Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Disabled column to user table so individual users can be blocked. #1806

Merged
merged 5 commits into from Mar 6, 2019
Merged
Diff settings

Always

Just for now

Next

Add disabled user column to user table

  • Loading branch information...
Ronolibert authored and Igarfinkle committed Feb 27, 2019
commit 247587ec880e820242716e95b8236354f43bebaf
@@ -0,0 +1,4 @@
add_column("users", "disabled", "bool", {"null": false })

sql("UPDATE users SET disabled = true WHERE id = '5d5136c7-f004-4de1-abfc-475ae6bf34a9';")
sql("UPDATE users SET disabled = true WHERE id = '8db5b39f-2b71-4be4-bc75-c17ce964d8e3
';")
@@ -10,7 +10,7 @@ import (

"github.com/gobuffalo/pop"
"github.com/gofrs/uuid"
"github.com/honeycombio/beeline-go"
beeline "github.com/honeycombio/beeline-go"
"github.com/markbates/goth/providers/openidConnect"
"github.com/pkg/errors"
"go.uber.org/zap"
@@ -225,7 +225,11 @@ func (h CallbackHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {

userIdentity, err := models.FetchUserIdentity(h.db, openIDUser.UserID)
if err == nil { // Someone we know already

if userIdentity.Disabled {
h.logger.Error("Disabled user requesting authentication", zap.String("email", session.Email))
http.Error(w, http.StatusText(403), http.StatusForbidden)
return
}
session.UserID = userIdentity.ID
span.AddField("session.user_id", session.UserID)
if userIdentity.ServiceMemberID != nil {
Copy path View file
@@ -75,6 +75,7 @@ func CreateUser(db *pop.Connection, loginGovID string, email string) (*User, err
// UserIdentity is summary of the information about a user from the database
type UserIdentity struct {
ID uuid.UUID `db:"id"`
Disabled bool `db:"disabled"`
Email string `db:"email"`
ServiceMemberID *uuid.UUID `db:"sm_id"`
ServiceMemberFirstName *string `db:"sm_fname"`
@@ -96,6 +97,7 @@ func FetchUserIdentity(db *pop.Connection, loginGovID string) (*UserIdentity, er
var identities []UserIdentity
query := `SELECT users.id,
users.login_gov_email as email,
users.disabled as disabled,
sm.id as sm_id,
sm.first_name as sm_fname,
sm.last_name as sm_lname,
ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.