From 5ba2860551b8cc52ef7e55bfc4aa7fcc4522a7cd Mon Sep 17 00:00:00 2001 From: Kyattsukuro Date: Tue, 3 Feb 2026 15:04:18 +0100 Subject: [PATCH] moved SsoUser from get_user_or_404 to get_sso_user --- src/api/admin.rs | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/src/api/admin.rs b/src/api/admin.rs index 6e511c3e..97cfdff8 100644 --- a/src/api/admin.rs +++ b/src/api/admin.rs @@ -296,14 +296,18 @@ struct InviteData { email: String, } -async fn get_user_or_404(user_id: &UserId, conn: &DbConn) -> ApiResult<(User, Option)> { - if let Some(user) = SsoUser::find_by_uuid(user_id, conn).await { +async fn get_user_or_404(user_id: &UserId, conn: &DbConn) -> ApiResult { + if let Some(user) = User::find_by_uuid(user_id, conn).await { Ok(user) } else { err_code!("User doesn't exist", Status::NotFound.code); } } +async fn get_sso_user(user_id: &UserId, conn: &DbConn) -> Option { + SsoUser::find_by_uuid(user_id, conn).await.and_then(|user_and_sso| user_and_sso.1) +} + #[post("/invite", format = "application/json", data = "")] async fn invite_user(data: Json, _token: AdminToken, conn: DbConn) -> JsonResult { let data: InviteData = data.into_inner(); @@ -395,15 +399,16 @@ async fn get_user_by_mail_json(mail: &str, _token: AdminToken, conn: DbConn) -> #[get("/users/")] async fn get_user_json(user_id: UserId, _token: AdminToken, conn: DbConn) -> JsonResult { - let u_sso = get_user_or_404(&user_id, &conn).await?; - let user_json = get_users_property(vec![u_sso], &conn).await[0].clone(); + let user = get_user_or_404(&user_id, &conn).await?; + let sso_user = get_sso_user(&user_id, &conn).await; + let user_json = get_users_property(vec![(user, sso_user)], &conn).await[0].clone(); Ok(Json(user_json)) } #[post("/users//delete", format = "application/json")] async fn delete_user(user_id: UserId, token: AdminToken, conn: DbConn) -> EmptyResult { - let (user, _) = get_user_or_404(&user_id, &conn).await?; + let user = get_user_or_404(&user_id, &conn).await?; // Get the membership records before deleting the actual user let memberships = Membership::find_any_state_by_user(&user_id, &conn).await; @@ -448,7 +453,7 @@ async fn delete_sso_user(user_id: UserId, token: AdminToken, conn: DbConn) -> Em #[post("/users//deauth", format = "application/json")] async fn deauth_user(user_id: UserId, _token: AdminToken, conn: DbConn, nt: Notify<'_>) -> EmptyResult { - let (mut user, _) = get_user_or_404(&user_id, &conn).await?; + let mut user = get_user_or_404(&user_id, &conn).await?; nt.send_logout(&user, None, &conn).await; @@ -469,7 +474,7 @@ async fn deauth_user(user_id: UserId, _token: AdminToken, conn: DbConn, nt: Noti #[post("/users//disable", format = "application/json")] async fn disable_user(user_id: UserId, _token: AdminToken, conn: DbConn, nt: Notify<'_>) -> EmptyResult { - let (mut user, _) = get_user_or_404(&user_id, &conn).await?; + let mut user = get_user_or_404(&user_id, &conn).await?; Device::delete_all_by_user(&user.uuid, &conn).await?; user.reset_security_stamp(); user.enabled = false; @@ -483,7 +488,7 @@ async fn disable_user(user_id: UserId, _token: AdminToken, conn: DbConn, nt: Not #[post("/users//enable", format = "application/json")] async fn enable_user(user_id: UserId, _token: AdminToken, conn: DbConn) -> EmptyResult { - let (mut user, _) = get_user_or_404(&user_id, &conn).await?; + let mut user = get_user_or_404(&user_id, &conn).await?; user.enabled = true; user.save(&conn).await @@ -491,7 +496,7 @@ async fn enable_user(user_id: UserId, _token: AdminToken, conn: DbConn) -> Empty #[post("/users//remove-2fa", format = "application/json")] async fn remove_2fa(user_id: UserId, token: AdminToken, conn: DbConn) -> EmptyResult { - let (mut user, _) = get_user_or_404(&user_id, &conn).await?; + let mut user = get_user_or_404(&user_id, &conn).await?; TwoFactor::delete_all_by_user(&user.uuid, &conn).await?; two_factor::enforce_2fa_policy(&user, &ACTING_ADMIN_USER.into(), 14, &token.ip.ip, &conn).await?; user.totp_recover = None;