Clean up incorrect logging and document some recycle bin edge cases.

2025-02-23 12:37:00 +01:00 · 2020-03-25 08:30:01 +10:00 · 2020-03-25 08:30:01 +10:00 · aae6625c4d
parent 6388bcf6fc
commit aae6625c4d
2 changed files with 32 additions and 1 deletions
--- a/kanidm_book/src/recycle_bin.md
+++ b/kanidm_book/src/recycle_bin.md
@ -36,5 +36,36 @@ An entry can be revived with:

    kanidm recycle_bin revive --name admin <id>

+## Edge cases

+The recycle bin is a best effort to restore your data - there are some cases where
+the revived entries may not be the same as their were when they were deleted. This
+generally revolves around reference types such as group membership.
+
+An example of this is the following steps:
+
+    add user1
+    add group1
+    add user1 as member of group1
+    delete user1
+    delete group1
+    revive user1
+    revive group1
+
+In this series of steps, due to the way that referential integrity is implemented, the
+membership of user1 in group1 would be lost in this process. To explain why:
+
+    add user1
+    add group1
+    add user1 as member of group1 // refint between the two established, and memberof added
+    delete user1 // group1 removes member user1 from refint
+    delete group1 // user1 now removes memberof group1 from refint
+    revive user1 // re-add groups based on directmemberof (empty set)
+    revive group1 // no members
+
+This issue could be looked at again in the future, but for now we think that deletes of
+groups is rare - we expect recycle bin to save you in "opps" moments, and in a majority
+of cases you may delete a group or a user and then restore them. To handle this series
+of steps requires extra code complexity in how we flag operations. For more,
+see [This issue on github](https://github.com/kanidm/kanidm/issues/177).

--- a/kanidm_client/tests/proto_v1_test.rs
+++ b/kanidm_client/tests/proto_v1_test.rs
@ -20,7 +20,7 @@ static UNIX_TEST_PASSWORD: &str = "unix test user password";
 // Test external behaviorus of the service.

 fn run_test(test_fn: fn(KanidmClient) -> ()) {
-    ::std::env::set_var("RUST_LOG", "actix_web=debug,kanidm=debug");
+    // ::std::env::set_var("RUST_LOG", "actix_web=debug,kanidm=debug");
    let _ = env_logger::builder().is_test(true).try_init();
    let (tx, rx) = mpsc::channel();
    let port = PORT_ALLOC.fetch_add(1, Ordering::SeqCst);