *Role) string { return t.Name }),
+		name,
+	) {
+		return ErrNotAllowed
+	}
+	defer util.Untrace(util.Trace(&log.Logger))
+	return s.db.Where(&Role{Name: name, IsBuiltIn: false}).Delete(&Role{}).Error
+}