proxmox-mirrors/pve-access-control
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-access-control synced 2025-10-04 22:29:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

api: delete user: better communicate partial deletion

Browse Source 
this is really an edge case and should not happen often in practice,
the time window is small and deletions are not _that_ common, but
still.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Thomas Lamprecht 2021-09-27 15:46:26 +02:00
parent ba6cc98fcb
commit e780b46aab
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/PVE/API2/User.pm
View File

@ -451,11 +451,19 @@ __PACKAGE__->register_method ({
# know that it's OK to drop any TFA entry in that case.
delete $usercfg->{users}->{$userid};
PVE::AccessControl::user_set_tfa($userid, $realm, undef, undef, $usercfg, $domain_cfg);
my $partial_deletion = '';
eval {
PVE::AccessControl::user_set_tfa($userid, $realm, undef, undef, $usercfg, $domain_cfg);
$partial_deletion = ' - but deleted related TFA';
PVE::AccessControl::delete_user_group($userid, $usercfg);
PVE::AccessControl::delete_user_acl($userid, $usercfg);
cfs_write_file("user.cfg", $usercfg);
PVE::AccessControl::delete_user_group($userid, $usercfg);
$partial_deletion .= ', Groups';
PVE::AccessControl::delete_user_acl($userid, $usercfg);
$partial_deletion .= ', ACLs';
cfs_write_file("user.cfg", $usercfg);
};
die "$@$partial_deletion\n" if $@;
}, "delete user failed");
return undef;