Can't delete Organization when organization_api_key is present

[Misterbabou]

Subject of the issue

Can't delete Organization when organization_api_key is present

Deployment environment

Your environment (Generated via diagnostics page)

• Vaultwarden version: v1.30.5

• Web-vault version: v2024.1.2b

• Install method: Docker

• Clients used: web vault, and admin panel

• Reverse proxy and version: /

• MySQL/MariaDB or PostgreSQL version: 11.3.2-MariaDB

• Other relevant details:

Steps to reproduce

• Create an Organization on the web vault

• Go to your new organization-> Settings -> Organization Info : ( https:///#/organizations//settings/account )

• Generate an api_key by cliking on "VIEW API KEY" (it will generate an entry in the Table : organization_api_key

• (on the Web-vault) Try to Delete Organisation -> Error message (user is then disconnected and can't show organization but it's still show on admin panel

log:

vaultwarden   | [2024-05-15 12:45:44.310][request][INFO] DELETE /api/organizations/7a711a73-3cfc-45cd-a4b8-7d5dc5d944b3
vaultwarden    | [2024-05-15 12:45:44.646][error][ERROR] Error saving organization.
vaultwarden    | [CAUSE] DatabaseError(
vaultwarden    |     ForeignKeyViolation,
vaultwarden    |     "Cannot delete or update a parent row: a foreign key constraint fails (`vaultwarden`.`organization_api_key`, CONSTRAINT `organization_api_key_ibfk_1` FOREIGN KEY (`org_uuid`) REFERENCES `organizations` (`uuid`))",
vaultwarden    | )

OR

• (on the admin panel) Try to Delete Organisation ->

  Error deleting organization
  Error saving organization

log

vaultwarden   | [2024-05-15 12:34:40.819][request][INFO] POST /admin/organizations/0df42829-4957-41c3-8c5b-b50396ceeb81/delete
vaultwarden    | [2024-05-15 12:34:40.846][error][ERROR] Error saving organization.
vaultwarden    | [CAUSE] DatabaseError(
vaultwarden    |     ForeignKeyViolation,
vaultwarden    |     "Cannot delete or update a parent row: a foreign key constraint fails (`vaultwarden`.`organization_api_key`, CONSTRAINT `organization_api_key_ibfk_1` FOREIGN KEY (`org_uuid`) REFERENCES `organizations` (`uuid`))",
vaultwarden    | )

Expected behaviour

Organization should be deleted

Actual behaviour

All entries linked to organization are deleted as usual but the organization_api_key is not that's why it can't be deleted.

To manually resolve this issue on Mariadb :

DELETE FROM organization_api_key where organization_api_key.org_uuid="<org_uuid>"

Then Organization Delete is possible

[stefan0xC]

Thanks. This is probably also the cause for #4540.

[Misterbabou]

Thanks for your fix ^^.

I have a question regarding events from table event on organization delete.

For now events linked to the organization are not delete on organization delete. Will it be better to also clean events linked to this organization ?

Equivalent to :

DELETE FROM event where event.org_uuid="<org_uuid>"

[BlackDex]

I would rather not delete events during the deletion of an organizations. The main reason is that it could hold useful information on who deleted the organization for example, and if there were some unwanted actions done.

Logs will be delete automatically if the cleanup job is enabled.