-
Notifications
You must be signed in to change notification settings - Fork 332
Make deletions via SCIM more stable #2637
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
a7e5d70
7df2818
e7cc774
be5fb44
56b9b7a
2624021
6522e64
103450b
c32598e
65475bc
73e1536
d1f3a80
afaa62f
6ef3925
d8ee64a
3f044f7
ba503c3
b9c2b25
9b21706
43f3133
a9b334c
2cf01ca
fa53129
71d09cd
50120a0
1338ec7
f6024fd
c27de57
93d29f3
f7efa51
11156ce
fa82c5b
055b2bc
101a67d
861b48a
fa37cfb
69eff35
0bd6878
aa5437a
27869ca
dc2c41b
199276a
5d33d73
9544260
5f38d6a
8c1778e
c3948a4
ed4f0ac
9dc3f65
1a14b0c
420d80a
0d313d5
e0977ac
5ea53bf
25d7236
23984f5
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| SCIM user deletion suffered from a couple of race conditions. The user in now first deleted in spar, because this process depends on data from brig. Then, the user is deleted in brig. If any error occurs, the SCIM deletion request can be made again. This change depends on brig being completely deployed before using the SCIM deletion endpoint in brig. In the unlikely event of using SCIM deletion during the deployment, these requests can be retried (in case of error). |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -29,6 +29,7 @@ module Brig.Data.UserKey | |
| keyAvailable, | ||
| lookupKey, | ||
| deleteKey, | ||
| deleteKeyForUser, | ||
| lookupPhoneHashes, | ||
| ) | ||
| where | ||
|
|
@@ -164,6 +165,21 @@ deleteKey k = do | |
| retry x5 $ write deleteHashed (params LocalQuorum (Identity hk)) | ||
| retry x5 $ write keyDelete (params LocalQuorum (Identity $ keyText k)) | ||
|
|
||
| -- | Delete `UserKey` for `UserId` | ||
| -- | ||
| -- This function ensures that keys of other users aren't accidentally deleted. | ||
| -- E.g. the email address or phone number of a partially deleted user could | ||
| -- already belong to a new user. To not interrupt deletion flows (that may be | ||
| -- executed several times due to cassandra not supporting transactions) | ||
| -- `deleteKeyForUser` does not fail for missing keys or keys that belong to | ||
| -- another user: It always returns `()` as result. | ||
| deleteKeyForUser :: (MonadClient m, MonadReader Env m) => UserId -> UserKey -> m () | ||
| deleteKeyForUser uid k = do | ||
|
||
| mbKeyUid <- lookupKey k | ||
| case mbKeyUid of | ||
| Just keyUid | keyUid == uid -> deleteKey k | ||
| _ -> pure () | ||
elland marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
|
|
||
| hashKey :: MonadReader Env m => UserKey -> m UserKeyHash | ||
| hashKey uk = do | ||
| d <- view digestSHA256 | ||
|
|
||
Uh oh!
There was an error while loading. Please reload this page.