fix mostly bugs on system management, and user roles and group assignment

2025-12-30 01:49:19 +07:00
parent cb923704db
commit ebaf718424
12 changed files with 1178 additions and 282 deletions
--- a/backend/internal/iam/user.go
+++ b/backend/internal/iam/user.go
@@ -2,6 +2,7 @@ package iam

 import (
 	"database/sql"
+	"fmt"
 	"time"

 	"github.com/atlasos/calypso/internal/common/database"
@@ -90,11 +91,14 @@ func GetUserRoles(db *database.DB, userID string) ([]string, error) {
 	for rows.Next() {
 		var role string
 		if err := rows.Scan(&role); err != nil {
-			return nil, err
+			return []string{}, err
 		}
 		roles = append(roles, role)
 	}

+	if roles == nil {
+		roles = []string{}
+	}
 	return roles, rows.Err()
 }

@@ -118,11 +122,14 @@ func GetUserPermissions(db *database.DB, userID string) ([]string, error) {
 	for rows.Next() {
 		var perm string
 		if err := rows.Scan(&perm); err != nil {
-			return nil, err
+			return []string{}, err
 		}
 		permissions = append(permissions, perm)
 	}

+	if permissions == nil {
+		permissions = []string{}
+	}
 	return permissions, rows.Err()
 }

@@ -133,8 +140,23 @@ func AddUserRole(db *database.DB, userID, roleID, assignedBy string) error {
 		VALUES ($1, $2, $3)
 		ON CONFLICT (user_id, role_id) DO NOTHING
 	`
-	_, err := db.Exec(query, userID, roleID, assignedBy)
-	return err
+	result, err := db.Exec(query, userID, roleID, assignedBy)
+	if err != nil {
+		return fmt.Errorf("failed to insert user role: %w", err)
+	}
+
+	// Check if row was actually inserted (not just skipped due to conflict)
+	rowsAffected, err := result.RowsAffected()
+	if err != nil {
+		return fmt.Errorf("failed to get rows affected: %w", err)
+	}
+
+	if rowsAffected == 0 {
+		// Row already exists, this is not an error but we should know about it
+		return nil // ON CONFLICT DO NOTHING means this is expected
+	}
+
+	return nil
 }

 // RemoveUserRole removes a role from a user