Merge pull request #857 from utmstack/bugfix/v10.5.10/system-requires-at-least-one-admin-user

Bugfix/v10.5.10/system requires at least one admin user

Author: c3s4rfred

CHANGELOG.md

@@ -1,4 +1,3 @@
-# UTMStack 10.5.10 Release Notes
+# UTMStack 10.5.11 Release Notes
 ## Bugfix
-- Improved timezone handling for Data Source -> Last Input and Log Explorer views
-- Implemented a check to assign 'UNKNOWN' as the default key for buckets with empty keys to ensure data consistency.
+- Implemented validation checks during the user deletion process to prevent the deletion of the last admin user. This ensures that at least one admin user remains in the system, maintaining the integrity of the authentication process.

backend/src/main/java/com/park/utmstack/repository/UserRepository.java

@@ -32,6 +32,9 @@ public interface UserRepository extends JpaRepository<User, Long> {
     @Query("select u from User u where upper(u.login) like concat('%', UPPER(:login) , '%') and (u.fsManager is null or u.fsManager is false)")
     Page<User> findAllByLoginLike(Pageable pageable, @Param("login") String login);
 
+    @Query(nativeQuery = true, value = "SELECT count(jhi_user.id) FROM jhi_user WHERE jhi_user.id IN (SELECT jhi_user_authority.user_id FROM jhi_user_authority WHERE jhi_user_authority.authority_name = 'ROLE_ADMIN')")
+    int countAdmins();
+
     @Query(nativeQuery = true, value = "SELECT jhi_user.* FROM jhi_user WHERE jhi_user.id IN (SELECT jhi_user_authority.user_id FROM jhi_user_authority WHERE jhi_user_authority.authority_name = 'ROLE_ADMIN')")
     List<User> findAllAdmins();
 

backend/src/main/java/com/park/utmstack/service/UserService.java

@@ -12,6 +12,7 @@
 import com.park.utmstack.service.dto.UserDTO;
 import com.park.utmstack.service.util.RandomUtil;
 import com.park.utmstack.util.exceptions.CurrentUserLoginNotFoundException;
+import com.park.utmstack.web.rest.errors.BadRequestAlertException;
 import com.park.utmstack.web.rest.errors.InvalidPasswordException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -27,10 +28,7 @@
 
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
-import java.util.List;
-import java.util.Objects;
-import java.util.Optional;
-import java.util.Set;
+import java.util.*;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
@@ -227,14 +225,17 @@ public User updateUserTfaSecret(String userLogin, String tfaSecret) throws Excep
         }
     }
 
-    public void deleteUser(String login) {
+    public void deleteUser(String login) throws Exception {
         String ctx = CLASS_NAME + ".deleteUser";
-        Optional<User> user = userRepository.findOneByLogin(login);
-        if (user.isPresent()) {
-            User usr = user.get();
-            userRepository.delete(usr);
-            log.debug("Deleted User: {}", usr);
+        User user = userRepository.findOneByLogin(login)
+                .orElseThrow(() -> new NoSuchElementException(String.format("User %1$s not found", login)));
+
+        if (user.getAuthorities().stream().anyMatch(authority -> authority.getName().equals("ROLE_ADMIN")) && userRepository.countAdmins() == 1) {
+            throw new BadRequestAlertException(ctx, "Cannot delete the last admin user.", UserService.class.toString());
         }
+
+        userRepository.delete(user);
+        log.debug("Deleted User: {}", user);
     }
 
     public void changePassword(String currentClearTextPassword, String newPassword) {

backend/src/main/java/com/park/utmstack/web/rest/UserResource.java

@@ -237,14 +237,26 @@ public ResponseEntity<Void> deleteUser(@PathVariable String login) {
         try {
             userService.deleteUser(login);
             return ResponseEntity.ok()
-                .headers(HeaderUtil.createAlert("A user is deleted with identifier " + login, login))
-                .build();
+                    .headers(HeaderUtil.createAlert("A user is deleted with identifier " + login, login))
+                    .build();
+        } catch (NoSuchMethodException e) {
+            String msg = ctx + ": " + e.getMessage();
+            log.error(msg);
+            applicationEventService.createEvent(msg, ApplicationEventType.ERROR);
+            return ResponseEntity.status(HttpStatus.NOT_FOUND).headers(
+                    HeaderUtil.createFailureAlert("", "", msg)).body(null);
+        } catch (BadRequestAlertException e) {
+            String msg = ctx + ": " + e.getMessage();
+            log.error(msg);
+            applicationEventService.createEvent(msg, ApplicationEventType.ERROR);
+            return ResponseEntity.status(HttpStatus.BAD_REQUEST).headers(
+                    HeaderUtil.createFailureAlert("", "", msg)).body(null);
         } catch (Exception e) {
             String msg = ctx + ": " + e.getMessage();
             log.error(msg);
             applicationEventService.createEvent(msg, ApplicationEventType.ERROR);
             return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).headers(
-                HeaderUtil.createFailureAlert("", "", msg)).body(null);
+                    HeaderUtil.createFailureAlert("", "", msg)).body(null);
         }
     }
 

frontend/src/app/admin/user/user-delete/user-management-delete-dialog.component.ts

@@ -4,6 +4,7 @@ import {JhiEventManager} from 'ng-jhipster';
 import {User} from '../../../core/user/user.model';
 import {UserService} from '../../../core/user/user.service';
 import {UtmToastService} from '../../../shared/alert/utm-toast.service';
+import {HttpErrorResponse, HttpResponse} from "@angular/common/http";
 
 @Component({
   selector: 'app-ser-mgmt-delete-dialog',
@@ -30,6 +31,13 @@ export class UserMgmtDeleteDialogComponent {
       });
       this.utmToast.showSuccess('User deleted successfully');
       this.activeModal.dismiss(true);
-    });
+    },
+      (error: HttpErrorResponse) => {
+        if (error.status === 400) {
+          this.utmToast.showError('Error', 'Cannot delete the last admin user.');
+        }
+        this.utmToast.showError('Error', 'An error occurred while attempting to delete the user.');
+        this.activeModal.dismiss(true);
+      });
   }
 }

version.yml

@@ -1 +1 @@
-version: 10.5.10
+version: 10.5.11