-
Notifications
You must be signed in to change notification settings - Fork 122
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Properly destroy a user after a credentials creation failure (#1507)
# Description Here is how a user is created in Kuzzle: 1. Kuzzle asks strategy plugins to check credentials (`validate` functions). If a plugin rejects credentials, the user creation process is aborted 2. Kuzzle creates a global user and attributes it a kuid 3. Kuzzle asks strategy plugins to create credentials 4. If a plugin fails to create credentials, Kuzzle deletes the already created credentials as well as the global user There is a bug in step 4: the incorrect argument is passed to repositories.delete, and the rollbacks does not delete the global user document. This makes Kuzzle consider the user as "already created" and even with fixed credentials, it cannot be created anymore.
- Loading branch information
Showing
2 changed files
with
36 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters