fix: make user creation transactional (#10327)

## About the changes When inserting a user with an invalid role id, the user creation will succeed but there will be no record in the audit log. The API call returns a 400 misleading you to believe the user was not created, but it actually was. This makes the whole user creation transactional, so if something fails, data will be in the right state. ## Testing The e2e test was split in 2 scenarios, one with smtp and another one without. This test was added, and it was failing before adding the transaction, because when fetching the users, the user was there, despite having returned a 400 error in the API call: 80a2e65b6f/src/test/e2e/api/admin/user-admin.e2e.test.ts (L181-L204)
2025-08-04 13:48:56 +02:00 · 2025-07-08 12:17:16 +02:00 · 2025-07-08 12:17:16 +02:00 · 2d83f297a1
commit 2d83f297a1
parent 43a6166673
5 changed files with 622 additions and 486 deletions
--- a/src/lib/features/users/createUserService.ts
+++ b/src/lib/features/users/createUserService.ts
@ -0,0 +1,55 @@
+import { ResetTokenStore } from '../../db/reset-token-store.js';
+import SettingStore from '../../db/setting-store.js';
+import {
+    createAccessService,
+    createEventsService,
+    type Db,
+    EmailService,
+    type IUnleashConfig,
+    ResetTokenService,
+    SessionService,
+    SessionStore,
+    SettingService,
+    UserService,
+} from '../../server-impl.js';
+import { UserStore } from './user-store.js';
+
+export const createUserService = (
+    db: Db,
+    config: IUnleashConfig,
+): UserService => {
+    const userStore = new UserStore(db, config.getLogger);
+    const resetTokenStore = new ResetTokenStore(
+        db,
+        config.eventBus,
+        config.getLogger,
+    );
+    const resetTokenService = new ResetTokenService(
+        { resetTokenStore },
+        config,
+    );
+    const eventService = createEventsService(db, config);
+    const sessionStore = new SessionStore(
+        db,
+        config.eventBus,
+        config.getLogger,
+    );
+    const sessionService = new SessionService({ sessionStore }, config);
+    const settingStore = new SettingStore(db, config.getLogger);
+    const settingService = new SettingService(
+        { settingStore },
+        config,
+        eventService,
+    );
+    const accessService = createAccessService(db, config);
+    const emailService = new EmailService(config);
+
+    return new UserService({ userStore }, config, {
+        accessService,
+        resetTokenService,
+        emailService,
+        eventService,
+        sessionService,
+        settingService,
+    });
+};
--- a/src/lib/routes/admin-api/user-admin.ts
+++ b/src/lib/routes/admin-api/user-admin.ts
@ -63,11 +63,12 @@ import {
    type UserAccessOverviewSchema,
    userAccessOverviewSchema,
 } from '../../openapi/index.js';
+import type { WithTransactional } from '../../server-impl.js';

 export default class UserAdminController extends Controller {
    private flagResolver: IFlagResolver;

-    private userService: UserService;
+    private userService: WithTransactional<UserService>;

    private accountService: AccountService;

@ -600,7 +601,9 @@ export default class UserAdminController extends Controller {
            ? Number(rootRole)
            : (rootRole as RoleName);

-        const createdUser = await this.userService.createUser(
+        const responseData = await this.userService.transactional(
+            async (txUserService) => {
+                const createdUser = await txUserService.createUser(
                    {
                        username,
                        email,
@ -611,14 +614,17 @@ export default class UserAdminController extends Controller {
                    req.audit,
                );

-        const inviteLink = await this.userService.newUserInviteLink(
+                const inviteLink = await txUserService.newUserInviteLink(
                    createdUser,
                    req.audit,
                );

