Prevent deleting master tenant (#319)

* Prevent deleting master tenant * Prevent deletion in APIS level * Address feedback
2020-04-02 15:08:55 +03:00 · 2020-04-02 15:08:55 +03:00 · c2a29831c4
commit c2a29831c4
parent 0b302c6e26
4 changed files with 21 additions and 4 deletions
--- a/Oqtane.Client/Modules/Admin/Tenants/Edit.razor
+++ b/Oqtane.Client/Modules/Admin/Tenants/Edit.razor
@ -9,7 +9,14 @@
            <label  class="control-label">Name: </label>
        </td>
        <td>
-            <input class="form-control" @bind="@name" />
+            @if (name == Constants.MasterTenant)
+            {
+                <input class="form-control" @bind="@name" readonly />
+            }
+            else
+            {
+                <input class="form-control" @bind="@name" />
+            }
        </td>
    </tr>
    <tr>
--- a/Oqtane.Client/Modules/Admin/Tenants/Index.razor
+++ b/Oqtane.Client/Modules/Admin/Tenants/Index.razor
@ -18,7 +18,7 @@ else
        </Header>
        <Row>
            <td><ActionLink Action="Edit" Parameters="@($"id=" + context.TenantId.ToString())" /></td>
-            <td><ActionDialog Header="Delete Tenant" Message="@("Are You Sure You Wish To Delete The " + context.Name + " Tenant?")" Action="Delete" Security="SecurityAccessLevel.Host" Class="btn btn-danger" OnClick="@(async () => await DeleteTenant(context))" /></td>
+            <td><ActionDialog Header="Delete Tenant" Message="@("Are You Sure You Wish To Delete The " + context.Name + " Tenant?")" Action="Delete" Security="SecurityAccessLevel.Host" Class="btn btn-danger" OnClick="@(async () => await DeleteTenant(context))" Disabled="@(context.Name == Constants.MasterTenant)" /></td>
            <td>@context.Name</td>
        </Row>
    </Pager>
--- a/Oqtane.Server/Repository/TenantRepository.cs
+++ b/Oqtane.Server/Repository/TenantRepository.cs
@ -4,6 +4,7 @@ using System.Linq;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.Caching.Memory;
 using Oqtane.Models;
+using Oqtane.Shared;

 namespace Oqtane.Repository
 {
@ -37,6 +38,13 @@ namespace Oqtane.Repository

        public Tenant UpdateTenant(Tenant tenant)
        {
+            var oldTenant = GetTenant(tenant.TenantId);
+            
+            if (oldTenant.Name.Equals(Constants.MasterTenant, StringComparison.OrdinalIgnoreCase) && !oldTenant.Name.Equals(tenant.Name))
+            {
+                throw new InvalidOperationException("Unable to rename the master tenant.");
+            }
+            
            _db.Entry(tenant).State = EntityState.Modified;
            _db.SaveChanges();
            _cache.Remove("tenants");
@ -50,8 +58,8 @@ namespace Oqtane.Repository

        public void DeleteTenant(int tenantId)
        {
-            Tenant tenant = _db.Tenant.Find(tenantId);
-            if (tenant != null)
+            var tenant = GetTenant(tenantId);
+            if (tenant != null && !tenant.Name.Equals(Constants.MasterTenant, StringComparison.OrdinalIgnoreCase))
            {
                _db.Tenant.Remove(tenant);
                _db.SaveChanges();
--- a/Oqtane.Shared/Shared/Constants.cs
+++ b/Oqtane.Shared/Shared/Constants.cs
@ -32,6 +32,8 @@

        public const string HostUser = "host";

+        public const string MasterTenant = "Master";
+
        public const string AllUsersRole = "All Users";
        public const string HostRole = "Host Users";
        public const string AdminRole = "Administrators";