Invalid link generated by recover_user command

rokiden commented 11 months ago

Invalid link generated by recover_user command

Passbolt Version: 4.4.2
Platform and Target: docker.io/passbolt/passbolt:4.4.2-1-ce -- Operating system: Ubuntu

What you did

run docker instance of passbolt
create 2+ users
run recover_user command in console for each user

What happened

links contains invalid user_id

recover_user command builds invalid SQL query without username filter:

MariaDB General Query Log>
SELECT 
`Users`.`id` AS `Users__id`, 
`Users`.`role_id` AS `Users__role_id`, 
`Users`.`username` AS `Users__username`, 
`Users`.`active` AS `Users__active`, 
`Users`.`deleted` AS `Users__deleted`, 
`Users`.`disabled` AS `Users__disabled`, 
`Users`.`created` AS `Users__created`, 
`Users`.`modified` AS `Users__modified` 
FROM `users` `Users` 
WHERE (`Users`.`deleted` = 0 AND `Users`.`active` = 1 AND ((`Users`.`disabled`) IS NULL OR `Users`.`disabled` > '2023-12-19 09:03:25')) 
ORDER BY `Users`.`created` ASC LIMIT 1

Than creates token for random user returned by this query, instead of --username option specified.

BUG: https://github.com/passbolt/passbolt_api/blob/bc93285dc311c66c6ff30922904437c99e9a5571/src/Command/RecoverUserCommand.php#L69C29-L69C29 it's not filter trait, I think it must be activeNotDeleted(found in traits), tested, works correctly.

pabloelcolombiano commented 11 months ago

Thank you for the hint @rokiden . I could reproduce it, this will be fixed in the coming v4.5.

ishanvyas22 commented 9 months ago

👋🏼 Hey @rokiden, this issue has been fixed and released with v4.5.0. Feel free to try it out and let us know if it persists.

passbolt / passbolt_api