Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FIX] Avoid last admin deactivate itself #22949

Merged
merged 17 commits into from Oct 18, 2021
+21 −0
Merged

[FIX] Avoid last admin deactivate itself #22949

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
0b3fbc9
avoid last admin to deactivate itself
ostjen Aug 16, 2021
a73fb19
cleaner code
ostjen Aug 16, 2021
23bf06a
refact to avoid nesting
ostjen Aug 17, 2021
ca309df
lint fix
ostjen Aug 17, 2021
026ce2d
Merge branch 'develop' into lastAdminDeactivateItself
ostjen Aug 17, 2021
507ca2d
revert changes
ostjen Aug 18, 2021
dafe09e
Merge branch 'lastAdminDeactivateItself' of github.com:RocketChat/Roc…
ostjen Aug 18, 2021
f6f8a59
refact
ostjen Aug 18, 2021
60ae3e9
lint
ostjen Aug 18, 2021
dceaafc
countAdmin refact
ostjen Aug 19, 2021
5569bea
created user method + moved code
ostjen Aug 19, 2021
63a720e
removed useless logs + newlines
ostjen Aug 19, 2021
967342f
removed \n
ostjen Aug 19, 2021
75573a3
small changes
Aug 23, 2021
9098911
lint
ostjen Aug 23, 2021
e6786bf
Merge branch 'develop' into lastAdminDeactivateItself
ostjen Oct 14, 2021
1cb07ee
Update app/lib/server/functions/setUserActiveStatus.js
ostjen Oct 14, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
10 changes: 10 additions & 0 deletions app/lib/server/functions/setUserActiveStatus.js
View file
Open in desktop
Expand Up @@ -40,8 +40,18 @@ export function setUserActiveStatus(userId, active, confirmRelinquish = false) {
return false;
}


// Users without username can't do anything, so there is no need to check for owned rooms
if (user.username != null && !active) {
const userAdmin = Users.findOneAdmin(userId.count);
const adminsCount = Users.findActiveUsersInRoles(['admin']).count();
if (userAdmin && adminsCount === 1) {
throw new Meteor.Error('error-action-not-allowed', 'Leaving the app without an active admin is not allowed', {
method: 'removeUserFromRole',
action: 'Remove_last_admin',
});
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should add this check to removing role if role is admin. Some people seem to keep removing the last admin. 🙈


const subscribedRooms = getSubscribedRoomsForUserWithDetails(userId);
// give omnichannel rooms a special treatment :)
const chatSubscribedRooms = subscribedRooms.filter(({ t }) => t !== 'l');
Expand Down
11 changes: 11 additions & 0 deletions app/models/server/models/Users.js
View file
Open in desktop
Expand Up @@ -569,6 +569,17 @@ export class Users extends Base {
return this.find(query, options);
}

findActiveUsersInRoles(roles, scope, options) {
roles = [].concat(roles);

const query = {
roles: { $in: roles },
active: true,
};

return this.find(query, options);
}

findOneByAppId(appId, options) {
const query = { appId };

Expand Down