[pbs-devel] [PATCH proxmox-backup 3/5] fix #4382: api2: remove permissions and tokens of user on deletion

[Hannes Laimer]

Signed-off-by: Hannes Laimer <h.laimer at proxmox.com>
---
 src/api2/access/user.rs | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/src/api2/access/user.rs b/src/api2/access/user.rs
index ce676252..40177c8d 100644
--- a/src/api2/access/user.rs
+++ b/src/api2/access/user.rs
@@ -346,7 +346,7 @@ pub fn update_user(
 )]
 /// Remove a user from the configuration file.
 pub fn delete_user(userid: Userid, digest: Option<String>) -> Result<(), Error> {
-    let _lock = pbs_config::user::lock_config()?;
+    let _user_lock = pbs_config::user::lock_config()?;
     let _tfa_lock = crate::config::tfa::write_lock()?;
 
     let (mut config, expected_digest) = pbs_config::user::config()?;
@@ -390,6 +390,28 @@ pub fn delete_user(userid: Userid, digest: Option<String>) -> Result<(), Error>
         }
     }
 
+    // delete_token needs the user config lock, therefore we have to drop it here
+    drop(_user_lock);
+
+    let user_tokens: Vec<ApiToken> = config
+        .convert_to_typed_array::<ApiToken>("token")?
+        .into_iter()
+        .filter(|token| token.tokenid.user().eq(&userid))
+        .collect();
+    for token in user_tokens {
+        if let Some(name) = token.tokenid.tokenname() {
+            let user = token.tokenid.user();
+            delete_token(user.clone(), name.to_owned(), None)?
+        }
+    }
+
+    // delete_token needs the acl config lock, that's why it is not aquired at the beginning
+    let _acl_lock = pbs_config::acl::lock_config()?;
+
+    let (mut tree, _digest) = pbs_config::acl::config()?;
+    tree.delete_authid(&Authid::from(userid));
+    pbs_config::acl::save_config(&tree)?;
+
     Ok(())
 }
 
-- 
2.30.2