From c39cd9ea10b112a3a87ab4276b432363717928d0 Mon Sep 17 00:00:00 2001
From: CURZOLA Pierre <pierre.curzola@gmail.com>
Date: Fri, 23 Feb 2024 15:36:09 +0100
Subject: [PATCH] fix(users): check before send update request if user is
 protected

---
 db/users/update.go | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/db/users/update.go b/db/users/update.go
index d6456969..7ad8332c 100644
--- a/db/users/update.go
+++ b/db/users/update.go
@@ -47,6 +47,17 @@ func UpdateUser(ctx context.Context, app, addonUUID, username string) error {
 	if !userExists {
 		return errors.New(ctx, fmt.Sprintf("User \"%s\" does not exist", username))
 	}
+	// Check if the user is protected
+	var userIsProtected bool
+	for _, user := range l {
+		if user.Name == username && user.Protected {
+			userIsProtected = true
+			break
+		}
+	}
+	if userIsProtected {
+		return errors.New(ctx, fmt.Sprintf("User \"%s\" is protected and cannot be updated", username))
+	}
 
 	password, confirmedPassword, err := askForPasswordWithRetry(ctx, 3)
 	if err != nil {