github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix bug with restoring deleted identities and actors (#3523)

Browse Source
This commit is contained in:
Andrew Dryga
2024-02-01 16:11:16 -06:00
committed by GitHub
parent 4104d679cd
commit d406f603f4
3 changed files with 90 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
elixir/apps/domain/lib/domain/auth/identity/changeset.ex
View File

@@ -57,6 +57,7 @@ defmodule Domain.Auth.Identity.Changeset do
Actors.Actor.Changeset.sync(actor, attrs)
end
)
|> put_change(:deleted_at, nil)
|> changeset()
end

26
elixir/apps/domain/lib/domain/auth/identity/sync.ex
View File

@@ -55,7 +55,8 @@ defmodule Domain.Auth.Identity.Sync do
end
defp fetch_and_lock_provider_identities_query(provider) do
Identity.Query.by_account_id(provider.account_id)
Identity.Query.all()
|> Identity.Query.by_account_id(provider.account_id)
|> Identity.Query.by_provider_id(provider.id)
|> Identity.Query.lock()
end
@@ -66,18 +67,17 @@ defmodule Domain.Auth.Identity.Sync do
identities,
{provider_identifiers, [], []},
fn identity, {insert, update, delete} ->
if identity.provider_identifier in provider_identifiers do
{
insert -- [identity.provider_identifier],
[identity.provider_identifier] ++ update,
delete
}
else
{
insert -- [identity.provider_identifier],
update,
[identity.provider_identifier] ++ delete
}
insert = insert -- [identity.provider_identifier]
cond do
identity.provider_identifier in provider_identifiers ->
{insert, [identity.provider_identifier] ++ update, delete}
not is_nil(identity.deleted_at) ->
{insert, update, delete}
true ->
{insert, update, [identity.provider_identifier] ++ delete}
end
end
)

76
elixir/apps/domain/test/domain/auth_test.exs
View File

@@ -1570,6 +1570,82 @@ defmodule Domain.AuthTest do
assert Enum.count(actor_ids_by_provider_identifier) == 2
end
test "does not re-create actors for deleted identities", %{
account: account,
provider: provider
} do
identity =
Fixtures.Auth.create_identity(
account: account,
provider: provider,
provider_identifier: "USER_ID1",
actor: [type: :account_admin_user]
)
|> Fixtures.Auth.delete_identity()
attrs_list = [
%{
"actor" => %{
"name" => "Brian Manifold",
"type" => "account_user"
},
"provider_identifier" => "USER_ID1"
}
]
multi = sync_provider_identities_multi(provider, attrs_list)
assert {:ok,
%{
identities: [fetched_identity],
plan_identities: {[], ["USER_ID1"], []},
delete_identities: [],
insert_identities: [],
actor_ids_by_provider_identifier: actor_ids_by_provider_identifier
}} = Repo.transaction(multi)
assert fetched_identity.actor_id == identity.actor_id
assert actor_ids_by_provider_identifier == %{"USER_ID1" => identity.actor_id}
identity = Repo.get(Auth.Identity, identity.id)
assert identity.actor_id == identity.actor_id
refute identity.deleted_at
actor = Repo.get(Domain.Actors.Actor, identity.actor_id)
assert actor.name == "Brian Manifold"
end
test "does not attempt to delete identities that are already deleted", %{
account: account,
provider: provider
} do
identity =
Fixtures.Auth.create_identity(
account: account,
provider: provider,
provider_identifier: "USER_ID1",
actor: [type: :account_admin_user]
)
|> Fixtures.Auth.delete_identity()
attrs_list = []
multi = sync_provider_identities_multi(provider, attrs_list)
assert {:ok,
%{
identities: [fetched_identity],
plan_identities: {[], [], []},
delete_identities: [],
insert_identities: [],
actor_ids_by_provider_identifier: %{}
}} = Repo.transaction(multi)
assert fetched_identity.id == identity.id
identity = Repo.get(Auth.Identity, identity.id)
assert identity.deleted_at
end
test "deletes removed identities", %{account: account, provider: provider} do
provider_identifiers = ["USER_ID1", "USER_ID2"]