8000 fix: do not query user_link for deleted accounts by Emyrk · Pull Request #12112 · coder/coder · GitHub
[go: up one dir, main page]
Skip to content

fix: do not query user_link for deleted accounts #12112

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 15 commits into from
Feb 13, 2024
+58 −8
Merged

fix: do not query user_link for deleted accounts #12112

Changes from 1 commit
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
e2b787c
chore: add database test fixture to insert non-unique linked_ids
Emyrk Feb 12, 2024
43356ed
mend
Emyrk Feb 12, 2024
2791347
mend
Emyrk Feb 12, 2024
549fee9
rename test fixute
Emyrk Feb 12, 2024
7b082ef
add extra case
Emyrk Feb 12, 2024
90e7164
accidental file change
Emyrk Feb 12, 2024
fdf04ed
move migration closer to source
Emyrk Feb 13, 2024
b1e066e
chore: add database test fixture to insert non-unique linked_ids
Emyrk Feb 12, 2024
cce73c6
mend
Emyrk Feb 12, 2024
c0dc8a6
mend
Emyrk Feb 12, 2024
53a37ee
rename test fixute
Emyrk Feb 12, 2024
c751ccf
accidental file change
Emyrk Feb 12, 2024
5ee1017
chore: creaet unit test to exercise failed email change bug
Emyrk Feb 12, 2024
f14d37f
fix: do not use user_link for deleted accounts
Emyrk Feb 12, 2024
b0c3cbb
Add links to existing issues
Emyrk Feb 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
chore: creaet unit test to exercise failed email change bug 
Changing emails on github fails if another deleted user exists
with the same link.
  • Loading branch information
@Emyrk
Emyrk committed Feb 13, 2024
commit 5ee1017039d5a8fa6b3c93218d4e2fd03e906d6f
24 changes: 19 additions & 5 deletions coderd/userauth_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -603,6 +603,8 @@ func TestUserOAuth2Github(t *testing.T) {

require.Equal(t, http.StatusUnauthorized, resp.StatusCode)
})

// The bug only is exercised when a deleted user with the same linked_id exists.
t.Run("ChangedEmail", func(t *testing.T) {
t.Parallel()

Expand All @@ -627,7 +629,7 @@ func TestUserOAuth2Github(t *testing.T) {
coderEmail,
}

client := coderdtest.New(t, &coderdtest.Options{
owner := coderdtest.New(t, &coderdtest.Options{
Auditor: auditor,
GithubOAuth2Config: &coderd.GithubOAuth2Config{
AllowSignups: true,
Expand All @@ -650,9 +652,19 @@ func TestUserOAuth2Github(t *testing.T) {
},
},
})
coderdtest.CreateFirstUser(t, owner)

ctx := testutil.Context(t, testutil.WaitLong)
// Create the user, then delete the user, then create again.
// This causes the email change to fail.
client := codersdk.New(owner.URL)

ctx := testutil.Context(t, testutil.WaitMedium)
// This should register the user
client, _ = fake.Login(t, client, jwt.MapClaims{})
deleted, err := client.User(ctx, "me")
err = owner.DeleteUser(ctx, deleted.ID)
require.NoError(t, err)

// Create the user again.
client, _ = fake.Login(t, client, jwt.MapClaims{})
user, err := client.User(ctx, "me")
require.NoError(t, err)
Expand All @@ -666,7 +678,8 @@ func TestUserOAuth2Github(t *testing.T) {
client, _ = fake.Login(t, client, jwt.MapClaims{})
user, err = client.User(ctx, "me")
require.NoError(t, err)
require.Equal(t, user.ID, userID)

require.Equal(t, user.ID, userID, "user_id is different, a new user was likely created")
require.Equal(t, user.Email, *gmailEmail.Email)

// Entirely change emails.
Expand All @@ -681,7 +694,8 @@ func TestUserOAuth2Github(t *testing.T) {
client, _ = fake.Login(t, client, jwt.MapClaims{})
user, err = client.User(ctx, "me")
require.NoError(t, err)
require.Equal(t, user.ID, userID)

require.Equal(t, user.ID, userID, "user_id is different, a new user was likely created")
require.Equal(t, user.Email, newEmail)
})
}
Expand Down
0