synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-03 16:13:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: avoid processing updates to usernames (#3571)

Browse Source 
- With the support of OIDC we began processing updates to a user's
  email and username to stay in sync with the upstream provider. This
  can cause issues in templates that use the user's username as a stable
  identifier, potentially causing the deletion of user's home volumes.
- Fix some faulty error wrapping.
This commit is contained in:
Jon Ayers
2022-08-18 17:56:17 -05:00
committed by GitHub
parent 04c5f924d7
commit f6b0835982
1 changed files with 8 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
coderd/userauth.go
View File

@ -229,13 +229,13 @@ func (api *API) userOAuth2Github(rw http.ResponseWriter, r *http.Request) {
if link.LinkedID == "" {
link, err = api.Database.UpdateUserLinkedID(ctx, database.UpdateUserLinkedIDParams{
UserID: user.ID,
LinkedID: githubLinkedID(ghUser),
LoginType: database.LoginTypeGithub,
LinkedID: githubLinkedID(ghUser),
})
if err != nil {
httpapi.Write(rw, http.StatusInternalServerError, codersdk.Response{
Message: "A database error occurred.",
Detail: xerrors.Errorf("update user link: %w", err.Error).Error(),
Detail: fmt.Sprintf("update user link: %s", err.Error()),
})
return
}
@ -437,13 +437,13 @@ func (api *API) userOIDC(rw http.ResponseWriter, r *http.Request) {
if link.LinkedID == "" {
link, err = api.Database.UpdateUserLinkedID(ctx, database.UpdateUserLinkedIDParams{
UserID: user.ID,
LoginType: database.LoginTypeOIDC,
LinkedID: oidcLinkedID(idToken),
LoginType: database.LoginTypeGithub,
})
if err != nil {
httpapi.Write(rw, http.StatusInternalServerError, codersdk.Response{
Message: "A database error occurred.",
Detail: xerrors.Errorf("update user link: %w", err.Error).Error(),
Detail: fmt.Sprintf("update user link: %s", err.Error()),
})
return
}
@ -477,9 +477,10 @@ func (api *API) userOIDC(rw http.ResponseWriter, r *http.Request) {
// longer sign in until an administrator finds the offending built-in
// user and changes their username.
user, err = api.Database.UpdateUserProfile(ctx, database.UpdateUserProfileParams{
ID: user.ID,
Email: claims.Email,
Username: claims.Username,
ID: user.ID,
Email: claims.Email,
// TODO: This should run in a transaction.
Username: user.Username,
UpdatedAt: database.Now(),
})
if err != nil {