[MDL-57193] External DB Auth: Suspends or Deleted Every User Bug - Moodle Tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: 3.0.7, 3.1, 3.1.3
Fix Version/s: 3.0.8, 3.1.4
Component/s: Authentication
Labels:
- ci
- triaged

Affected Branches:
MOODLE_30_STABLE, MOODLE_31_STABLE
Fixed Branches:
MOODLE_30_STABLE, MOODLE_31_STABLE
Pull from Repository:
git://github.com/FMCorz/moodle.git
Pull Master Branch:
~~MDL-57193~~-master-notest
Pull Master Diff URL:
https://github.com/FMCorz/moodle/compare/a0352aa95e...MDL-57193-master-notest
Workaround:

Hide

Add several 0's to line 307 in /auth/db/auth.php in the meantime.

Show
Add several 0's to line 307 in /auth/db/auth.php in the meantime.
Difficulty:
Easy
Testing Instructions:
Hide

Use an external database with over 10,000 users (at the very least 10,010 so when you delete some it's still over 10,000)

for i in `seq 1 15000`; do echo "INSERT INTO yourtablename SET (username, firstname, lastname) VALUES ('user$i','User','$i')='user$i'" | mysql -uDBUSERNAME -pDBPASSWORD yourdatabasename; done

Enable auth/db

Configure the plugin to match you external database configs

Ensure that delete is selected in "User Account Synchronisation".

Run the syncronization via cron or CLI

Remove some of your users in external database

Run the synchronization via cron

See that the missing users have now been removed (flagged with deleted=1 - but the other users are still there deleted=0.

Check your mdl_users table.
Show
Use an external database with over 10,000 users (at the very least 10,010 so when you delete some it's still over 10,000) for i in `seq 1 15000`; do echo "INSERT INTO yourtablename SET (username, firstname, lastname) VALUES ('user$i','User','$i')='user$i'" | mysql -uDBUSERNAME -pDBPASSWORD yourdatabasename; done Enable auth/db Configure the plugin to match you external database configs Ensure that delete is selected in "User Account Synchronisation". Run the syncronization via cron or CLI Remove some of your users in external database Run the synchronization via cron See that the missing users have now been removed (flagged with deleted=1 - but the other users are still there deleted=0 . Check your mdl_users table.

Description

On line 307 in /auth/db/auth.php We chunk the users up into groups of 10,000. Apparently to stop some databases from crashing.

The issue is if you have remove users setup (suspend or delete) it will catch every user if you have more than 10,000 users...

If there are 11,000 users it will get the first 10,000 and say "if the user in moodle isn't in this list add them to the remove user list" - there go the 1,000 users who should be left in the system. Then on the second loop it will grab the last 1,000 users and say "if the users in the db are not in this list remove them" - obviously the 1,000 users in the list got deleted in the previous loop and the ones that were found in the first pass were deleted in the second pass...

For people with this issue the first thing to do immediately is change 10000 on line 307 to a number far higher than the number of users you currently have, until this is fixed.

Attachments

Issue Links

is a regression caused by

MDL-46682 External DB auth: IN sql clause can get too big

Closed

Testing discovered

MDL-57268 Unit test External DB synchronisations with deletion from bigger user sets

Closed

Activity

People

Assignee:: John Okely

Reporter:: Josh Willcock

Peer reviewer:: Frédéric Massart

Integrator:: Eloy Lafuente (stronk7)

Tester:: Dan Poltawski

Participants:: CiBoT, Damyon Wiese, Dan Poltawski, Eloy Lafuente (stronk7), Frédéric Massart, John Okely, Josh Willcock

Component watchers:: David Woloszyn, Huong Nguyen, Jake Dallimore, Meirza, Michael Hawkins, Raquel Ortega, Safat Shahin, Stevani Andolo

Votes:: 1 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 30/Nov/16 2:39 AM

Updated:: 05/Dec/16 7:36 PM

Resolved:: 04/Dec/16 5:38 AM

Fix Release Date:: 9/Jan/17