-
-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix External ID not set during DC Sync #3804
Conversation
5fd9a10
to
adeb23f
Compare
58c79ab
to
e257192
Compare
Converted to a draft. I have the code fixed, but i need to do the SQL migrations and testing before this can be merged. I'm moving the external_id into the user_org table. |
43e8eb6
to
a5017aa
Compare
The only thing i encountered is, that you can't revert back that easily after this PR has been merged to a previous version. This makes me wonder what we should do here? @dani-garcia what do you think? |
Since we in general don't support downgrading I think we could remove the column the next release after the release with this PR (so if there should be an issue they can roll back to the latest working release). Provided that the next release fixes the |
I agree, lets remove the deletion of the column for now. |
bf2fdc8
to
6ae189e
Compare
While working on the fix I realised the location where the `external_id` is stored was wrong. It was stored in the `users` table, but it actually should have been stored in the `users_organizations` table. This will move the column to the right table. It will not move the values of the `external_id` column, because if there are more organizations, there is no way to really know which organization it is linked to. Setups using the Directory Connector can clear the sync cache, and sync again, that will store all the `external_id` values at the right location. Also changed the function to revoke,restore an org-user and set_external_id to return a boolean. It will state if the value has been changed or not, and if not, we can prevent a `save` call to the database. The `users` table is not changed to remove the `external_id` column, thi to prevent issue when users want to revert back to an earlier version for some reason. We can do this after a few minor release i think. Fixes dani-garcia#3777
Fix External ID not set during DC Sync
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [vaultwarden/server](https://togithub.com/dani-garcia/vaultwarden) | stage | minor | `1.29.2-alpine` -> `1.30.0-alpine` | --- ### Release Notes <details> <summary>dani-garcia/vaultwarden (vaultwarden/server)</summary> ### [`v1.30.0`](https://togithub.com/dani-garcia/vaultwarden/releases/tag/1.30.0) [Compare Source](https://togithub.com/dani-garcia/vaultwarden/compare/1.29.2...1.30.0)⚠️ **Note:** The WebSockets service for live sync has been integrated in the main HTTP server, which means simpler proxy setups that don't require a separate rule to redirect WS traffic to port 3012. Please check the updated examples in the [wiki](https://togithub.com/dani-garcia/vaultwarden/wiki/Proxy-examples). It's recommended to migrate to this new setup as using the old server on port 3012 is deprecated, won't receive new features and will be removed in a future release. #### Major changes and New Features - Added `passkey` support, allowing the browser extensions to store and use your `passkeys`, make sure the extension is updated to version `2023.10.0` or newer for passkey support. - Updated web vault to 2023.10.0. - Fixed crashes in ARMv6 devices - Fixed crashes when trying to create/edit a cipher in the mobile applications. #### What's Changed - Update Rust and Crates by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3808](https://togithub.com/dani-garcia/vaultwarden/pull/3808) - update web-vault to v2023.8.2 by [@​stefan0xC](https://togithub.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/3821](https://togithub.com/dani-garcia/vaultwarden/pull/3821) - Fix Login With Device without MasterPassword by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3831](https://togithub.com/dani-garcia/vaultwarden/pull/3831) - Update GitHub Workflow by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3910](https://togithub.com/dani-garcia/vaultwarden/pull/3910) - Fix arm builds by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3911](https://togithub.com/dani-garcia/vaultwarden/pull/3911) - Fix typos by [@​tuhanayim](https://togithub.com/tuhanayim) in [https://github.com/dani-garcia/vaultwarden/pull/3959](https://togithub.com/dani-garcia/vaultwarden/pull/3959) - csp: rename anonaddy.com to addy.io by [@​stefan0xC](https://togithub.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/3950](https://togithub.com/dani-garcia/vaultwarden/pull/3950) - filter handlebars logs by [@​stefan0xC](https://togithub.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/3859](https://togithub.com/dani-garcia/vaultwarden/pull/3859) - Remove unnecessary variable clone by [@​mvalois](https://togithub.com/mvalois) in [https://github.com/dani-garcia/vaultwarden/pull/3981](https://togithub.com/dani-garcia/vaultwarden/pull/3981) - README.md: Fix grammar nit by [@​AndreasHGK](https://togithub.com/AndreasHGK) in [https://github.com/dani-garcia/vaultwarden/pull/3965](https://togithub.com/dani-garcia/vaultwarden/pull/3965) - Fix small issues by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3964](https://togithub.com/dani-garcia/vaultwarden/pull/3964) - Adds LastActive on /admin/users API route by [@​mvalois](https://togithub.com/mvalois) in [https://github.com/dani-garcia/vaultwarden/pull/3951](https://togithub.com/dani-garcia/vaultwarden/pull/3951) - Reopen log file on SIGHUP by [@​tobiasmboelz](https://togithub.com/tobiasmboelz) in [https://github.com/dani-garcia/vaultwarden/pull/3909](https://togithub.com/dani-garcia/vaultwarden/pull/3909) - Fix External ID not set during DC Sync by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3804](https://togithub.com/dani-garcia/vaultwarden/pull/3804) - New config option disable email change by [@​admav](https://togithub.com/admav) in [https://github.com/dani-garcia/vaultwarden/pull/3986](https://togithub.com/dani-garcia/vaultwarden/pull/3986) - 2FA Confirmation Code Email subject line change to fix triggering Google spam blocker by [@​aureateflux](https://togithub.com/aureateflux) in [https://github.com/dani-garcia/vaultwarden/pull/3572](https://togithub.com/dani-garcia/vaultwarden/pull/3572) - Implement cipher key encryption by [@​dani-garcia](https://togithub.com/dani-garcia) in [https://github.com/dani-garcia/vaultwarden/pull/3990](https://togithub.com/dani-garcia/vaultwarden/pull/3990) - Container building changes by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3958](https://togithub.com/dani-garcia/vaultwarden/pull/3958) - Fix issue with MariaDB/MySQL migrations by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3994](https://togithub.com/dani-garcia/vaultwarden/pull/3994) - feat: Working passkeys storage by [@​GeekCornerGH](https://togithub.com/GeekCornerGH) in [https://github.com/dani-garcia/vaultwarden/pull/4025](https://togithub.com/dani-garcia/vaultwarden/pull/4025) - ci: add trivy workflow by [@​mightyBroccoli](https://togithub.com/mightyBroccoli) in [https://github.com/dani-garcia/vaultwarden/pull/3997](https://togithub.com/dani-garcia/vaultwarden/pull/3997) - Fix importing Bitwarden exports by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/4030](https://togithub.com/dani-garcia/vaultwarden/pull/4030) #### New Contributors - [@​tuhanayim](https://togithub.com/tuhanayim) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3959](https://togithub.com/dani-garcia/vaultwarden/pull/3959) - [@​mvalois](https://togithub.com/mvalois) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3981](https://togithub.com/dani-garcia/vaultwarden/pull/3981) - [@​AndreasHGK](https://togithub.com/AndreasHGK) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3965](https://togithub.com/dani-garcia/vaultwarden/pull/3965) - [@​tobiasmboelz](https://togithub.com/tobiasmboelz) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3909](https://togithub.com/dani-garcia/vaultwarden/pull/3909) - [@​admav](https://togithub.com/admav) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3986](https://togithub.com/dani-garcia/vaultwarden/pull/3986) - [@​aureateflux](https://togithub.com/aureateflux) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3572](https://togithub.com/dani-garcia/vaultwarden/pull/3572) - [@​mightyBroccoli](https://togithub.com/mightyBroccoli) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3997](https://togithub.com/dani-garcia/vaultwarden/pull/3997) **Full Changelog**: dani-garcia/vaultwarden@1.29.2...1.30.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on saturday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/arthurgeek/vaultwarden-fly-template). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [vaultwarden/server](https://togithub.com/dani-garcia/vaultwarden) | stage | minor | `1.29.2-alpine` -> `1.30.0-alpine` | --- ### Release Notes <details> <summary>dani-garcia/vaultwarden (vaultwarden/server)</summary> ### [`v1.30.0`](https://togithub.com/dani-garcia/vaultwarden/releases/tag/1.30.0) [Compare Source](https://togithub.com/dani-garcia/vaultwarden/compare/1.29.2...1.30.0)⚠️ **Note:** The WebSockets service for live sync has been integrated in the main HTTP server, which means simpler proxy setups that don't require a separate rule to redirect WS traffic to port 3012. Please check the updated examples in the [wiki](https://togithub.com/dani-garcia/vaultwarden/wiki/Proxy-examples). It's recommended to migrate to this new setup as using the old server on port 3012 is deprecated, won't receive new features and will be removed in a future release. #### Major changes and New Features - Added `passkey` support, allowing the browser extensions to store and use your `passkeys`, make sure the extension is updated to version `2023.10.0` or newer for passkey support. - Updated web vault to 2023.10.0. - Fixed crashes in ARMv6 devices - Fixed crashes when trying to create/edit a cipher in the mobile applications. #### What's Changed - Update Rust and Crates by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3808](https://togithub.com/dani-garcia/vaultwarden/pull/3808) - update web-vault to v2023.8.2 by [@​stefan0xC](https://togithub.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/3821](https://togithub.com/dani-garcia/vaultwarden/pull/3821) - Fix Login With Device without MasterPassword by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3831](https://togithub.com/dani-garcia/vaultwarden/pull/3831) - Update GitHub Workflow by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3910](https://togithub.com/dani-garcia/vaultwarden/pull/3910) - Fix arm builds by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3911](https://togithub.com/dani-garcia/vaultwarden/pull/3911) - Fix typos by [@​tuhanayim](https://togithub.com/tuhanayim) in [https://github.com/dani-garcia/vaultwarden/pull/3959](https://togithub.com/dani-garcia/vaultwarden/pull/3959) - csp: rename anonaddy.com to addy.io by [@​stefan0xC](https://togithub.