From 665e525f0ad45ed551d18994cc99906b038a19de Mon Sep 17 00:00:00 2001 From: Valentin Tolmer Date: Wed, 30 Nov 2022 08:23:36 +0100 Subject: [PATCH] server: fix user password setting It used to try to set all user IDs to the same, which would fail if there is more than 1 user. --- server/src/domain/sql_group_backend_handler.rs | 10 ++-------- server/src/domain/sql_opaque_handler.rs | 9 ++++----- server/src/domain/sql_user_backend_handler.rs | 10 ++-------- 3 files changed, 8 insertions(+), 21 deletions(-) diff --git a/server/src/domain/sql_group_backend_handler.rs b/server/src/domain/sql_group_backend_handler.rs index f3cf463..aaca7fe 100644 --- a/server/src/domain/sql_group_backend_handler.rs +++ b/server/src/domain/sql_group_backend_handler.rs @@ -102,20 +102,14 @@ impl GroupBackendHandler for SqlBackendHandler { async fn update_group(&self, request: UpdateGroupRequest) -> Result<()> { debug!(?request.group_id); let update_group = model::groups::ActiveModel { + group_id: ActiveValue::Set(request.group_id), display_name: request .display_name .map(ActiveValue::Set) .unwrap_or_default(), ..Default::default() }; - model::Group::update_many() - .set(update_group) - .filter(sea_orm::ColumnTrait::eq( - &GroupColumn::GroupId, - request.group_id, - )) - .exec(&self.sql_pool) - .await?; + update_group.update(&self.sql_pool).await?; Ok(()) } diff --git a/server/src/domain/sql_opaque_handler.rs b/server/src/domain/sql_opaque_handler.rs index 9fd7e66..1ba6e8d 100644 --- a/server/src/domain/sql_opaque_handler.rs +++ b/server/src/domain/sql_opaque_handler.rs @@ -8,7 +8,7 @@ use super::{ }; use async_trait::async_trait; use lldap_auth::opaque; -use sea_orm::{ActiveValue, EntityTrait, FromQueryResult, QuerySelect}; +use sea_orm::{ActiveModelTrait, ActiveValue, EntityTrait, FromQueryResult, QuerySelect}; use secstr::SecUtf8; use tracing::{debug, instrument}; @@ -198,10 +198,7 @@ impl OpaqueHandler for SqlOpaqueHandler { password_hash: ActiveValue::Set(Some(password_file.serialize())), ..Default::default() }; - model::User::update_many() - .set(user_update) - .exec(&self.sql_pool) - .await?; + user_update.update(&self.sql_pool).await?; Ok(()) } } @@ -271,10 +268,12 @@ mod tests { #[tokio::test] async fn test_opaque_flow() -> Result<()> { let sql_pool = get_initialized_db().await; + crate::infra::logging::init_for_tests(); let config = get_default_config(); let backend_handler = SqlBackendHandler::new(config.clone(), sql_pool.clone()); let opaque_handler = SqlOpaqueHandler::new(config, sql_pool); insert_user_no_password(&backend_handler, "bob").await; + insert_user_no_password(&backend_handler, "john").await; attempt_login(&opaque_handler, "bob", "bob00") .await .unwrap_err(); diff --git a/server/src/domain/sql_user_backend_handler.rs b/server/src/domain/sql_user_backend_handler.rs index c19c195..dc7b99e 100644 --- a/server/src/domain/sql_user_backend_handler.rs +++ b/server/src/domain/sql_user_backend_handler.rs @@ -179,6 +179,7 @@ impl UserBackendHandler for SqlBackendHandler { async fn update_user(&self, request: UpdateUserRequest) -> Result<()> { debug!(user_id = ?request.user_id); let update_user = model::users::ActiveModel { + user_id: ActiveValue::Set(request.user_id), email: request.email.map(ActiveValue::Set).unwrap_or_default(), display_name: to_value(&request.display_name), first_name: to_value(&request.first_name), @@ -186,14 +187,7 @@ impl UserBackendHandler for SqlBackendHandler { avatar: request.avatar.into_active_value(), ..Default::default() }; - model::User::update_many() - .set(update_user) - .filter(sea_orm::ColumnTrait::eq( - &UserColumn::UserId, - request.user_id, - )) - .exec(&self.sql_pool) - .await?; + update_user.update(&self.sql_pool).await?; Ok(()) }