                // send email defaults to true
                const emailSent = (sendEmail !== undefined ? sendEmail : true)
-            ? await this.userService.sendWelcomeEmail(createdUser, inviteLink)
+                    ? await txUserService.sendWelcomeEmail(
+                          createdUser,
+                          inviteLink,
+                      )
                    : false;

                const { isAPI, ...user } = createdUser;
@ -628,6 +634,9 @@ export default class UserAdminController extends Controller {
                    emailSent,
                    rootRole: normalizedRootRole,
                };
+                return responseData;
+            },
+        );

        this.openApiService.respondWithValidation(
            201,
--- a/src/lib/services/index.ts
+++ b/src/lib/services/index.ts
@ -91,8 +91,6 @@ import {
    createDependentFeaturesService,
    createFakeDependentFeaturesService,
 } from '../features/dependent-features/createDependentFeaturesService.js';
-import { DependentFeaturesReadModel } from '../features/dependent-features/dependent-features-read-model.js';
-import { FakeDependentFeaturesReadModel } from '../features/dependent-features/fake-dependent-features-read-model.js';
 import {
    createFakeLastSeenService,
    createLastSeenService,
@ -171,6 +169,7 @@ import type {
 import type { IPrivateProjectChecker } from '../features/private-project/privateProjectCheckerType.js';
 import { UnknownFlagsService } from '../features/metrics/unknown-flags/unknown-flags-service.js';
 import type FeatureLinkService from '../features/feature-links/feature-link-service.js';
+import { createUserService } from '../features/users/createUserService.js';

 export const createServices = (
    stores: IUnleashStores,
@ -215,9 +214,6 @@ export const createServices = (
        unknownFlagsService,
    );

-    const dependentFeaturesReadModel = db
-        ? new DependentFeaturesReadModel(db)
-        : new FakeDependentFeaturesReadModel();
    const featureLifecycleReadModel = db
        ? new FeatureLifecycleReadModel(db)
        : new FakeFeatureLifecycleReadModel();
@ -252,14 +248,18 @@ export const createServices = (
    );
    const sessionService = new SessionService(stores, config);
    const settingService = new SettingService(stores, config, eventService);
-    const userService = new UserService(stores, config, {
+    const userService = db
+        ? withTransactional((db) => createUserService(db, config), db)
+        : withFakeTransactional(
+              new UserService(stores, config, {
                  accessService,
                  resetTokenService,
                  emailService,
                  eventService,
                  sessionService,
                  settingService,
-    });
+              }),
+          );
    const accountService = new AccountService(stores, config, {
        accessService,
    });
@ -607,7 +607,7 @@ export interface IUnleashServices {
    tagTypeService: TagTypeService;
    transactionalTagTypeService: WithTransactional<TagTypeService>;
    userFeedbackService: UserFeedbackService;
-    userService: UserService;
+    userService: WithTransactional<UserService>;
    versionService: VersionService;
    userSplashService: UserSplashService;
    segmentService: ISegmentService;
--- a/src/lib/services/user-service.ts
+++ b/src/lib/services/user-service.ts
@ -78,7 +78,7 @@ export interface ILoginUserRequest {
 const saltRounds = 10;
 const disallowNPreviousPasswords = 5;

-class UserService {
+export class UserService {
    private logger: Logger;

    private store: IUserStore;
@ -404,7 +404,7 @@ class UserService {

    async deleteScimUsers(auditUser: IAuditUser): Promise<void> {
        const users = await this.store.deleteScimUsers();
-        // Note: after deletion we can't get the role for the user
+        // Note: after deletion we can't get the role for the user. This is a simplification
        const viewerRole = await this.accessService.getPredefinedRole(
            RoleName.VIEWER,
        );
--- a/src/test/e2e/api/admin/user-admin.e2e.test.ts
+++ b/src/test/e2e/api/admin/user-admin.e2e.test.ts
@ -19,7 +19,6 @@ import { omitKeys } from '../../../../lib/util/omit-keys.js';
 import type { ISessionStore } from '../../../../lib/types/stores/session-store.js';
 import type { IUnleashStores } from '../../../../lib/types/index.js';
 import { createHash } from 'crypto';
-import { vi } from 'vitest';

 let stores: IUnleashStores;
 let db: ITestDb;
@ -32,18 +31,84 @@ let sessionStore: ISessionStore;
 let editorRole: IRole;
 let adminRole: IRole;