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/3950](https://togithub.com/dani-garcia/vaultwarden/pull/3950) - filter handlebars logs by [@​stefan0xC](https://togithub.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/3859](https://togithub.com/dani-garcia/vaultwarden/pull/3859) - Remove unnecessary variable clone by [@​mvalois](https://togithub.com/mvalois) in [https://github.com/dani-garcia/vaultwarden/pull/3981](https://togithub.com/dani-garcia/vaultwarden/pull/3981) - README.md: Fix grammar nit by [@​AndreasHGK](https://togithub.com/AndreasHGK) in [https://github.com/dani-garcia/vaultwarden/pull/3965](https://togithub.com/dani-garcia/vaultwarden/pull/3965) - Fix small issues by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3964](https://togithub.com/dani-garcia/vaultwarden/pull/3964) - Adds LastActive on /admin/users API route by [@​mvalois](https://togithub.com/mvalois) in [https://github.com/dani-garcia/vaultwarden/pull/3951](https://togithub.com/dani-garcia/vaultwarden/pull/3951) - Reopen log file on SIGHUP by [@​tobiasmboelz](https://togithub.com/tobiasmboelz) in [https://github.com/dani-garcia/vaultwarden/pull/3909](https://togithub.com/dani-garcia/vaultwarden/pull/3909) - Fix External ID not set during DC Sync by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3804](https://togithub.com/dani-garcia/vaultwarden/pull/3804) - New config option disable email change by [@​admav](https://togithub.com/admav) in [https://github.com/dani-garcia/vaultwarden/pull/3986](https://togithub.com/dani-garcia/vaultwarden/pull/3986) - 2FA Confirmation Code Email subject line change to fix triggering Google spam blocker by [@​aureateflux](https://togithub.com/aureateflux) in [https://github.com/dani-garcia/vaultwarden/pull/3572](https://togithub.com/dani-garcia/vaultwarden/pull/3572) - Implement cipher key encryption by [@​dani-garcia](https://togithub.com/dani-garcia) in [https://github.com/dani-garcia/vaultwarden/pull/3990](https://togithub.com/dani-garcia/vaultwarden/pull/3990) - Container building changes by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3958](https://togithub.com/dani-garcia/vaultwarden/pull/3958) - Fix issue with MariaDB/MySQL migrations by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3994](https://togithub.com/dani-garcia/vaultwarden/pull/3994) - feat: Working passkeys storage by [@​GeekCornerGH](https://togithub.com/GeekCornerGH) in [https://github.com/dani-garcia/vaultwarden/pull/4025](https://togithub.com/dani-garcia/vaultwarden/pull/4025) - ci: add trivy workflow by [@​mightyBroccoli](https://togithub.com/mightyBroccoli) in [https://github.com/dani-garcia/vaultwarden/pull/3997](https://togithub.com/dani-garcia/vaultwarden/pull/3997) - Fix importing Bitwarden exports by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/4030](https://togithub.com/dani-garcia/vaultwarden/pull/4030) #### New Contributors - [@​tuhanayim](https://togithub.com/tuhanayim) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3959](https://togithub.com/dani-garcia/vaultwarden/pull/3959) - [@​mvalois](https://togithub.com/mvalois) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3981](https://togithub.com/dani-garcia/vaultwarden/pull/3981) - [@​AndreasHGK](https://togithub.com/AndreasHGK) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3965](https://togithub.com/dani-garcia/vaultwarden/pull/3965) - [@​tobiasmboelz](https://togithub.com/tobiasmboelz) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3909](https://togithub.com/dani-garcia/vaultwarden/pull/3909) - [@​admav](https://togithub.com/admav) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3986](https://togithub.com/dani-garcia/vaultwarden/pull/3986) - [@​aureateflux](https://togithub.com/aureateflux) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3572](https://togithub.com/dani-garcia/vaultwarden/pull/3572) - [@​mightyBroccoli](https://togithub.com/mightyBroccoli) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3997](https://togithub.com/dani-garcia/vaultwarden/pull/3997) **Full Changelog**: dani-garcia/vaultwarden@1.29.2...1.30.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on saturday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/arthurgeek/vaultwarden-fly). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
While working on the fix for #3777 I realized the location where the
external_id
is stored was wrong. It was stored in the
users
table, but it actuallyshould have been stored in the
users_organizations
table.This will move the column to the right table. It will not move the
values of the
external_id
column, because if there are moreorganizations, there is no way to really know which organization it is
linked to. Setups using the Directory Connector can clear the sync
cache, and sync again, that will store all the
external_id
values atthe right location.
Also changed the function to revoke,restore an org-user and set_external_id to return a boolean.
It will state if the value has been changed or not, and if not, we can
prevent a
save
call to the database.The
users
table is not changed to remove theexternal_id
column, thito prevent issue when users want to revert back to an earlier version
for some reason. We can do this after a few minor release i think.
Fixes #3777