fix: handle missing LoginProfile in disable/enable/edit

- Skip LoginProfile operations when user has no console password - Only send non-empty fields to Volcengine UpdateUser API - Fixes enable_user crash for users created without password Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-28 21:15:05 +08:00 · 2026-03-28 21:15:05 +08:00 · 92172c6ec8
commit 92172c6ec8
parent ff0d0de8f8
2 changed files with 24 additions and 11 deletions
--- a/backend/apps/monitor/views.py
+++ b/backend/apps/monitor/views.py
@ -467,11 +467,12 @@ def iam_user_edit_profile_view(request, pk):
    sk = decrypt(account.secret_key_enc)
    iam = IAMService(ak, sk)

+    # Only pass non-empty values to Volcengine (empty strings are rejected)
    try:
        iam.update_user(user.username,
-                        display_name=display_name,
-                        email=email,
-                        phone=phone)
+                        display_name=display_name if display_name else None,
+                        email=email if email else None,
+                        phone=phone if phone else None)
    except VolcengineAPIError as e:
        return Response({'message': f'火山 API 更新失败: {e}'},
                        status=status.HTTP_400_BAD_REQUEST)
--- a/backend/utils/iam_service.py
+++ b/backend/utils/iam_service.py
@ -197,14 +197,25 @@ class IAMService:
        except VolcengineAPIError:
            pass

+    def _has_login_profile(self, username: str) -> bool:
+        """检查用户是否有 LoginProfile"""
+        try:
+            self.get_login_profile(username)
+            return True
+        except VolcengineAPIError as e:
+            if "LoginProfileNotExist" in str(e) or "RecordNotFound" in str(e):
+                return False
+            raise
+
    def disable_user(self, username: str):
        """完全停用用户：停控制台 + 停所有 AccessKey"""
        errors = []

-        try:
-            self.update_login_allowed(username, False)
-        except VolcengineAPIError as e:
-            errors.append(f"停用控制台失败: {e}")
+        if self._has_login_profile(username):
+            try:
+                self.update_login_allowed(username, False)
+            except VolcengineAPIError as e:
+                errors.append(f"停用控制台失败: {e}")

        try:
            keys = self.list_access_keys(username)
@ -221,10 +232,11 @@ class IAMService:
        """恢复用户：恢复控制台 + 恢复所有 AccessKey"""
        errors = []

-        try:
-            self.update_login_allowed(username, True)
-        except VolcengineAPIError as e:
-            errors.append(f"恢复控制台失败: {e}")
+        if self._has_login_profile(username):
+            try:
+                self.update_login_allowed(username, True)
+            except VolcengineAPIError as e:
+                errors.append(f"恢复控制台失败: {e}")

        try:
            keys = self.list_access_keys(username)