From 52ed2d0b619a793802705264baf01e5c0a1dd2fa Mon Sep 17 00:00:00 2001 From: DongYoung Kim Date: Mon, 21 Oct 2024 05:52:08 +0900 Subject: [PATCH 1/3] Fix an error creating a project when the password is default Signed-off-by: DongYoung Kim --- chaoscenter/authentication/api/handlers/rest/project_handler.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/chaoscenter/authentication/api/handlers/rest/project_handler.go b/chaoscenter/authentication/api/handlers/rest/project_handler.go index 8ebe227df8b..160be2e03f8 100644 --- a/chaoscenter/authentication/api/handlers/rest/project_handler.go +++ b/chaoscenter/authentication/api/handlers/rest/project_handler.go @@ -325,8 +325,10 @@ func CreateProject(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, userRequest.UserID) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) + return } else if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } // checking if project name is empty From c076f8d157793d1ca1fc1e1677879f39947e6233 Mon Sep 17 00:00:00 2001 From: DongYoung Kim Date: Mon, 21 Oct 2024 14:00:55 +0900 Subject: [PATCH 2/3] Separate logic into a single if block for better readability Signed-off-by: DongYoung Kim --- .../authentication/api/handlers/rest/project_handler.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/chaoscenter/authentication/api/handlers/rest/project_handler.go b/chaoscenter/authentication/api/handlers/rest/project_handler.go index 160be2e03f8..a6a2ef06e71 100644 --- a/chaoscenter/authentication/api/handlers/rest/project_handler.go +++ b/chaoscenter/authentication/api/handlers/rest/project_handler.go @@ -326,7 +326,9 @@ func CreateProject(service services.ApplicationService) gin.HandlerFunc { if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) return - } else if initialLogin { + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) return } From c17c4fd159a85e89f04229d9c22b6ddc67a8f1e7 Mon Sep 17 00:00:00 2001 From: DongYoung Kim Date: Sun, 27 Oct 2024 21:05:45 +0900 Subject: [PATCH 3/3] Fix condition not returning error during initial login Signed-off-by: DongYoung Kim --- .../api/handlers/rest/project_handler.go | 36 +++++++++++++++---- .../api/handlers/rest/user_handlers.go | 31 +++++++++++++--- 2 files changed, 56 insertions(+), 11 deletions(-) diff --git a/chaoscenter/authentication/api/handlers/rest/project_handler.go b/chaoscenter/authentication/api/handlers/rest/project_handler.go index a6a2ef06e71..52e95a2932b 100644 --- a/chaoscenter/authentication/api/handlers/rest/project_handler.go +++ b/chaoscenter/authentication/api/handlers/rest/project_handler.go @@ -460,8 +460,12 @@ func SendInvitation(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, c.MustGet("uid").(string)) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } // Validating member role @@ -562,8 +566,12 @@ func AcceptInvitation(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, c.MustGet("uid").(string)) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } err = validations.RbacValidator(c.MustGet("uid").(string), member.ProjectID, @@ -618,8 +626,12 @@ func DeclineInvitation(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, c.MustGet("uid").(string)) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } err = validations.RbacValidator(c.MustGet("uid").(string), member.ProjectID, @@ -688,8 +700,12 @@ func LeaveProject(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, c.MustGet("uid").(string)) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } err = validations.RbacValidator(c.MustGet("uid").(string), member.ProjectID, @@ -748,8 +764,12 @@ func RemoveInvitation(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, c.MustGet("uid").(string)) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } err = validations.RbacValidator(c.MustGet("uid").(string), member.ProjectID, @@ -828,8 +848,12 @@ func UpdateProjectName(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, c.MustGet("uid").(string)) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } err = validations.RbacValidator(c.MustGet("uid").(string), diff --git a/chaoscenter/authentication/api/handlers/rest/user_handlers.go b/chaoscenter/authentication/api/handlers/rest/user_handlers.go index 904969f16ab..d8bcf5d9afa 100644 --- a/chaoscenter/authentication/api/handlers/rest/user_handlers.go +++ b/chaoscenter/authentication/api/handlers/rest/user_handlers.go @@ -136,13 +136,18 @@ func UpdateUser(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, uid) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } err = service.UpdateUser(&userRequest) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) + return } c.JSON(http.StatusOK, gin.H{"message": "User details updated successfully"}) } @@ -554,8 +559,12 @@ func ResetPassword(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, uid) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } if userPasswordRequest.NewPassword != "" { @@ -610,8 +619,12 @@ func UpdateUserState(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, adminUser.ID) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } if entities.Role(userRole) != entities.RoleAdmin { @@ -689,8 +702,12 @@ func CreateApiToken(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, apiTokenRequest.UserID) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } // Checking if user exists @@ -785,8 +802,12 @@ func DeleteApiToken(service services.ApplicationService) gin.HandlerFunc { initialLogin, err := CheckInitialLogin(service, deleteApiTokenRequest.UserID) if err != nil { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) - } else if initialLogin { + return + } + + if initialLogin { c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrPasswordNotUpdated)) + return } token := deleteApiTokenRequest.Token