mirror of https://github.com/lldap/lldap.git
server: Disallow deleting hardcoded attributes
This commit is contained in:
parent
829c3f2bb1
commit
4f72153bd4
|
@ -433,6 +433,15 @@ impl<Handler: BackendHandler> Mutation<Handler> {
|
|||
&span,
|
||||
"Unauthorized attribute deletion",
|
||||
))?;
|
||||
let schema = handler.get_schema().await?;
|
||||
let attribute_schema = schema
|
||||
.get_schema()
|
||||
.user_attributes
|
||||
.get_attribute_schema(&name)
|
||||
.ok_or_else(|| anyhow!("Attribute {} is not defined in the schema", name))?;
|
||||
if attribute_schema.is_hardcoded {
|
||||
return Err(anyhow!("Permission denied: Attribute {} cannot be deleted", name).into());
|
||||
}
|
||||
handler
|
||||
.delete_user_attribute(&name)
|
||||
.instrument(span)
|
||||
|
@ -454,6 +463,15 @@ impl<Handler: BackendHandler> Mutation<Handler> {
|
|||
&span,
|
||||
"Unauthorized attribute deletion",
|
||||
))?;
|
||||
let schema = handler.get_schema().await?;
|
||||
let attribute_schema = schema
|
||||
.get_schema()
|
||||
.group_attributes
|
||||
.get_attribute_schema(&name)
|
||||
.ok_or_else(|| anyhow!("Attribute {} is not defined in the schema", name))?;
|
||||
if attribute_schema.is_hardcoded {
|
||||
return Err(anyhow!("Permission denied: Attribute {} cannot be deleted", name).into());
|
||||
}
|
||||
handler
|
||||
.delete_group_attribute(&name)
|
||||
.instrument(span)
|
||||
|
|
Loading…
Reference in New Issue