Fix External ID not set during DC Sync #3804
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BlackDex
force-pushed
the
fix-3777
branch
2 times, most recently
from
5fd9a10 to
adeb23f
Compare
dani-garcia
reviewed
Aug 31, 2023
BlackDex
force-pushed
the
fix-3777
branch
3 times, most recently
from
58c79ab to
e257192
Compare
|
Converted to a draft. I have the code fixed, but i need to do the SQL migrations and testing before this can be merged. I'm moving the external_id into the user_org table. |
BlackDex
force-pushed
the
fix-3777
branch
2 times, most recently
from
43e8eb6 to
a5017aa
Compare
|
The only thing i encountered is, that you can't revert back that easily after this PR has been merged to a previous version. This makes me wonder what we should do here? @dani-garcia what do you think? |
|
Since we in general don't support downgrading I think we could remove the column the next release after the release with this PR (so if there should be an issue they can roll back to the latest working release). Provided that the next release fixes the |
|
I agree, lets remove the deletion of the column for now. |
BlackDex
force-pushed
the
fix-3777
branch
3 times, most recently
from
bf2fdc8 to
6ae189e
Compare
While working on the fix I realised the location where the `external_id` is stored was wrong. It was stored in the `users` table, but it actually should have been stored in the `users_organizations` table. This will move the column to the right table. It will not move the values of the `external_id` column, because if there are more organizations, there is no way to really know which organization it is linked to. Setups using the Directory Connector can clear the sync cache, and sync again, that will store all the `external_id` values at the right location. Also changed the function to revoke,restore an org-user and set_external_id to return a boolean. It will state if the value has been changed or not, and if not, we can prevent a `save` call to the database. The `users` table is not changed to remove the `external_id` column, thi to prevent issue when users want to revert back to an earlier version for some reason. We can do this after a few minor release i think. Fixes dani-garcia#3777
dani-garcia
approved these changes
Oct 21, 2023
jayknyn
pushed a commit
to ayamsecure/secrets
that referenced
this pull request
Oct 28, 2023
Fix External ID not set during DC Sync
arthurgeek
referenced
this pull request
in arthurgeek/vaultwarden-fly-template
Nov 12, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [vaultwarden/server](https://togithub.com/dani-garcia/vaultwarden) | stage | minor | `1.29.2-alpine` -> `1.30.0-alpine` | --- ### Release Notes <details> <summary>dani-garcia/vaultwarden (vaultwarden/server)</summary> ### [`v1.30.0`](https://togithub.com/dani-garcia/vaultwarden/releases/tag/1.30.0) [Compare Source](https://togithub.com/dani-garcia/vaultwarden/compare/1.29.2...1.30.0)⚠️ **Note:** The WebSockets service for live sync has been integrated in the main HTTP server, which means simpler proxy setups that don't require a separate rule to redirect WS traffic to port 3012. Please check the updated examples in the [wiki](https://togithub.com/dani-garcia/vaultwarden/wiki/Proxy-examples). It's recommended to migrate to this new setup as using the old server on port 3012 is deprecated, won't receive new features and will be removed in a future release. #### Major changes and New Features - Added `passkey` support, allowing the browser extensions to store and use your `passkeys`, make sure the extension is updated to version `2023.10.0` or newer for passkey support. - Updated web vault to 2023.10.0. - Fixed crashes in ARMv6 devices - Fixed crashes when trying to create/edit a cipher in the mobile applications. #### What's Changed - Update Rust and Crates by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3808](https://togithub.com/dani-garcia/vaultwarden/pull/3808) - update web-vault to v2023.8.2 by [@​stefan0xC](https://togithub.