feat(api): trigger user authorization update when required (#3213)

* refactor(api): remove useless type cast * feat(api): trigger user authorization update when required * fix(api): fix missing RegistryService injection
2019-10-07 15:42:01 +13:00
parent 6c996377f5
commit b7c38b9569
16 changed files with 238 additions and 78 deletions
--- a/api/http/handler/users/handler.go
+++ b/api/http/handler/users/handler.go
@@ -23,6 +23,7 @@ type Handler struct {
 	ResourceControlService portainer.ResourceControlService
 	CryptoService          portainer.CryptoService
 	SettingsService        portainer.SettingsService
+	AuthorizationService   *portainer.AuthorizationService
 }

 // NewHandler creates a handler to manage user operations.
--- a/api/http/handler/users/user_delete.go
+++ b/api/http/handler/users/user_delete.go
@@ -65,15 +65,20 @@ func (handler *Handler) deleteAdminUser(w http.ResponseWriter, user *portainer.U
 }

 func (handler *Handler) deleteUser(w http.ResponseWriter, user *portainer.User) *httperror.HandlerError {
-	err := handler.UserService.DeleteUser(portainer.UserID(user.ID))
+	err := handler.UserService.DeleteUser(user.ID)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to remove user from the database", err}
 	}

-	err = handler.TeamMembershipService.DeleteTeamMembershipByUserID(portainer.UserID(user.ID))
+	err = handler.TeamMembershipService.DeleteTeamMembershipByUserID(user.ID)
 	if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to remove user memberships from the database", err}
 	}

+	err = handler.AuthorizationService.RemoveUserAccessPolicies(user.ID)
+	if err != nil {
+		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to clean-up user access policies", err}
+	}
+
 	return response.Empty(w)
 }