Merge pull request #1535 from Infisical/daniel/better-upgrade-errors

Fix: Edge case causing project upgrade to fail
create secret on overview typo
2025-07-25 14:07:47 +00:00 · 2024-03-07 00:07:05 +01:00 · 2024-03-06 17:50:31 -05:00 · 2024-03-06 17:38:49 -05:00 · 2024-03-06 23:15:13 +01:00 · 2024-03-06 23:15:02 +01:00
5 changed files with 81 additions and 8 deletions
--- a/backend/src/db/seeds/1-user.ts
+++ b/backend/src/db/seeds/1-user.ts
@@ -9,7 +9,12 @@ export async function seed(knex: Knex): Promise<void> {
  await knex(TableName.Users).del();
  await knex(TableName.UserEncryptionKey).del();
  await knex(TableName.SuperAdmin).del();
-  await knex(TableName.SuperAdmin).insert([{ initialized: true, allowSignUp: true }]);
+
+  await knex(TableName.SuperAdmin).insert([
+    // eslint-disable-next-line
+    // @ts-ignore
+    { id: "00000000-0000-0000-0000-000000000000", initialized: true, allowSignUp: true }
+  ]);
  // Inserts seed entries
  const [user] = await knex(TableName.Users)
    .insert([
--- a/backend/src/server/routes/index.ts
+++ b/backend/src/server/routes/index.ts
@@ -263,6 +263,8 @@ export const registerRoutes = async (
    incidentContactDAL,
    tokenService,
    projectDAL,
+    projectMembershipDAL,
+    projectKeyDAL,
    smtpService,
    userDAL,
    orgBotDAL
--- a/backend/src/services/org/org-service.ts
+++ b/backend/src/services/org/org-service.ts
@@ -22,6 +22,8 @@ import { ActorType, AuthMethod, AuthTokenType } from "../auth/auth-type";
 import { TAuthTokenServiceFactory } from "../auth-token/auth-token-service";
 import { TokenType } from "../auth-token/auth-token-types";
 import { TProjectDALFactory } from "../project/project-dal";
+import { TProjectKeyDALFactory } from "../project-key/project-key-dal";
+import { TProjectMembershipDALFactory } from "../project-membership/project-membership-dal";
 import { SmtpTemplates, TSmtpService } from "../smtp/smtp-service";
 import { TUserDALFactory } from "../user/user-dal";
 import { TIncidentContactsDALFactory } from "./incident-contacts-dal";
@@ -44,6 +46,8 @@ type TOrgServiceFactoryDep = {
  orgRoleDAL: TOrgRoleDALFactory;
  userDAL: TUserDALFactory;
  projectDAL: TProjectDALFactory;
+  projectMembershipDAL: Pick<TProjectMembershipDALFactory, "findProjectMembershipsByUserId" | "delete">;
+  projectKeyDAL: Pick<TProjectKeyDALFactory, "find" | "delete">;
  incidentContactDAL: TIncidentContactsDALFactory;
  samlConfigDAL: Pick<TSamlConfigDALFactory, "findOne" | "findEnforceableSamlCfg">;
  smtpService: TSmtpService;
@@ -65,6 +69,8 @@ export const orgServiceFactory = ({
  permissionService,
  smtpService,
  projectDAL,
+  projectMembershipDAL,
+  projectKeyDAL,
  tokenService,
  orgBotDAL,
  licenseService,
@@ -503,10 +509,50 @@ export const orgServiceFactory = ({
    const { permission } = await permissionService.getUserOrgPermission(userId, orgId, actorOrgId);
    ForbiddenError.from(permission).throwUnlessCan(OrgPermissionActions.Delete, OrgPermissionSubjects.Member);

-    const membership = await orgDAL.deleteMembershipById(membershipId, orgId);
+    const deletedMembership = await orgDAL.transaction(async (tx) => {
+      const orgMembership = await orgDAL.deleteMembershipById(membershipId, orgId, tx);

