From b28b8fce50dc1fb146ac0519d4a0071e5df45bf7 Mon Sep 17 00:00:00 2001 From: Maycon Santos Date: Mon, 1 Jan 2024 19:17:44 +0100 Subject: [PATCH] Remove the user from the cache without refreshing it (#1422) Some IdPs might have eventual consistency for their API calls, and refreshing the cache with its data may return the deleted user as part of the account Introduce a new account manager method, removeUserFromCache, to remove the user from the local cache without refresh --- management/server/account.go | 16 ++++++++++++++++ management/server/user.go | 9 ++++----- 2 files changed, 20 insertions(+), 5 deletions(-) diff --git a/management/server/account.go b/management/server/account.go index f2d5e79d587..aba0a58ace4 100644 --- a/management/server/account.go +++ b/management/server/account.go @@ -1299,6 +1299,22 @@ func (am *DefaultAccountManager) lookupCache(accountUsers map[string]struct{}, a return data, err } +func (am *DefaultAccountManager) removeUserFromCache(accountID, userID string) error { + data, err := am.getAccountFromCache(accountID, false) + if err != nil { + return err + } + + for i, datum := range data { + if datum.ID == userID { + data = append(data[:i], data[i+1:]...) + break + } + } + + return am.cacheManager.Set(am.ctx, accountID, data, cacheStore.WithExpiration(cacheEntryExpiration())) +} + // updateAccountDomainAttributes updates the account domain attributes and then, saves the account func (am *DefaultAccountManager) updateAccountDomainAttributes(account *Account, claims jwtclaims.AuthorizationClaims, primaryDomain bool, diff --git a/management/server/user.go b/management/server/user.go index a84765cb176..028f7a25ba7 100644 --- a/management/server/user.go +++ b/management/server/user.go @@ -1073,11 +1073,10 @@ func (am *DefaultAccountManager) deleteUserFromIDP(targetUserID, accountID strin if err != nil { return fmt.Errorf("failed to remove user %s app metadata in IdP: %s", targetUserID, err) } - - _, err = am.refreshCache(accountID) - if err != nil { - log.Errorf("refresh account (%q) cache: %v", accountID, err) - } + } + err := am.removeUserFromCache(accountID, targetUserID) + if err != nil { + log.Errorf("remove user from account (%q) cache failed with error: %v", accountID, err) } return nil }