mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Clean up incorrect logging and document some recycle bin edge cases.

Browse source
This commit is contained in:
William Brown 2020-03-25 08:30:01 +10:00
parent 6388bcf6fc
commit aae6625c4d
2 changed files with 32 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
kanidm_book/src/recycle_bin.md
View file

@ -36,5 +36,36 @@ An entry can be revived with:
kanidm recycle_bin revive --name admin <id> kanidm recycle_bin revive --name admin <id>
## Edge cases
The recycle bin is a best effort to restore your data - there are some cases where
the revived entries may not be the same as their were when they were deleted. This
generally revolves around reference types such as group membership.
An example of this is the following steps:
add user1
add group1
add user1 as member of group1
delete user1
delete group1
revive user1
revive group1
In this series of steps, due to the way that referential integrity is implemented, the
membership of user1 in group1 would be lost in this process. To explain why:
add user1
add group1
add user1 as member of group1 // refint between the two established, and memberof added
delete user1 // group1 removes member user1 from refint
delete group1 // user1 now removes memberof group1 from refint
revive user1 // re-add groups based on directmemberof (empty set)
revive group1 // no members
This issue could be looked at again in the future, but for now we think that deletes of
groups is rare - we expect recycle bin to save you in "opps" moments, and in a majority
of cases you may delete a group or a user and then restore them. To handle this series
of steps requires extra code complexity in how we flag operations. For more,
see [This issue on github](https://github.com/kanidm/kanidm/issues/177).

2
kanidm_client/tests/proto_v1_test.rs
View file

@ -20,7 +20,7 @@ static UNIX_TEST_PASSWORD: &str = "unix test user password";
// Test external behaviorus of the service. // Test external behaviorus of the service.
fn run_test(test_fn: fn(KanidmClient) -> ()) { fn run_test(test_fn: fn(KanidmClient) -> ()) {
::std::env::set_var("RUST_LOG", "actix_web=debug,kanidm=debug"); // ::std::env::set_var("RUST_LOG", "actix_web=debug,kanidm=debug");
let _ = env_logger::builder().is_test(true).try_init(); let _ = env_logger::builder().is_test(true).try_init();
let (tx, rx) = mpsc::channel(); let (tx, rx) = mpsc::channel();
let port = PORT_ALLOC.fetch_add(1, Ordering::SeqCst); let port = PORT_ALLOC.fetch_add(1, Ordering::SeqCst);