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/3821](https://togithub.com/dani-garcia/vaultwarden/pull/3821) - Fix Login With Device without MasterPassword by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3831](https://togithub.com/dani-garcia/vaultwarden/pull/3831) - Update GitHub Workflow by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3910](https://togithub.com/dani-garcia/vaultwarden/pull/3910) - Fix arm builds by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3911](https://togithub.com/dani-garcia/vaultwarden/pull/3911) - Fix typos by [@​tuhanayim](https://togithub.com/tuhanayim) in [https://github.com/dani-garcia/vaultwarden/pull/3959](https://togithub.com/dani-garcia/vaultwarden/pull/3959) - csp: rename anonaddy.com to addy.io by [@​stefan0xC](https://togithub.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/3950](https://togithub.com/dani-garcia/vaultwarden/pull/3950) - filter handlebars logs by [@​stefan0xC](https://togithub.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/3859](https://togithub.com/dani-garcia/vaultwarden/pull/3859) - Remove unnecessary variable clone by [@​mvalois](https://togithub.com/mvalois) in [https://github.com/dani-garcia/vaultwarden/pull/3981](https://togithub.com/dani-garcia/vaultwarden/pull/3981) - README.md: Fix grammar nit by [@​AndreasHGK](https://togithub.com/AndreasHGK) in [https://github.com/dani-garcia/vaultwarden/pull/3965](https://togithub.com/dani-garcia/vaultwarden/pull/3965) - Fix small issues by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3964](https://togithub.com/dani-garcia/vaultwarden/pull/3964) - Adds LastActive on /admin/users API route by [@​mvalois](https://togithub.com/mvalois) in [https://github.com/dani-garcia/vaultwarden/pull/3951](https://togithub.com/dani-garcia/vaultwarden/pull/3951) - Reopen log file on SIGHUP by [@​tobiasmboelz](https://togithub.com/tobiasmboelz) in [https://github.com/dani-garcia/vaultwarden/pull/3909](https://togithub.com/dani-garcia/vaultwarden/pull/3909) - Fix External ID not set during DC Sync by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3804](https://togithub.com/dani-garcia/vaultwarden/pull/3804) - New config option disable email change by [@​admav](https://togithub.com/admav) in [https://github.com/dani-garcia/vaultwarden/pull/3986](https://togithub.com/dani-garcia/vaultwarden/pull/3986) - 2FA Confirmation Code Email subject line change to fix triggering Google spam blocker by [@​aureateflux](https://togithub.com/aureateflux) in [https://github.com/dani-garcia/vaultwarden/pull/3572](https://togithub.com/dani-garcia/vaultwarden/pull/3572) - Implement cipher key encryption by [@​dani-garcia](https://togithub.com/dani-garcia) in [https://github.com/dani-garcia/vaultwarden/pull/3990](https://togithub.com/dani-garcia/vaultwarden/pull/3990) - Container building changes by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3958](https://togithub.com/dani-garcia/vaultwarden/pull/3958) - Fix issue with MariaDB/MySQL migrations by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3994](https://togithub.com/dani-garcia/vaultwarden/pull/3994) - feat: Working passkeys storage by [@​GeekCornerGH](https://togithub.com/GeekCornerGH) in [https://github.com/dani-garcia/vaultwarden/pull/4025](https://togithub.com/dani-garcia/vaultwarden/pull/4025) - ci: add trivy workflow by [@​mightyBroccoli](https://togithub.com/mightyBroccoli) in [https://github.com/dani-garcia/vaultwarden/pull/3997](https://togithub.com/dani-garcia/vaultwarden/pull/3997) - Fix importing Bitwarden exports by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/4030](https://togithub.com/dani-garcia/vaultwarden/pull/4030) #### New Contributors - [@​tuhanayim](https://togithub.com/tuhanayim) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3959](https://togithub.com/dani-garcia/vaultwarden/pull/3959) - [@​mvalois](https://togithub.com/mvalois) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3981](https://togithub.com/dani-garcia/vaultwarden/pull/3981) - [@​AndreasHGK](https://togithub.com/AndreasHGK) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3965](https://togithub.com/dani-garcia/vaultwarden/pull/3965) - [@​tobiasmboelz](https://togithub.com/tobiasmboelz) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3909](https://togithub.com/dani-garcia/vaultwarden/pull/3909) - [@​admav](https://togithub.com/admav) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3986](https://togithub.com/dani-garcia/vaultwarden/pull/3986) - [@​aureateflux](https://togithub.com/aureateflux) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3572](https://togithub.com/dani-garcia/vaultwarden/pull/3572) - [@​mightyBroccoli](https://togithub.com/mightyBroccoli) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3997](https://togithub.com/dani-garcia/vaultwarden/pull/3997) **Full Changelog**: dani-garcia/vaultwarden@1.29.2...1.30.