Skip to content

fix: do not query user_link for deleted accounts #12112

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 15 commits into from
Feb 13, 2024
Merged

fix: do not query user_link for deleted accounts #12112

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
e2b787c
chore: add database test fixture to insert non-unique linked_ids
Emyrk Feb 12, 2024
43356ed
mend
Emyrk Feb 12, 2024
2791347
mend
Emyrk Feb 12, 2024
549fee9
rename test fixute
Emyrk Feb 12, 2024
7b082ef
add extra case
Emyrk Feb 12, 2024
90e7164
accidental file change
Emyrk Feb 12, 2024
fdf04ed
move migration closer to source
Emyrk Feb 13, 2024
b1e066e
chore: add database test fixture to insert non-unique linked_ids
Emyrk Feb 12, 2024
cce73c6
mend
Emyrk Feb 12, 2024
c0dc8a6
mend
Emyrk Feb 12, 2024
53a37ee
rename test fixute
Emyrk Feb 12, 2024
c751ccf
accidental file change
Emyrk Feb 12, 2024
5ee1017
chore: creaet unit test to exercise failed email change bug
Emyrk Feb 12, 2024
f14d37f
fix: do not use user_link for deleted accounts
Emyrk Feb 12, 2024
b0c3cbb
Add links to existing issues
Emyrk Feb 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions coderd/database/dbmem/dbmem.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3787,6 +3787,10 @@ func (q *FakeQuerier) GetUserLinkByLinkedID(_ context.Context, id string) (datab
defer q.mutex.RUnlock()

for _, link := range q.userLinks {
user, err := q.getUserByIDNoLock(link.UserID)
if err == nil && user.Deleted {
continue
}
if link.LinkedID == id {
return link, nil
}
Expand Down
19 changes: 19 additions & 0 deletions coderd/database/migrations/testdata/fixtures/000048_userdelete.up.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
-- This is a deleted user that shares the same username and linked_id as the existing user below.
-- Any future migrations need to handle this case.
INSERT INTO public.users(id, email, username, hashed_password, created_at, updated_at, status, rbac_roles, deleted)
VALUES ('a0061a8e-7db7-4585-838c-3116a003dd21', 'githubuser@coder.com', 'githubuser', '\x', '2022-11-02 13:05:21.445455+02', '2022-11-02 13:05:21.445455+02', 'active', '{}', true) ON CONFLICT DO NOTHING;
INSERT INTO public.organization_members VALUES ('a0061a8e-7db7-4585-838c-3116a003dd21', 'bb640d07-ca8a-4869-b6bc-ae61ebb2fda1', '2022-11-02 13:05:21.447595+02', '2022-11-02 13:05:21.447595+02', '{}') ON CONFLICT DO NOTHING;
INSERT INTO public.user_links(user_id, login_type, linked_id, oauth_access_token)
VALUES('a0061a8e-7db7-4585-838c-3116a003dd21', 'github', '100', '');


INSERT INTO public.users(id, email, username, hashed_password, created_at, updated_at, status, rbac_roles, deleted)
VALUES ('fc1511ef-4fcf-4a3b-98a1-8df64160e35a', 'githubuser@coder.com', 'githubuser', '\x', '2022-11-02 13:05:21.445455+02', '2022-11-02 13:05:21.445455+02', 'active', '{}', false) ON CONFLICT DO NOTHING;
INSERT INTO public.organization_members VALUES ('fc1511ef-4fcf-4a3b-98a1-8df64160e35a', 'bb640d07-ca8a-4869-b6bc-ae61ebb2fda1', '2022-11-02 13:05:21.447595+02', '2022-11-02 13:05:21.447595+02', '{}') ON CONFLICT DO NOTHING;
INSERT INTO public.user_links(user_id, login_type, linked_id, oauth_access_token)
VALUES('fc1511ef-4fcf-4a3b-98a1-8df64160e35a', 'github', '100', '');

-- Additionally, there is no unique constraint on user_id. So also add another user_link for the same user.
-- This has happened on a production database.
INSERT INTO public.user_links(user_id, login_type, linked_id, oauth_access_token)
VALUES('fc1511ef-4fcf-4a3b-98a1-8df64160e35a', 'oidc', 'foo', '');
6 changes: 5 additions & 1 deletion coderd/database/queries.sql.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 6 additions & 2 deletions coderd/database/queries/user_links.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,14 @@
-- name: GetUserLinkByLinkedID :one
SELECT
*
user_links.*
FROM
user_links
INNER JOIN
users ON user_links.user_id = users.id
WHERE
linked_id = $1;
linked_id = $1
AND
deleted = false;

-- name: GetUserLinkByUserIDLoginType :one
SELECT
Expand Down
29 changes: 24 additions & 5 deletions coderd/userauth_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -603,6 +603,11 @@ func TestUserOAuth2Github(t *testing.T) {

require.Equal(t, http.StatusUnauthorized, resp.StatusCode)
})

// The bug only is exercised when a deleted user with the same linked_id exists.
// Still related open issues:
// - https://github.com/coder/coder/issues/12116
// - https://github.com/coder/coder/issues/12115
t.Run("ChangedEmail", func(t *testing.T) {
t.Parallel()

Expand All @@ -627,7 +632,7 @@ func TestUserOAuth2Github(t *testing.T) {
coderEmail,
}

client := coderdtest.New(t, &coderdtest.Options{
owner := coderdtest.New(t, &coderdtest.Options{
Auditor: auditor,
GithubOAuth2Config: &coderd.GithubOAuth2Config{
AllowSignups: true,
Expand All @@ -650,9 +655,21 @@ func TestUserOAuth2Github(t *testing.T) {
},
},
})
coderdtest.CreateFirstUser(t, owner)

ctx := testutil.Context(t, testutil.WaitLong)
// Create the user, then delete the user, then create again.
// This causes the email change to fail.
client := codersdk.New(owner.URL)

ctx := testutil.Context(t, testutil.WaitMedium)
// This should register the user
client, _ = fake.Login(t, client, jwt.MapClaims{})
deleted, err := client.User(ctx, "me")
require.NoError(t, err)

err = owner.DeleteUser(ctx, deleted.ID)
require.NoError(t, err)

// Create the user again.
client, _ = fake.Login(t, client, jwt.MapClaims{})
user, err := client.User(ctx, "me")
require.NoError(t, err)
Expand All @@ -666,7 +683,8 @@ func TestUserOAuth2Github(t *testing.T) {
client, _ = fake.Login(t, client, jwt.MapClaims{})
user, err = client.User(ctx, "me")
require.NoError(t, err)
require.Equal(t, user.ID, userID)

require.Equal(t, user.ID, userID, "user_id is different, a new user was likely created")
require.Equal(t, user.Email, *gmailEmail.Email)

// Entirely change emails.
Expand All @@ -681,7 +699,8 @@ func TestUserOAuth2Github(t *testing.T) {
client, _ = fake.Login(t, client, jwt.MapClaims{})
user, err = client.User(ctx, "me")
require.NoError(t, err)
require.Equal(t, user.ID, userID)

require.Equal(t, user.ID, userID, "user_id is different, a new user was likely created")
require.Equal(t, user.Email, newEmail)
})
}
Expand Down