minder icon indicating copy to clipboard operation
minder copied to clipboard
verified publisher icon stacklok

bug: project name conflict is possible when user deletes their account and re-registers

Open eleftherias opened this issue 2 years ago • 2 comments

This is an edge case.

Describe the bug

When a user deletes their account using the browser (ie not using the minder CLI) and a few minutes later re-registers using the minder cli, then their registration will fail because a project with the same name already exists.

Why does this happen? When a user deletes their account using the browser, mediator is not immediately notified of these changes. Mediator check for new deletion events every 24 hours, so it may take up to 24 hours for the user deletion to propagate to mediator data. If a user creates a new account before the deletion is propagated, then their project (named after their username) will still exist and cause a conflict when attempting to create it again. Note that the user will not inherit their old projects (or any other data) after their account has been deleted, because Keycloak creates a new user identified on every registration (even if it's the same user re-registering).

To Reproduce Steps to reproduce the behavior:

  1. Register a new user account using minder auth login
  2. Delete account page from the browser, either by navigating to the account page, or by using one of the browser based apps
  3. Re-register the user using minder auth login
  4. There will be an error because the project with user's username already exists

Expected behavior The user should be allowed to re-register immediately after deleting their account.

eleftherias avatar Oct 13 '23 08:10 eleftherias

@eleftherias I think this can be closed now, can't it? I haven't seen this issue for quite some time and we did a bunch of fixes in the area.

jhrozek avatar Apr 18 '24 20:04 jhrozek

This issue is specifically when someone deleted their account outside of Minder, e.g. from Trusty. Minder has a chron job that queries Keycloak for deletion events, but the chron runs once a day, so it can take Minder a full day before it cleans up the deleted users project.

eleftherias avatar Apr 19 '24 06:04 eleftherias

@rdimitrov -- did you just fix this?

evankanderson avatar Jul 10 '24 19:07 evankanderson

@rdimitrov -- did you just fix this?

Accidentally, yes 😃

I mean with the fix in https://github.com/stacklok/minder/pull/3815 this shouldn't happen since in case of a conflict we'll try with another unique project name.

So even though the reason for this conflict is different than what motivated my fix, I think we can consider this issue fixed by https://github.com/stacklok/minder/pull/3815.

rdimitrov avatar Jul 11 '24 08:07 rdimitrov

Fixed by https://github.com/stacklok/minder/pull/3815

rdimitrov avatar Jul 11 '24 08:07 rdimitrov