feat: Make admin recovery to work without emails #1419

[abador]

Related issue(s)

#1419

Checklist

• I have read the contributing guidelines.
• I am following the
  contributing code guidelines.
• I have read the security policy.
• I confirm that this pull request does not address a security
  vulnerability. If this pull request addresses a security. vulnerability, I
  confirm that I got green light (please contact
  [email protected]) from the maintainers to push
  the changes.
• I have added tests that prove my fix is effective or that my feature
  works.
• I have added or changed the documentation.

Further Comments

It's possible now to initiate and finish the whole recovery flow without a valid recovery email

[aeneasr]

Thank you! This looks much more like what we need! I haven’t vetted the tests yet but the logic looks 👌. The SQL statements need a bit more work but generally it appears to be good to go. Could you please also update the docs a bit that talk about this feature to reflect the new behavior? :)

[aeneasr]

This should have a foreign key :)

[abador]

Fixed in c6f3d98

[aeneasr]

Any error would be ignored here. Please return them appropriately. You can use errors.Is(sql.ErrNoRows) to detect if the row could not be found

[abador]

@aeneasr I pushed the fixes and docs. Still the tests fail on running goimports. I'm not sure why this fails since I've got it configured locally and I see no errors :/

[aeneasr]

Almost :)

[aeneasr]

You can add foreign keys in sqlite like so:

kratos/persistence/sql/migrations/templates/20210410175418_network.up.fizz

Line 4 in 4bec9ef

sql("ALTER TABLE selfservice_login_flows ADD COLUMN nid CHAR(36) NULL REFERENCES networks(id) ON DELETE CASCADE ON UPDATE RESTRICT")

[abador]

Sorry missed that comment. I'll try to fix it today

[abador]

@aeneasr if I add a column this way the migrations don't generate properly. The identity_id column is added i one of the first migrations and then is being removed after some temp table is generated and data is copied there. This causes tests to fail since the identity_id column doesn't exist
"sqlite create: table identity_recovery_tokens has no column named identity_id"

[aeneasr]

Could you share the full up/down migration?

[abador]

@aeneasr 45ec59b

[aeneasr]

Did it help? :)

[abador]

sorry @aeneasr no it didn't. I still get "sqlite create: table identity_recovery_tokens has no column named identity_id" . The only change that wasn't in the pr is in this file: 20210410175418000063_network.sqlite3.down.sql, but it doesn't matter.

[aeneasr]

Ok, I'll take a look

[aeneasr]

I just checked out your branch, ran rm -rf persistence/sql/migrations/sql/* && make migrations-render-replace and it worked. Not sure what's going on on your end?

Assuming tests pass, is this PR complete in your opinion?

[abador]

I just checked out your branch, ran rm -rf persistence/sql/migrations/sql/* && make migrations-render-replace and it worked. Not sure what's going on on your end?

Assuming tests pass, is this PR complete in your opinion?

make migrations-render-replace works, but tests fail after that the same way. After regenerating migrations the only difference between my pr and local changes is the file I mentioned in the previous comment.

As for the PR I would say it's finished.

[aeneasr]

I have fixed the issues you faced. However, there are still a few tests failing. Those are related to your changes though. Could you please take a look? Thanks!

[abador]

I have fixed the issues you faced. However, there are still a few tests failing. Those are related to your changes though. Could you please take a look? Thanks!

Sorry @aeneasr I'll get back to all upstream tickets on friday or next week

[aeneasr]

While the PR is being worked on I will mark it as a draft. That declutters our review backlog :)

Once you're done with your changes and would like someone to review them, mark the PR as ready and request a review from one of the maintainers.

Thank you!

[abador]

@aeneasr it seems one test failed, but it's unrelated to my changes (I did a squash and git push force yesterday when everything passed except ci/circleci: generate-openapi).

[aeneasr]

I tried pushing some changes required for merging the PR to your fork & branch, but it appears that I am not allowed to do so 😕

% git push ...
ERROR: Permission to push denied to aeneasr.
fatal: could not read from the remote repository.

Please make sure that you have the correct access rights
and the repository exists.

But the good news is, giving access is easy! ☺️ All you need to do is enable write access for maintainers. Thank you! 😄

If the repository belongs to an organization, please add me for the project as a collaborator!

[codecov]

Codecov Report

Merging #1750 (9bfe61e) into master (833f14f) will increase coverage by 0.00%.
The diff coverage is 92.59%.

@@           Coverage Diff           @@
##           master    #1750   +/-   ##
=======================================
  Coverage   75.13%   75.13%           
=======================================
  Files         292      292           
  Lines       15125    15127    +2     
=======================================
+ Hits        11364    11366    +2     
  Misses       2950     2950           
  Partials      811      811           

Impacted Files	Coverage Δ
persistence/sql/persister_recovery.go	80.00% <0.00%> (+0.45%)	⬆️
selfservice/strategy/link/strategy_recovery.go	64.15% <100.00%> (-0.93%)	⬇️
selfservice/strategy/link/test/persistence.go	100.00% <100.00%> (ø)
selfservice/strategy/link/token_recovery.go	100.00% <100.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 273785a...9bfe61e. Read the comment docs.

[aeneasr]

Thank you for your hard work! :)