fix: handle missing LoginProfile in disable/enable/edit

- Skip LoginProfile operations when user has no console password - Only send non-empty fields to Volcengine UpdateUser API - Fixes enable_user crash for users created without password Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-28 21:15:05 +08:00 · 2026-03-28 21:15:05 +08:00 · 92172c6ec8
commit 92172c6ec8
parent ff0d0de8f8
2 changed files with 24 additions and 11 deletions
--- a/backend/apps/monitor/views.py
+++ b/backend/apps/monitor/views.py
@ -467,11 +467,12 @@ def iam_user_edit_profile_view(request, pk):
    sk = decrypt(account.secret_key_enc)
    iam = IAMService(ak, sk)
    # Only pass non-empty values to Volcengine (empty strings are rejected)
    try:
        iam.update_user(user.username,
-                        display_name=display_name,
+                        display_name=display_name if display_name else None,
-                        email=email,
+                        email=email if email else None,
-                        phone=phone)
+                        phone=phone if phone else None)
    except VolcengineAPIError as e:
        return Response({'message': f'火山 API 更新失败: {e}'},
                        status=status.HTTP_400_BAD_REQUEST)
--- a/backend/utils/iam_service.py
+++ b/backend/utils/iam_service.py
@ -197,14 +197,25 @@ class IAMService:
        except VolcengineAPIError:
            pass
    def _has_login_profile(self, username: str) -> bool:
        """检查用户是否有 LoginProfile"""
        try:
            self.get_login_profile(username)
            return True
        except VolcengineAPIError as e:
            if "LoginProfileNotExist" in str(e) or "RecordNotFound" in str(e):
                return False
            raise
    def disable_user(self, username: str):
        """完全停用用户：停控制台 + 停所有 AccessKey"""
        errors = []
-        try:
+        if self._has_login_profile(username):
-            self.update_login_allowed(username, False)
+            try:
-        except VolcengineAPIError as e:
+                self.update_login_allowed(username, False)
-            errors.append(f"停用控制台失败: {e}")
+            except VolcengineAPIError as e:
                errors.append(f"停用控制台失败: {e}")
        try:
            keys = self.list_access_keys(username)
@ -221,10 +232,11 @@ class IAMService:
        """恢复用户：恢复控制台 + 恢复所有 AccessKey"""
        errors = []
-        try:
+        if self._has_login_profile(username):
-            self.update_login_allowed(username, True)
+            try:
-        except VolcengineAPIError as e:
+                self.update_login_allowed(username, True)
-            errors.append(f"恢复控制台失败: {e}")
+            except VolcengineAPIError as e:
                errors.append(f"恢复控制台失败: {e}")
        try:
            keys = self.list_access_keys(username)