-    await licenseService.updateSubscriptionOrgMemberCount(orgId);
-    return membership;
+      if (!orgMembership.userId) {
+        await licenseService.updateSubscriptionOrgMemberCount(orgId);
+        return orgMembership;
+      }
+
+      // Get all the project memberships of the user in the organization
+      const projectMemberships = await projectMembershipDAL.findProjectMembershipsByUserId(orgId, orgMembership.userId);
+
+      // Delete all the project memberships of the user in the organization
+      await projectMembershipDAL.delete(
+        {
+          $in: {
+            id: projectMemberships.map((membership) => membership.id)
+          }
+        },
+        tx
+      );
+
+      // Get all the project keys of the user in the organization
+      const projectKeys = await projectKeyDAL.find({
+        $in: {
+          projectId: projectMemberships.map((membership) => membership.projectId)
+        },
+        receiverId: orgMembership.userId
+      });
+
+      // Delete all the project keys of the user in the organization
+      await projectKeyDAL.delete(
+        {
+          $in: {
+            id: projectKeys.map((key) => key.id)
+          }
+        },
+        tx
+      );
+
+      await licenseService.updateSubscriptionOrgMemberCount(orgId);
+      return orgMembership;
+    });
+
+    return deletedMembership;
  };

  /*
--- a/backend/src/services/project-membership/project-membership-dal.ts
+++ b/backend/src/services/project-membership/project-membership-dal.ts
@@ -82,5 +82,25 @@ export const projectMembershipDALFactory = (db: TDbClient) => {
    }
  };

-  return { ...projectMemberOrm, findAllProjectMembers, findProjectGhostUser, findMembershipsByEmail };
+  const findProjectMembershipsByUserId = async (orgId: string, userId: string) => {
+    try {
+      const memberships = await db(TableName.ProjectMembership)
+        .where({ userId })
+        .join(TableName.Project, `${TableName.ProjectMembership}.projectId`, `${TableName.Project}.id`)
+        .where({ [`${TableName.Project}.orgId` as "orgId"]: orgId })
+        .select(selectAllTableCols(TableName.ProjectMembership));
+
+      return memberships;
+    } catch (error) {
+      throw new DatabaseError({ error, name: "Find project memberships by user id" });
+    }
+  };
+
+  return {
+    ...projectMemberOrm,
+    findAllProjectMembers,
+    findProjectGhostUser,
+    findMembershipsByEmail,
+    findProjectMembershipsByUserId
+  };
 };
--- a/frontend/src/views/SecretOverviewPage/components/CreateSecretForm/CreateSecretForm.tsx
+++ b/frontend/src/views/SecretOverviewPage/components/CreateSecretForm/CreateSecretForm.tsx
@@ -75,7 +75,7 @@ export const CreateSecretForm = ({
    const isEnvironmentsSelected = environmentsSelected.length;

    if (!isEnvironmentsSelected) {
-      createNotification({ type: "error", text: "Select atleast one environment" });
+      createNotification({ type: "error", text: "Select at least one environment" });
      return;
    }

@@ -143,8 +143,8 @@ export const CreateSecretForm = ({
    <Modal isOpen={isOpen} onOpenChange={onTogglePopUp}>
      <ModalContent
        className="max-h-[80vh] overflow-y-auto"
-        title="Add Secrets"
-        subTitle="Add secrets in all environments at once."
+        title="Bulk Create & Update"
+        subTitle="Create & update a secret across many environments"
      >
        <form onSubmit={handleSubmit(handleFormSubmit)}>
          <FormControl label="Key" isError={Boolean(errors?.key)} errorText={errors?.key?.message}>
Author	SHA1	Message	Date
Daniel Hougaard	10a40c8ab2	Merge pull request #1535 from Infisical/daniel/better-upgrade-errors Fix: Edge case causing project upgrade to fail	2024-03-07 00:07:05 +01:00
Maidul Islam	b910ceacfc	create secret on overview typo	2024-03-06 17:50:31 -05:00
Maidul Islam	cb66386e13	Merge pull request #1536 from Infisical/daniel/fix-project-memberships Fix: Remove project keys & memberships when organization membership is deleted	2024-03-06 17:38:49 -05:00
Daniel Hougaard	ae53f03f71	Fix: Remove project memberships & project keys when org membership is deleted (DAL)	2024-03-06 23:15:13 +01:00
Daniel Hougaard	7ae024724d	Fix: Remove project memberships & project keys when org membership is deleted (Service)	2024-03-06 23:15:02 +01:00
Daniel Hougaard	0b2bc1d345	Fix: Remove project memberships & project keys when org membership is deleted	2024-03-06 23:14:52 +01:00
Daniel Hougaard	da5eca3e68	Fix: Seeding not working	2024-03-06 23:13:22 +01:00
Maidul Islam	d140e4f3c9	update bulk add message	2024-03-06 14:12:21 -05:00