Person merge must delete/hide the merged account
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Fix Released
|
High
|
Curtis Hovey |
Bug Description
Recent changes to SSO require Launchpad to delete the accounts of merged users. This implies the email addresses must also be reconciled.
Note that there may be something else wrong with merge because all email addresses used to authenticate should have been transferred to remaining account and person.
Salgado recommends removing the LP account table
> <salgado> I have two LP accounts, a1 (with openid identifier 'a1') and a2 (with
> openid identifier 'a2')
> <salgado> a1 has <email address hidden> as its email address
> <salgado> and a2 has <email address hidden>
> <salgado> now, let's say I merge account a2 into account a1
> <salgado> that will move <email address hidden> to a1, but won't actually delete the a1
> account
> <salgado> also, on the SSO DB, the <email address hidden> email is still associated with
> the a2 account
> <salgado> because the account merge is a LP thing
> <salgado> if I now log into LP using <email address hidden>, the SSO will send a2 as the
> OpenID identifier to LP
> <salgado> but that identifier is associated with a merged account
> <mars> right, a2-merged
> <salgado> which has no preferred email address
> <salgado> so the callback page OOPSes
> <salgado> we wouldn't have this sort of problem if we've gotten rid of the
> Account table from our DB
> <mars> salgado, so the correct behaviour would be to log in with <email address hidden>,
> and then I appear as using account a1?
> <mars> but it incorrectly shows up as using account a2-merged
> <salgado> but in the mean time we could change the person merge code to delete
> the Account entry for the merged person
> <salgado> mars, correct
> <salgado> if we do as I say above, it will work as expected
> <mars> how will that fix "if I now log into LP using <email address hidden>, the SSO
> will send a2 as the OpenID identifier to LP" ?
> <salgado> it won't
> <salgado> it will still send a2
> <mars> and then?
> <salgado> but since that identifier is not in our DB, we'll fall back to look up
> the account which is associated with <email address hidden>
> <mars> oh
> <salgado> let me confirm
> <mars> ok
> <mars> salgado, is deleting the merged account a problem? Why have we not done
> this in the past?
> <salgado> mars, confirmed. we do that and then set the OpenID identifier of the
> a1 account to 'a2'
> <salgado> mars, because we don't delete anything when merging people
> <mars> salgado, in the mean time can we run a SQL query to delete the account,
> see if it works as expected?
> <salgado> mars, sure, just ask the LOSAs to delete the merged account
> <mars> salgado, should they save the data just in case it doesn't work?
> <mars> if such a thing is even possible...
> <salgado> they could write down the data before deleting, but there's nothing
> useful in the account entry of a merged person anyway
Related branches
- Abel Deuring (community): Approve (code)
-
Diff: 119 lines (+47/-11)3 files modifieddatabase/schema/pending/update-merged-person-accounts.sql (+24/-0)
lib/lp/registry/doc/person-merge.txt (+11/-3)
lib/lp/registry/model/person.py (+12/-8)
tags: |
added: qa-ok removed: qa-needstesting |
Changed in launchpad-registry: | |
status: | Fix Committed → Fix Released |
We cannot delete the account, but we can change the Account. openid_ identifier to not match any identifier sent from SSO.