Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

clean up logic for removing creds on delete user #862

Merged
merged 12 commits into from
Jan 6, 2019
Merged

clean up logic for removing creds on delete user #862

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
f7b4e4a
clean up logic for removing creds, make sure user key containing cred…
mfrye Jan 2, 2019
ea5444d
fix linting errors
mfrye Jan 2, 2019
79f8a66
Update lib/services/credentials/credential.dao.js
XVincentX Jan 3, 2019
b0d5f23
Merge branch 'master' into fix_creds_leak
mfrye Jan 3, 2019
d7ccdbc
Merge branch 'fix_creds_leak' of github.com:bigpictureio/express-gate…
mfrye Jan 3, 2019
b159bcd
cleanup user scopes on user delete, revert back package-lock, switch …
mfrye Jan 3, 2019
7c5bbbb
clean up per review
mfrye Jan 3, 2019
f9df692
revert await for promises
XVincentX Jan 5, 2019
08e1f39
reduce indendation
XVincentX Jan 5, 2019
d7863c6
give love to the current user tests
XVincentX Jan 5, 2019
bf73168
write tests
XVincentX Jan 5, 2019
76d87f0
Remove some stuff and use promises here and there
XVincentX Jan 5, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 35 additions & 8 deletions lib/services/credentials/credential.dao.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -145,20 +145,47 @@ dao.removeCredential = function (id, type) {
return db.del(buildIdKey(type, id));
};

/*
* Remove all credentials
*
* @id {String}
*/
dao.removeAllCredentials = function (id) {
const dbTransaction = db.multi();
const credentialTypes = Object.keys(config.models.credentials.properties);
const awaitAllPromises = [];
credentialTypes.forEach((type) => {
const awaitAllPromises = credentialTypes.map(async type => {
XVincentX marked this conversation as resolved.
Show resolved Hide resolved
const authKey = buildIdKey(type, id);

if (type === 'key-auth') {
// id in this call is actually consumerId, so we need to get all referenced keyIds
awaitAllPromises.push(db.smembers(buildIdKey(type, id)).then(ids => {
ids.map(keyId => {
dbTransaction.del(buildIdKey(type, keyId));
});
}));
// This returns a list of all keys the user owns
const ids = await db.smembers(authKey);

// Get all the scope so we can remove key from them
const scopes = await dao.getAllScopes();

// Delete each key and remove key from scopes if they exist
const promises = [];
mfrye marked this conversation as resolved.
Show resolved Hide resolved
ids.forEach(keyId => {
mfrye marked this conversation as resolved.
Show resolved Hide resolved
const idKey = buildIdKey(type, keyId);

// Delete key
promises.push(dbTransaction.del(idKey));

// Delete key from all scopes
if (scopes) {
scopes.forEach(scope => {
promises.push(dbTransaction.hdel(buildScopeKey(scope), idKey));
});
}
});

// Now delete the main key for the user that lists all creds
promises.push(dbTransaction.del(authKey));

return Promise.all(promises);
} else {
dbTransaction.del(buildIdKey(type, id));
return dbTransaction.del(authKey);
}
});

Expand Down
2 changes: 1 addition & 1 deletion package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.