nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-06 05:28:15 -05:00
Code

PM-2427-Defect-Cannot-delete-account-if-User-has-auth-request-on-table-FK-constraint (#3118)

Browse Source 
* updated migrations and ef repo

* removed route alias

---------

Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
This commit is contained in:
Ike 2023-08-15 14:16:02 -07:00 committed by GitHub
parent c7b3759d55
commit 4ec01b0ef0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 149 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Identity/Controllers/SsoController.cs
View File

@ -14,8 +14,6 @@ using Microsoft.AspNetCore.Mvc;
namespace Bit.Identity.Controllers; namespace Bit.Identity.Controllers;
// TODO: 2022-01-12, Remove account alias
[Route("account/[action]")]
[Route("sso/[action]")] [Route("sso/[action]")]
public class SsoController : Controller public class SsoController : Controller
{ {

1
src/Infrastructure.EntityFramework/Repositories/UserRepository.cs
View File

@ -155,6 +155,7 @@ public class UserRepository : Repository<Core.Entities.User, User, Guid>, IUserR
dbContext.Ciphers.RemoveRange(dbContext.Ciphers.Where(c => c.UserId == user.Id)); dbContext.Ciphers.RemoveRange(dbContext.Ciphers.Where(c => c.UserId == user.Id));
dbContext.Folders.RemoveRange(dbContext.Folders.Where(f => f.UserId == user.Id)); dbContext.Folders.RemoveRange(dbContext.Folders.Where(f => f.UserId == user.Id));
dbContext.AuthRequests.RemoveRange(dbContext.AuthRequests.Where(s => s.UserId == user.Id));
dbContext.Devices.RemoveRange(dbContext.Devices.Where(d => d.UserId == user.Id)); dbContext.Devices.RemoveRange(dbContext.Devices.Where(d => d.UserId == user.Id));
var collectionUsers = from cu in dbContext.CollectionUsers var collectionUsers = from cu in dbContext.CollectionUsers
join ou in dbContext.OrganizationUsers on cu.OrganizationUserId equals ou.Id join ou in dbContext.OrganizationUsers on cu.OrganizationUserId equals ou.Id

15
src/Sql/dbo/Stored Procedures/User_DeleteById.sql
View File

@ -31,6 +31,13 @@ BEGIN
WHERE WHERE
[UserId] = @Id [UserId] = @Id
-- Delete AuthRequest, must be before Device
DELETE
FROM
[dbo].[AuthRequest]
WHERE
[UserId] = @Id
-- Delete devices -- Delete devices
DELETE DELETE
FROM FROM
@ -43,7 +50,7 @@ BEGIN
CU CU
FROM FROM
[dbo].[CollectionUser] CU [dbo].[CollectionUser] CU
INNER JOIN INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = CU.[OrganizationUserId] [dbo].[OrganizationUser] OU ON OU.[Id] = CU.[OrganizationUserId]
WHERE WHERE
OU.[UserId] = @Id OU.[UserId] = @Id
@ -53,7 +60,7 @@ BEGIN
GU GU
FROM FROM
[dbo].[GroupUser] GU [dbo].[GroupUser] GU
INNER JOIN INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = GU.[OrganizationUserId] [dbo].[OrganizationUser] OU ON OU.[Id] = GU.[OrganizationUserId]
WHERE WHERE
OU.[UserId] = @Id OU.[UserId] = @Id
@ -63,7 +70,7 @@ BEGIN
AP AP
FROM FROM
[dbo].[AccessPolicy] AP [dbo].[AccessPolicy] AP
INNER JOIN INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = AP.[OrganizationUserId] [dbo].[OrganizationUser] OU ON OU.[Id] = AP.[OrganizationUserId]
WHERE WHERE
[UserId] = @Id [UserId] = @Id
@ -95,7 +102,7 @@ BEGIN
[dbo].[EmergencyAccess] [dbo].[EmergencyAccess]
WHERE WHERE
[GrantorId] = @Id [GrantorId] = @Id
OR OR
[GranteeId] = @Id [GranteeId] = @Id
-- Delete Sends -- Delete Sends

136
util/Migrator/DbScripts/2023-07-17_00_DeleteUserSproc.sql Normal file
View File

@ -0,0 +1,136 @@
IF OBJECT_ID('[dbo].[User_DeleteById]') IS NOT NULL
BEGIN
DROP PROCEDURE [dbo].[User_DeleteById]
END
GO
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE PROCEDURE [dbo].[User_DeleteById]
@Id UNIQUEIDENTIFIER
WITH
RECOMPILE
AS
BEGIN
SET NOCOUNT ON
DECLARE @BatchSize INT = 100
-- Delete ciphers
WHILE @BatchSize > 0
BEGIN
BEGIN TRANSACTION User_DeleteById_Ciphers
DELETE TOP(@BatchSize)
FROM
[dbo].[Cipher]
WHERE
[UserId] = @Id
SET @BatchSize = @@ROWCOUNT
COMMIT TRANSACTION User_DeleteById_Ciphers
END
BEGIN TRANSACTION User_DeleteById
-- Delete folders
DELETE
FROM
[dbo].[Folder]
WHERE
[UserId] = @Id
-- Delete AuthRequest, must be before Device
DELETE
FROM
[dbo].[AuthRequest]
WHERE
[UserId] = @Id
-- Delete devices
DELETE
FROM
[dbo].[Device]
WHERE
[UserId] = @Id
-- Delete collection users
DELETE
CU
FROM
[dbo].[CollectionUser] CU
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = CU.[OrganizationUserId]
WHERE
OU.[UserId] = @Id
-- Delete group users
DELETE
GU
FROM
[dbo].[GroupUser] GU
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = GU.[OrganizationUserId]
WHERE
OU.[UserId] = @Id
-- Delete AccessPolicy
DELETE
AP
FROM
[dbo].[AccessPolicy] AP
INNER JOIN
[dbo].[OrganizationUser] OU ON OU.[Id] = AP.[OrganizationUserId]
WHERE
[UserId] = @Id
-- Delete organization users
DELETE
FROM
[dbo].[OrganizationUser]
WHERE
[UserId] = @Id
-- Delete provider users
DELETE
FROM
[dbo].[ProviderUser]
WHERE
[UserId] = @Id
-- Delete SSO Users
DELETE
FROM
[dbo].[SsoUser]
WHERE
[UserId] = @Id
-- Delete Emergency Accesses
DELETE
FROM
[dbo].[EmergencyAccess]
WHERE
[GrantorId] = @Id
OR
[GranteeId] = @Id
-- Delete Sends
DELETE
FROM
[dbo].[Send]
WHERE
[UserId] = @Id
-- Finally, delete the user
DELETE
FROM
[dbo].[User]
WHERE
[Id] = @Id
COMMIT TRANSACTION User_DeleteById
END