Fixes #635 - Unique constraint violation when using U2F tokens on PostgreSQL

Because of differences in how .on_conflict() works compared to .replace_into() the PostgreSQL backend wasn't correctly ensuring the unique constraint on user_uuid and atype wasn't getting violated. This change simply issues a DELETE on the unique constraint prior to the insert to ensure uniqueness. PostgreSQL does not support multiple constraints in ON CONFLICT clauses.
5 years ago · 76743aee48
parent 9ebca99290
commit 76743aee48
1 changed files with 10 additions and 0 deletions
--- a/src/db/models/two_factor.rs
+++ b/src/db/models/two_factor.rs
@ -73,6 +73,16 @@ impl TwoFactor {
 impl TwoFactor {
    #[cfg(feature = "postgresql")]
    pub fn save(&self, conn: &DbConn) -> EmptyResult {
+        // We need to make sure we're not going to violate the unique constraint on user_uuid and atype.
+        // This happens automatically on other DBMS backends due to replace_into(). PostgreSQL does
+        // not support multiple constraints on ON CONFLICT clauses.
+        let result: EmptyResult = diesel::delete(twofactor::table.filter(twofactor::user_uuid.eq(&self.user_uuid)).filter(twofactor::atype.eq(&self.atype)))
+            .execute(&**conn)
+            .map_res("Error deleting twofactor for insert");
+        if result.is_err() {
+            return result;
+        }
+
        diesel::insert_into(twofactor::table)
            .values(self)
            .on_conflict(twofactor::uuid)