+describe('User Admin API with email configuration', () => {
    beforeAll(async () => {
        db = await dbInit('user_admin_api_serial', getLogger);
-    stores = db.stores;
-    app = await setupAppWithCustomConfig(stores, {
+        app = await setupAppWithCustomConfig(
+            db.stores,
+            {
+                email: {
+                    host: 'smtp.ethereal.email',
+                    smtpuser: 'rafaela.pouros@ethereal.email',
+                    smtppass: 'CuVPBSvUFBPuqXMFEe',
+                },
                experimental: {
                    flags: {
                        strictSchemaValidation: true,
                        showUserDeviceCount: true,
                    },
                },
+            },
+            db.rawDatabase,
+        );
+        const roles = await db.stores.roleStore.getRootRoles();
+        editorRole = roles.find((r) => r.name === RoleName.EDITOR)!!;
    });

+    afterAll(async () => {
+        await app.destroy();
+        await db.destroy();
+    });
+    test('Creates a user but does not send email if sendEmail is set to false', async () => {
+        await app.request
+            .post('/api/admin/user-admin')
+            .send({
+                email: 'some@getunelash.ai',
+                name: 'Some Name',
+                rootRole: editorRole.id,
+                sendEmail: false,
+            })
+            .set('Content-Type', 'application/json')
+            .expect(201)
+            .expect((res) => {
+                expect(res.body.emailSent).toBeFalsy();
+            });
+
+        await app.request
+            .post('/api/admin/user-admin')
+            .send({
+                email: 'some2@getunelash.ai',
+                name: 'Some2 Name',
+                rootRole: editorRole.id,
+            })
+            .set('Content-Type', 'application/json')
+            .expect(201)
+            .expect((res) => {
+                expect(res.body.emailSent).toBeTruthy();
+            });
+    });
+});
+
+describe('User Admin API without email', () => {
+    beforeAll(async () => {
+        db = await dbInit('user_admin_api_serial', getLogger);
+        stores = db.stores;
+        app = await setupAppWithCustomConfig(
+            stores,
+            {
+                experimental: {
+                    flags: {
+                        strictSchemaValidation: true,
+                        showUserDeviceCount: true,
+                    },
+                },
+                rateLimiting: {
+                    createUserMaxPerMinute: 100,
+                },
+            },
+            db.rawDatabase,
+        );
+
        userStore = stores.userStore;
        eventStore = stores.eventStore;
        roleStore = stores.roleStore;
@ -113,6 +178,31 @@ test('creates editor-user without password', async () => {
            });
    });

+    test('When invalid role is provided the user is not created', async () => {
+        const invalidRoleId = 0;
+        await app.request
+            .post('/api/admin/user-admin')
+            .send({
+                email: 'should-not-exist@getunleash.ai',
+                name: 'I am the invisible man',
+                rootRole: invalidRoleId,
+            })
+            .set('Content-Type', 'application/json')
+            .expect(400);
+
+        return app.request
+            .get('/api/admin/user-admin')
+            .expect('Content-Type', /json/)
+            .expect(200)
+            .expect((res) => {
+                expect(res.body.users).not.toContainEqual(
+                    expect.objectContaining({
+                        email: 'should-not-exist@getunleash.ai',
+                    }),
+                );
+            });
+    });
+
    test('creates admin-user with password', async () => {
        const { body } = await app.request
            .post('/api/admin/user-admin')
@ -191,7 +281,10 @@ test('update user name', async () => {
    test('should not require any fields on update', async () => {
        const { body: created } = await app.request
            .post('/api/admin/user-admin')
-        .send({ email: `${randomId()}@example.com`, rootRole: editorRole.id })
+            .send({
+                email: `${randomId()}@example.com`,
+                rootRole: editorRole.id,
+            })
            .set('Content-Type', 'application/json')
            .expect(201);

@ -228,7 +321,9 @@ test('get a single user', async () => {
    test('should delete user', async () => {
        const user = await userStore.insert({ email: 'some@mail.com' });

-    await app.request.delete(`/api/admin/user-admin/${user.id}`).expect(200);
+        await app.request
+            .delete(`/api/admin/user-admin/${user.id}`)
+            .expect(200);
        await app.request.get(`/api/admin/user-admin/${user.id}`).expect(404);
    });