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on saturday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/arthurgeek/vaultwarden-fly-template). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
](https://renovatebot.com){kind=link}
arthurgeek
referenced
this pull request
in arthurgeek/vaultwarden-fly
Nov 12, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [vaultwarden/server](https://togithub.com/dani-garcia/vaultwarden) | stage | minor | `1.29.2-alpine` -> `1.30.0-alpine` | --- ### Release Notes <details> <summary>dani-garcia/vaultwarden (vaultwarden/server)</summary> ### [`v1.30.0`](https://togithub.com/dani-garcia/vaultwarden/releases/tag/1.30.0) [Compare Source](https://togithub.com/dani-garcia/vaultwarden/compare/1.29.2...1.30.0)⚠️ **Note:** The WebSockets service for live sync has been integrated in the main HTTP server, which means simpler proxy setups that don't require a separate rule to redirect WS traffic to port 3012. Please check the updated examples in the [wiki](https://togithub.com/dani-garcia/vaultwarden/wiki/Proxy-examples). It's recommended to migrate to this new setup as using the old server on port 3012 is deprecated, won't receive new features and will be removed in a future release. #### Major changes and New Features - Added `passkey` support, allowing the browser extensions to store and use your `passkeys`, make sure the extension is updated to version `2023.10.0` or newer for passkey support. - Updated web vault to 2023.10.0. - Fixed crashes in ARMv6 devices - Fixed crashes when trying to create/edit a cipher in the mobile applications. #### What's Changed - Update Rust and Crates by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3808](https://togithub.com/dani-garcia/vaultwarden/pull/3808) - update web-vault to v2023.8.2 by [@​stefan0xC](https://togithub.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/3821](https://togithub.com/dani-garcia/vaultwarden/pull/3821) - Fix Login With Device without MasterPassword by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3831](https://togithub.com/dani-garcia/vaultwarden/pull/3831) - Update GitHub Workflow by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3910](https://togithub.com/dani-garcia/vaultwarden/pull/3910) - Fix arm builds by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3911](https://togithub.com/dani-garcia/vaultwarden/pull/3911) - Fix typos by [@​tuhanayim](https://togithub.com/tuhanayim) in [https://github.com/dani-garcia/vaultwarden/pull/3959](https://togithub.com/dani-garcia/vaultwarden/pull/3959) - csp: rename anonaddy.com to addy.io by [@​stefan0xC](https://togithub.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/3950](https://togithub.com/dani-garcia/vaultwarden/pull/3950) - filter handlebars logs by [@​stefan0xC](https://togithub.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/3859](https://togithub.com/dani-garcia/vaultwarden/pull/3859) - Remove unnecessary variable clone by [@​mvalois](https://togithub.com/mvalois) in [https://github.com/dani-garcia/vaultwarden/pull/3981](https://togithub.com/dani-garcia/vaultwarden/pull/3981) - README.md: Fix grammar nit by [@​AndreasHGK](https://togithub.com/AndreasHGK) in [https://github.com/dani-garcia/vaultwarden/pull/3965](https://togithub.com/dani-garcia/vaultwarden/pull/3965) - Fix small issues by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3964](https://togithub.com/dani-garcia/vaultwarden/pull/3964) - Adds LastActive on /admin/users API route by [@​mvalois](https://togithub.com/mvalois) in [https://github.com/dani-garcia/vaultwarden/pull/3951](https://togithub.com/dani-garcia/vaultwarden/pull/3951) - Reopen log file on SIGHUP by [@​tobiasmboelz](https://togithub.com/tobiasmboelz) in [https://github.com/dani-garcia/vaultwarden/pull/3909](https://togithub.com/dani-garcia/vaultwarden/pull/3909) - Fix External ID not set during DC Sync by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3804](https://togithub.com/dani-garcia/vaultwarden/pull/3804) - New config option disable email change by [@​admav](https://togithub.com/admav) in [https://github.com/dani-garcia/vaultwarden/pull/3986](https://togithub.com/dani-garcia/vaultwarden/pull/3986) - 2FA Confirmation Code Email subject line change to fix triggering Google spam blocker by [@​aureateflux](https://togithub.com/aureateflux) in [https://github.com/dani-garcia/vaultwarden/pull/3572](https://togithub.com/dani-garcia/vaultwarden/pull/3572) - Implement cipher key encryption by [@​dani-garcia](https://togithub.com/dani-garcia) in [https://github.com/dani-garcia/vaultwarden/pull/3990](https://togithub.com/dani-garcia/vaultwarden/pull/3990) - Container building changes by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3958](https://togithub.com/dani-garcia/vaultwarden/pull/3958) - Fix issue with MariaDB/MySQL migrations by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/3994](https://togithub.com/dani-garcia/vaultwarden/pull/3994) - feat: Working passkeys storage by [@​GeekCornerGH](https://togithub.com/GeekCornerGH) in [https://github.com/dani-garcia/vaultwarden/pull/4025](https://togithub.com/dani-garcia/vaultwarden/pull/4025) - ci: add trivy workflow by [@​mightyBroccoli](https://togithub.com/mightyBroccoli) in [https://github.com/dani-garcia/vaultwarden/pull/3997](https://togithub.com/dani-garcia/vaultwarden/pull/3997) - Fix importing Bitwarden exports by [@​BlackDex](https://togithub.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/4030](https://togithub.com/dani-garcia/vaultwarden/pull/4030) #### New Contributors - [@​tuhanayim](https://togithub.com/tuhanayim) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3959](https://togithub.com/dani-garcia/vaultwarden/pull/3959) - [@​mvalois](https://togithub.com/mvalois) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3981](https://togithub.com/dani-garcia/vaultwarden/pull/3981) - [@​AndreasHGK](https://togithub.com/AndreasHGK) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3965](https://togithub.com/dani-garcia/vaultwarden/pull/3965) - [@​tobiasmboelz](https://togithub.com/tobiasmboelz) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3909](https://togithub.com/dani-garcia/vaultwarden/pull/3909) - [@​admav](https://togithub.com/admav) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3986](https://togithub.com/dani-garcia/vaultwarden/pull/3986) - [@​aureateflux](https://togithub.com/aureateflux) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3572](https://togithub.com/dani-garcia/vaultwarden/pull/3572) - [@​mightyBroccoli](https://togithub.com/mightyBroccoli) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/3997](https://togithub.com/dani-garcia/vaultwarden/pull/3997) **Full Changelog**: dani-garcia/vaultwarden@1.29.2...1.30.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on saturday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/arthurgeek/vaultwarden-fly). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
While working on the fix for #3777 I realized the location where the
external_idis stored was wrong. It was stored in the
userstable, but it actuallyshould have been stored in the
users_organizationstable.This will move the column to the right table. It will not move the
values of the
external_idcolumn, because if there are moreorganizations, there is no way to really know which organization it is
linked to. Setups using the Directory Connector can clear the sync
cache, and sync again, that will store all the
external_idvalues atthe right location.
Also changed the function to revoke,restore an org-user and set_external_id to return a boolean.
It will state if the value has been changed or not, and if not, we can
prevent a
savecall to the database.The
userstable is not changed to remove theexternal_idcolumn, thito prevent issue when users want to revert back to an earlier version
for some reason. We can do this after a few minor release i think.
Fixes #3777