From de18c8306d2fa1257c9561ba774bb9221ad7ee1a Mon Sep 17 00:00:00 2001 From: Johann150 Date: Sun, 4 Dec 2022 19:05:02 +0100 Subject: [PATCH] server: fix token-permissions migration The table that is affected here was not properly purged of old entries. It only holds data that is needed while a 3rd party authorization is in progress but not finished. The code that typeorm generated for this migration is a bit wonky because it should probably have dropped one column and created another one. But if we clear out all entries it should work regardless and I'm feeling lazy right now. :P --- .../backend/migration/1667653936442-token-permissions.js | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/packages/backend/migration/1667653936442-token-permissions.js b/packages/backend/migration/1667653936442-token-permissions.js index d6c3e0fba..df6925bee 100644 --- a/packages/backend/migration/1667653936442-token-permissions.js +++ b/packages/backend/migration/1667653936442-token-permissions.js @@ -6,6 +6,9 @@ export class tokenPermissions1667653936442 { await queryRunner.query(`UPDATE "access_token" SET permission = (SELECT permission FROM "app" WHERE "app"."id" = "access_token"."appId") WHERE "appId" IS NOT NULL AND CARDINALITY("permission") = 0`); // The permission column should now always be set explicitly, so the default is not needed any more. await queryRunner.query(`ALTER TABLE "access_token" ALTER COLUMN "permission" DROP DEFAULT`); + // Drop all currently running authorization sessions. Already created tokens remain untouched. + // If you were registering an app just before upgrade started, try again later. ¯\_(ツ)_/¯ + await queryRunner.query(`TRUNCATE TABLE "auth_session"`); // Refactor scheme to allow multiple access tokens per app. await queryRunner.query(`ALTER TABLE "auth_session" DROP CONSTRAINT "FK_c072b729d71697f959bde66ade0"`); await queryRunner.query(`ALTER TABLE "auth_session" RENAME COLUMN "userId" TO "accessTokenId"`); @@ -14,6 +17,10 @@ export class tokenPermissions1667653936442 { } async down(queryRunner) { + // Drop all currently running authorization sessions. Already created tokens remain untouched. + // If you were registering an app just before downgrade started, try again later. ¯\_(ツ)_/¯ + await queryRunner.query(`TRUNCATE TABLE "auth_session"`); + await queryRunner.query(`ALTER TABLE "auth_session" DROP CONSTRAINT "FK_8e001e5a101c6dca37df1a76d66"`); await queryRunner.query(`ALTER TABLE "auth_session" DROP CONSTRAINT "UQ_8e001e5a101c6dca37df1a76d66"`); await queryRunner.query(`ALTER TABLE "access_token" ALTER COLUMN "permission" DROP DEFAULT`);