@ -248,12 +343,17 @@ test('validator should accept strong password', async () => {

    test('should change password', async () => {
        const user = await userStore.insert({ email: 'some@mail.com' });
-    const spy = vi.spyOn(sessionStore, 'deleteSessionsForUser');
+        await sessionStore.insertSession({
+            sid: '1',
+            sess: { user: { id: user.id } },
+        });
+        expect(await sessionStore.getSessionsForUser(user.id)).toHaveLength(1);
+
        await app.request
            .post(`/api/admin/user-admin/${user.id}/change-password`)
            .send({ password: 'simple123-_ASsad' })
            .expect(200);
-    expect(spy).toHaveBeenCalled();
+        expect(await sessionStore.getSessionsForUser(user.id)).toHaveLength(0);
    });

    test('should search for users', async () => {
@ -266,9 +366,9 @@ test('should search for users', async () => {
            .expect(200)
            .expect((res) => {
                expect(res.body.length).toBe(2);
-            expect(res.body.some((u) => u.email === 'another@mail.com')).toBe(
-                true,
-            );
+                expect(
+                    res.body.some((u) => u.email === 'another@mail.com'),
+                ).toBe(true);
            });
    });

@ -291,44 +391,6 @@ test('Creates a user and includes inviteLink and emailConfigured', async () => {
            });
    });

-test('Creates a user but does not send email if sendEmail is set to false', async () => {
-    const myAppConfig = await setupAppWithCustomConfig(stores, {
-        email: {
-            host: 'smtp.ethereal.email',
-            smtpuser: 'rafaela.pouros@ethereal.email',
-            smtppass: 'CuVPBSvUFBPuqXMFEe',
-        },
-    });
-
-    await myAppConfig.request
-        .post('/api/admin/user-admin')
-        .send({
-            email: 'some@getunelash.ai',
-            name: 'Some Name',
-            rootRole: editorRole.id,
-            sendEmail: false,
-        })
-        .set('Content-Type', 'application/json')
-        .expect(201)
-        .expect((res) => {
-            expect(res.body.emailSent).toBeFalsy();
-        });
-    await myAppConfig.request
-        .post('/api/admin/user-admin')
-        .send({
-            email: 'some2@getunelash.ai',
-            name: 'Some2 Name',
-            rootRole: editorRole.id,
-        })
-        .set('Content-Type', 'application/json')
-        .expect(201)
-        .expect((res) => {
-            expect(res.body.emailSent).toBeTruthy();
-        });
-
-    await myAppConfig.destroy();
-});
-
    test('generates USER_CREATED event', async () => {
        const email = 'some@getunelash.ai';
        const name = 'Some Name';
@ -355,7 +417,9 @@ test('generates USER_CREATED event', async () => {

    test('generates USER_DELETED event', async () => {
        const user = await userStore.insert({ email: 'some@mail.com' });
-    await app.request.delete(`/api/admin/user-admin/${user.id}`).expect(200);
+        await app.request
+            .delete(`/api/admin/user-admin/${user.id}`)
+            .expect(200);

        const events = await eventStore.getEvents();
        expect(events[0].type).toBe(USER_DELETED);
@ -417,7 +481,8 @@ test('creates user with email sha256 hash', async () => {
                name: `Some Name Hash`,
                rootRole: editorRole.id,
            })
-        .set('Content-Type', 'application/json');
+            .set('Content-Type', 'application/json')
+            .expect(201);

        const user = await db
            .rawDatabase('users')
@ -448,7 +513,9 @@ test('should return number of sessions per user', async () => {
            sess: { user: { id: user2.id } },
        });

-    const response = await app.request.get(`/api/admin/user-admin`).expect(200);
+        const response = await app.request
+            .get(`/api/admin/user-admin`)
+            .expect(200);

        expect(response.body).toMatchObject({
            users: expect.arrayContaining([
@ -483,8 +550,12 @@ test('should only delete scim users', async () => {
                .returning('id')
        )[0].id;

-    await app.request.delete('/api/admin/user-admin/scim-users').expect(200);
-    const response = await app.request.get(`/api/admin/user-admin`).expect(200);
+        await app.request
+            .delete('/api/admin/user-admin/scim-users')
+            .expect(200);
+        const response = await app.request
+            .get(`/api/admin/user-admin`)
+            .expect(200);
        const users = response.body.users;

        expect(users.length).toBe(2);
@ -492,3 +563,4 @@ test('should only delete scim users', async () => {
            true,
        );
    });
+});