Fix External ID not set during DC Sync

If a user already had an account, it didn't updated the `external_id`.
This PR fixes this by setting this when needed.

Fixes #3777

src/api/core/public.rs

@@ -51,6 +51,8 @@ async fn ldap_import(data: JsonUpcase<OrgImportData>, token: PublicToken, mut co
     let data = data.into_inner().data;
 
     for user_data in &data.Members {
+        let user = User::find_by_mail(&user_data.Email, &mut conn).await;
+
         if user_data.Deleted {
             // If user is marked for deletion and it exists, revoke it
             if let Some(mut user_org) =
@@ -68,12 +70,23 @@ async fn ldap_import(data: JsonUpcase<OrgImportData>, token: PublicToken, mut co
                 user_org.restore();
                 user_org.save(&mut conn).await?;
             }
+
+            // Set external_id if the user is restored.
+            if let Some(mut user) = user {
+                user.set_external_id(Some(user_data.ExternalId.clone()));
+                user.save(&mut conn).await?;
+            }
         } else {
             // If user is not part of the organization
-            let user = match User::find_by_mail(&user_data.Email, &mut conn).await {
-                Some(user) => user, // exists in vaultwarden
+            let user = match user {
+                Some(mut user) => {
+                    // User already exists, but we still need to update/replace the ExternalId here.
+                    user.set_external_id(Some(user_data.ExternalId.clone()));
+                    user.save(&mut conn).await?;
+                    user
+                }
                 None => {
-                    // doesn't exist in vaultwarden
+                    // User does not exist yet
                     let mut new_user = User::new(user_data.Email.clone());
                     new_user.set_external_id(Some(user_data.ExternalId.clone()));
                     new_user.save(&mut conn).await?;