From 19991f1fb7d8cb4ae140aabb8e09cecf57da08a1 Mon Sep 17 00:00:00 2001 From: Taras Kushnir Date: Thu, 8 Jan 2026 20:31:08 +0200 Subject: [PATCH] Cosmetic improvements --- pkg/db/business_impl.go | 5 +++++ pkg/portal/org.go | 2 +- pkg/portal/org_enterprise.go | 2 -- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/pkg/db/business_impl.go b/pkg/db/business_impl.go index 2045d334..7e99e115 100644 --- a/pkg/db/business_impl.go +++ b/pkg/db/business_impl.go @@ -2387,6 +2387,11 @@ func (impl *BusinessStoreImpl) TransferOrganization(ctx context.Context, user *d return nil, ErrMaintenance } + if org.UserID.Int32 != user.ID { + slog.WarnContext(ctx, "Organization is not owned by user", "orgID", org.ID, "userID", user.ID) + return nil, ErrInvalidInput + } + if org.UserID.Int32 == newOwner.ID { slog.WarnContext(ctx, "Organization is already owned by this user", "orgID", org.ID, "userID", newOwner.ID) return nil, ErrInvalidInput diff --git a/pkg/portal/org.go b/pkg/portal/org.go index da3b81e5..d37c0f4d 100644 --- a/pkg/portal/org.go +++ b/pkg/portal/org.go @@ -40,9 +40,9 @@ type orgSettingsRenderContext struct { CsrfRenderContext CurrentOrg *userOrg NameError string + Members []*orgUser CanEdit bool CanTransfer bool - Members []*orgUser } type orgAuditLogsRenderContext struct { diff --git a/pkg/portal/org_enterprise.go b/pkg/portal/org_enterprise.go index c7b7b5b8..124b09af 100644 --- a/pkg/portal/org_enterprise.go +++ b/pkg/portal/org_enterprise.go @@ -447,11 +447,9 @@ func (s *Server) transferOrg(w http.ResponseWriter, r *http.Request) { newOwner := &members[idx].User - // Execute the transfer in a transaction auditEvents, err := s.Store.WithTx(ctx, func(impl *db.BusinessStoreImpl) ([]*common.AuditLogEvent, error) { return impl.TransferOrganization(ctx, user, org, newOwner) }) - if err != nil { slog.ErrorContext(ctx, "Failed to transfer organization", common.ErrAttr(err)) s.RedirectError(http.StatusInternalServerError, w, r)