New storage error and role deletion function

New error is for indicating actions that are not ever allowed, even for admins And you can now delete roles
2024-11-07 10:45:02 +01:00 · 2024-11-07 10:45:02 +01:00 · 575392d6d4
commit 575392d6d4
parent 9169cec4bb
2 changed files with 14 additions and 0 deletions
--- a/storage/errors.go
+++ b/storage/errors.go
@ -12,3 +12,4 @@ var ErrEntryNotFound = errors.New("entry not found")
 var ErrEntryAlreadyExists = errors.New("entry already exists")
 var ErrNothingToChange = errors.New("nothing to change")
 var ErrInvalidData = errors.New("invalid data")
+var ErrNotAllowed = errors.New("action not allowed")
--- a/storage/roles.go
+++ b/storage/roles.go
@ -2,6 +2,7 @@ package storage

 import (
 	"github.com/rs/zerolog/log"
+	"gitlab.com/mstarongitlab/goutils/sliceutils"
 	"gitlab.com/mstarongitlab/linstrom/util"
 	"gorm.io/gorm"
 )
@ -215,3 +216,15 @@ func (s *Storage) UpdateRole(role *Role) error {
 	defer util.Untrace(util.Trace(&log.Logger))
 	return s.db.Save(role).Error
 }
+
+func (s *Storage) DeleteRoleByName(name string) error {
+	// Prevent deletion of built-in roles
+	if sliceutils.Contains(
+		sliceutils.Map(allDefaultRoles, func(t *Role) string { return t.Name }),
+		name,
+	) {
+		return ErrNotAllowed
+	}
+	defer util.Untrace(util.Trace(&log.Logger))
+	return s.db.Where(&Role{Name: name, IsBuiltIn: false}).Delete(&Role{}).Error
+}