From 19ab168b1288772836570b2a0f92edc09c936338 Mon Sep 17 00:00:00 2001
From: Yang Luo <hsluoyz@qq.com>
Date: Fri, 14 Jul 2023 20:57:59 +0800
Subject: [PATCH] Fix panic in func (c *ApiController) GetUser() if no user
 exists in DB

---
 controllers/account.go | 8 +++++---
 controllers/user.go    | 5 ++++-
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/controllers/account.go b/controllers/account.go
index 2f2d1316..e49f4a5e 100644
--- a/controllers/account.go
+++ b/controllers/account.go
@@ -368,9 +368,11 @@ func (c *ApiController) GetAccount() {
 		return
 	}
 
-	user.Permissions = object.GetMaskedPermissions(user.Permissions)
-	user.Roles = object.GetMaskedRoles(user.Roles)
-	user.MultiFactorAuths = object.GetAllMfaProps(user, true)
+	if user != nil {
+		user.Permissions = object.GetMaskedPermissions(user.Permissions)
+		user.Roles = object.GetMaskedRoles(user.Roles)
+		user.MultiFactorAuths = object.GetAllMfaProps(user, true)
+	}
 
 	organization, err := object.GetMaskedOrganization(object.GetOrganizationByUser(user))
 	if err != nil {
diff --git a/controllers/user.go b/controllers/user.go
index 3e5f4854..f64c61dc 100644
--- a/controllers/user.go
+++ b/controllers/user.go
@@ -198,7 +198,10 @@ func (c *ApiController) GetUser() {
 		return
 	}
 
-	user.MultiFactorAuths = object.GetAllMfaProps(user, true)
+	if user != nil {
+		user.MultiFactorAuths = object.GetAllMfaProps(user, true)
+	}
+
 	err = object.ExtendUserWithRolesAndPermissions(user)
 	if err != nil {
 		c.ResponseError(err.Error())