allow user delete if they are not the only owner

2025-01-11 20:10:38 +01:00 · 2017-10-25 11:36:54 -04:00 · 2017-10-25 11:36:54 -04:00 · 8ba3e27a7d
commit 8ba3e27a7d
parent 461be7a14f
7 changed files with 33 additions and 25 deletions
--- a/src/Core/Repositories/IOrganizationUserRepository.cs
+++ b/src/Core/Repositories/IOrganizationUserRepository.cs
@ -11,7 +11,7 @@ namespace Bit.Core.Repositories
    {
        Task<int> GetCountByOrganizationIdAsync(Guid organizationId);
        Task<int> GetCountByFreeOrganizationAdminUserAsync(Guid userId);
-        Task<int> GetCountByOrganizationOwnerUserAsync(Guid userId);
+        Task<int> GetCountByOnlyOwnerAsync(Guid userId);
        Task<ICollection<OrganizationUser>> GetManyByUserAsync(Guid userId);
        Task<ICollection<OrganizationUser>> GetManyByOrganizationAsync(Guid organizationId, OrganizationUserType? type);
        Task<OrganizationUser> GetByOrganizationAsync(Guid organizationId, string email);
--- a/src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
+++ b/src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
@ -49,12 +49,12 @@ namespace Bit.Core.Repositories.SqlServer
            }
        }
-        public async Task<int> GetCountByOrganizationOwnerUserAsync(Guid userId)
+        public async Task<int> GetCountByOnlyOwnerAsync(Guid userId)
        {
            using(var connection = new SqlConnection(ConnectionString))
            {
                var results = await connection.ExecuteScalarAsync<int>(
-                    "[dbo].[OrganizationUser_ReadCountByOrganizationOwnerUser]",
+                    "[dbo].[OrganizationUser_ReadCountByOnlyOwner]",
                    new { UserId = userId },
                    commandType: CommandType.StoredProcedure);
--- a/src/Core/Services/Implementations/UserService.cs
+++ b/src/Core/Services/Implementations/UserService.cs
@ -7,7 +7,6 @@ using Microsoft.Extensions.Options;
 using Bit.Core.Models.Table;
 using Bit.Core.Repositories;
 using System.Linq;
 using Microsoft.AspNetCore.Builder;
 using Bit.Core.Enums;
 using System.Security.Claims;
 using Bit.Core.Models;
@ -161,13 +160,13 @@ namespace Bit.Core.Services
        public override async Task<IdentityResult> DeleteAsync(User user)
        {
-            // Check if user is the owner of any organizations.
+            // Check if user is the only owner of any organizations.
-            var organizationOwnerCount = await _organizationUserRepository.GetCountByOrganizationOwnerUserAsync(user.Id);
+            var onlyOwnerCount = await _organizationUserRepository.GetCountByOnlyOwnerAsync(user.Id);
-            if(organizationOwnerCount > 0)
+            if(onlyOwnerCount > 0)
            {
                return IdentityResult.Failed(new IdentityError
                {
-                    Description = "You must leave or delete any organizations that you are the owner of first."
+                    Description = "You must leave or delete any organizations that you are the only owner of first."
                });
            }
--- a/src/Sql/Sql.sqlproj
+++ b/src/Sql/Sql.sqlproj
@ -114,7 +114,7 @@
    <Build Include="dbo\Stored Procedures\OrganizationUser_ReadCountByFreeOrganizationAdminUser.sql" />
    <Build Include="dbo\Stored Procedures\User_ReadAccountRevisionDateById.sql" />
    <Build Include="dbo\Stored Procedures\OrganizationUser_ReadCountByOrganizationId.sql" />
-    <Build Include="dbo\Stored Procedures\OrganizationUser_ReadCountByOrganizationOwnerUser.sql" />
+    <Build Include="dbo\Stored Procedures\OrganizationUser_ReadCountByOnlyOwner.sql" />
    <Build Include="dbo\Stored Procedures\OrganizationUser_Update.sql" />
    <Build Include="dbo\Stored Procedures\OrganizationUserOrganizationDetails_ReadByUserIdStatus.sql" />
    <Build Include="dbo\Stored Procedures\OrganizationUserUserDetails_ReadByOrganizationId.sql" />
--- a/Procedures/OrganizationUser_ReadCountByOnlyOwner.sql
+++ b/Procedures/OrganizationUser_ReadCountByOnlyOwner.sql
@ -0,0 +1,25 @@
 CREATE PROCEDURE [dbo].[OrganizationUser_ReadCountByOnlyOwner]
    @UserId UNIQUEIDENTIFIER
 AS
 BEGIN
    SET NOCOUNT ON
    ;WITH [OwnerCountCTE] AS
    (
        SELECT
            OU.[UserId],
            COUNT(1) OVER (PARTITION BY OU.[OrganizationId]) [ConfirmedOwnerCount]
        FROM
            [dbo].[OrganizationUser] OU
        WHERE
            OU.[Type] = 0 -- 0 = Owner
            AND OU.[Status] = 2 -- 2 = Confirmed
    )
    SELECT
        COUNT(1)
    FROM
        [OwnerCountCTE] OC
    WHERE
        OC.[UserId] = @UserId
        AND OC.[ConfirmedOwnerCount] = 1
 END
--- a/Procedures/OrganizationUser_ReadCountByOrganizationOwnerUser.sql
+++ b/Procedures/OrganizationUser_ReadCountByOrganizationOwnerUser.sql
@ -1,15 +0,0 @@
 CREATE PROCEDURE [dbo].[OrganizationUser_ReadCountByOrganizationOwnerUser]
    @UserId UNIQUEIDENTIFIER
 AS
 BEGIN
    SET NOCOUNT ON
    SELECT
        COUNT(1)
    FROM
        [dbo].[OrganizationUser] OU
    WHERE
        OU.[UserId] = @UserId
        AND OU.[Type] = 0
        AND OU.[Status] = 2 -- 2 = Confirmed
 END
--- a/Procedures/User_DeleteById.sql
+++ b/Procedures/User_DeleteById.sql
@ -64,7 +64,6 @@ BEGIN
        [dbo].[OrganizationUser]
    WHERE
        [UserId] = @Id
        AND [Type] != 0 -- 0 = owner
    -- Finally, delete the user
    DELETE