db: scope DestroyUser to only delete the target user's pre-auth keys

DestroyUser called ListPreAuthKeys(tx) which returns ALL pre-auth keys across all users, then deleted every one of them. This caused deleting any single user to wipe out pre-auth keys for every other user. Extract a ListPreAuthKeysByUser function (consistent with the existing ListNodesByUser pattern) and use it in DestroyUser to scope key deletion to the user being destroyed. Add unit test (table-driven in TestDestroyUserErrors) and integration test to prevent regression. Fixes #3154 Co-authored-by: Kristoffer Dalby <kristoffer@dalby.cc>
2026-04-24 09:38:45 +02:00 · 2026-03-27 13:12:20 +00:00
parent 6ae182696f
commit 7c756b8201
4 changed files with 61 additions and 1 deletions
--- a/hscontrol/db/users.go
+++ b/hscontrol/db/users.go
@@ -65,7 +65,7 @@ func DestroyUser(tx *gorm.DB, uid types.UserID) error {
 		return ErrUserStillHasNodes
 	}

-	keys, err := ListPreAuthKeys(tx)
+	keys, err := ListPreAuthKeysByUser(tx, uid)
 	if err != nil {
 		return err
 	}