@@ -25,7 +25,6 @@ import (
2525 "github.com/chainloop-dev/chainloop/app/controlplane/pkg/auditor/events"
2626 "github.com/chainloop-dev/chainloop/app/controlplane/pkg/authz"
2727 config "github.com/chainloop-dev/chainloop/app/controlplane/pkg/conf/controlplane/config/v1"
28- "github.com/chainloop-dev/chainloop/app/controlplane/pkg/pagination"
2928 "github.com/chainloop-dev/chainloop/pkg/servicelogger"
3029 "github.com/go-kratos/kratos/v2/log"
3130 "github.com/google/uuid"
@@ -307,24 +306,18 @@ func (uc *OrganizationUseCase) DeleteByUser(ctx context.Context, orgName, userID
307306 return NewErrInvalidUUID (err )
308307 }
309308
310- // Check if user is an owner of the organization
311- ownerRole := authz .RoleOwner
312- owners , _ , err := uc .membershipRepo .FindByOrg (ctx , orgUUID , & ListByOrgOpts {
313- Role : & ownerRole ,
314- }, & pagination.OffsetPaginationOpts {}) // Use default pagination for owners
309+ userUUID , err := uuid .Parse (userID )
315310 if err != nil {
316- return fmt . Errorf ( "failed to find owners: %w" , err )
311+ return NewErrInvalidUUID ( err )
317312 }
318313
319- userIsOwner := false
320- for _ , owner := range owners {
321- if owner .User != nil && owner .User .ID == userID {
322- userIsOwner = true
323- break
324- }
314+ // Check if user is an owner of the organization
315+ m , err := uc .membershipRepo .FindByOrgAndUser (ctx , orgUUID , userUUID )
316+ if err != nil {
317+ return fmt .Errorf ("failed to find owners: %w" , err )
325318 }
326319
327- if ! userIsOwner {
320+ if m == nil || m . Role != authz . RoleOwner {
328321 return NewErrValidationStr ("only organization owners can delete the organization" )
329322 }
330323
0 commit comments