From adde0491ac5b5c8430269c76ccf917ff87ace2f4 Mon Sep 17 00:00:00 2001 From: Marc 'risson' Schmitt Date: Thu, 13 Feb 2025 17:27:56 +0100 Subject: [PATCH 1/2] Revert "root: correctly use correct schema for install_id (#13018)" This reverts commit 5904fae80bbbd9e583f82c1afdfe3df963caeef0. --- authentik/root/install_id.py | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/authentik/root/install_id.py b/authentik/root/install_id.py index ec03da61d47d..e4f41cddff21 100644 --- a/authentik/root/install_id.py +++ b/authentik/root/install_id.py @@ -7,12 +7,7 @@ from authentik.lib.config import CONFIG -# We need to string format the query as tables and schemas can't be set by parameters -# not a security issue as the config value is set by the person installing authentik -# which also has postgres credentials etc -QUERY = """SELECT id FROM {}.authentik_install_id ORDER BY id LIMIT 1;""".format( # nosec - CONFIG.get("postgresql.default_schema") -) +QUERY = """SELECT id FROM %s.authentik_install_id ORDER BY id LIMIT 1;""" @lru_cache @@ -25,7 +20,7 @@ def get_install_id() -> str: if settings.TEST: return str(uuid4()) with connection.cursor() as cursor: - cursor.execute(QUERY) + cursor.execute(QUERY, (CONFIG.get("postgresql.default_schema"))) return cursor.fetchone()[0] @@ -45,5 +40,5 @@ def get_install_id_raw(): sslkey=CONFIG.get("postgresql.sslkey"), ) cursor = conn.cursor() - cursor.execute(QUERY) + cursor.execute(QUERY, params=(CONFIG.get("postgresql.default_schema"))) return cursor.fetchone()[0] From 7222796b0508a797553ad587cdb6e5901106ac4c Mon Sep 17 00:00:00 2001 From: Marc 'risson' Schmitt Date: Thu, 13 Feb 2025 17:28:11 +0100 Subject: [PATCH 2/2] Revert "root: use correct default schema for install_id (#13006)" This reverts commit 82d4e8aa4e398223fd2d40865feeb8eced0aa4d1. --- authentik/root/install_id.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/authentik/root/install_id.py b/authentik/root/install_id.py index e4f41cddff21..f0f319aa7c25 100644 --- a/authentik/root/install_id.py +++ b/authentik/root/install_id.py @@ -7,7 +7,7 @@ from authentik.lib.config import CONFIG -QUERY = """SELECT id FROM %s.authentik_install_id ORDER BY id LIMIT 1;""" +QUERY = """SELECT id FROM public.authentik_install_id ORDER BY id LIMIT 1;""" @lru_cache @@ -20,7 +20,7 @@ def get_install_id() -> str: if settings.TEST: return str(uuid4()) with connection.cursor() as cursor: - cursor.execute(QUERY, (CONFIG.get("postgresql.default_schema"))) + cursor.execute(QUERY) return cursor.fetchone()[0] @@ -40,5 +40,5 @@ def get_install_id_raw(): sslkey=CONFIG.get("postgresql.sslkey"), ) cursor = conn.cursor() - cursor.execute(QUERY, params=(CONFIG.get("postgresql.default_schema"))) + cursor.execute(QUERY) return cursor.fetchone()[0]