Skip to content

🐛: Cannot remove built-in "admin" role from user once it was assigend #1467

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
1 task done
CC3301 opened this issue May 4, 2025 · 0 comments
Open
1 task done

🐛: Cannot remove built-in "admin" role from user once it was assigend #1467

CC3301 opened this issue May 4, 2025 · 0 comments
Labels
bug Something isn't working

Comments

@CC3301
Copy link

CC3301 commented May 4, 2025
edited
Loading

What happened?

I am using a PostgreSQL Directory.
Whenever i assign the built-in Administrator Role to a user, i am never able to remove it again. This also happens with freshly created users.

When removing the role from the account's permissions tab, it is not actually removed. After clicking "Save Changes" and again navigating to the account's permissions tab, the role is still assigned to the account.

The Log-Output does not change in between these "role-removal" attempts.

How can we reproduce the problem?

I can reproduce the problem by doing the following steps:

  • stalwart-mail binary: 0.11.8 sha256:51f68c5ef134efece10b0bab95b1a8976a330df067995f8c6e7687873d6f9337
  • postgres (PostgreSQL) 16.8 (Debian 16.8-1.pgdg120+1)
  • Linux 6.1.0-32-amd64 # 1 SMP PREEMPT_DYNAMIC Debian 6.1.129-1 (2025-03-06) x86_64 GNU/Linux

Store / Directory Config:

directory.internal.store = "postgres-local"
directory.internal.type = "internal"

store.postgres-local.compression = "lz4"
store.postgres-local.database = "stalwart"
store.postgres-local.host = "127.0.0.1"
store.postgres-local.password = "<REDACTED>"
store.postgres-local.pool.max-connections = 10
store.postgres-local.port = 5432
store.postgres-local.purge.frequency = "0 3 *"
store.postgres-local.query.domains = "SELECT 1 FROM emails WHERE address LIKE '%@' || $1 LIMIT 1"
store.postgres-local.query.emails = "SELECT address FROM emails WHERE name = $1 AND type != 'list' ORDER BY type DESC, address ASC"
store.postgres-local.query.expand = "SELECT p.address FROM emails AS p JOIN emails AS l ON p.name = l.name WHERE p.type = 'primary' AND l.address = $1 AND l.type = 'list' ORDER BY p.address LIMIT 50"
store.postgres-local.query.members = "SELECT member_of FROM group_members WHERE name = $1"
store.postgres-local.query.name = "SELECT name, type, secret, description, quota FROM accounts WHERE name = $1 AND active = true"
store.postgres-local.query.recipients = "SELECT name FROM emails WHERE address = $1 ORDER BY name ASC"
store.postgres-local.query.verify = "SELECT address FROM emails WHERE address LIKE '%' || $1 || '%' AND type = 'primary' ORDER BY address LIMIT 5"
store.postgres-local.timeout = "15s"
store.postgres-local.tls.allow-invalid-certs = false
store.postgres-local.tls.enable = false
store.postgres-local.type = "postgresql"
store.postgres-local.user = "stalwart"

Version

v0.11.x

What database are you using?

PostgreSQL

What blob storage are you using?

PostgreSQL

Where is your directory located?

Internal

What operating system are you using?

Linux

Relevant log output

2025-05-04T22:53:41Z TRACE HTTP request body (http.request-body) listenerId = "https", localPort = 443, remoteIp = <REDACTED>, remotePort = 46960, contents = "", size = 0
2025-05-04T22:53:41Z TRACE Data store iteration operation (store.data-iterate) elapsed = 0ms
2025-05-04T22:53:41Z TRACE Data store iteration operation (store.data-iterate) elapsed = 0ms
2025-05-04T22:53:41Z TRACE Data store iteration operation (store.data-iterate) elapsed = 0ms
2025-05-04T22:53:41Z TRACE Data store iteration operation (store.data-iterate) elapsed = 0ms
2025-05-04T22:53:41Z TRACE Data store iteration operation (store.data-iterate) elapsed = 0ms
2025-05-04T22:53:41Z TRACE Data store iteration operation (store.data-iterate) elapsed = 0ms
2025-05-04T22:53:41Z TRACE HTTP response body (http.response-body) listenerId = "https", localPort = 443, remoteIp = <REDACTED>, remotePort = 46960, contents = "{"data":{"items":[{"id":66,"type":"individual","description":"Administrator","name":"admin","secrets":["otpauth:<REDACTED>","<REDACTED>"],"quota":0,"roles":["user","admin"]},{"id":3,"type":"individual","quota":0,"secrets":"<REDACTED>","emails":"<REDACTED>","roles":["user"],"description":"<REDACTED>","usedQuota":1687929,"name":"<REDACTED>"},{"id":2,"type":"individual","quota":524288000,"description":"<REDACTED>","memberOf":["<REDACTED>"],"usedQuota":44227297,"roles":["user","admin"],"secrets":"<REDACTED>","name":"<REDACTED>","emails":["<REDACTED>","<REDACTED>"]},{"id":8,"type":"individual","emails":["<REDACTED>","<REDACTED>","<REDACTED>"],"description":"<REDACTED>","name":"<REDACTED>","quota":0,"secrets":"<REDACTED>","roles":["user","admin"],"usedQuota":2676041},{"id":16,"type":"individual","name":"<REDACTED>","quota":0,"emails":"<REDACTED>","roles":["user","admin"]}],"total":5}}", code = 200, size = 1395

Code of Conduct

  • I agree to follow this project's Code of Conduct
@CC3301 CC3301 added the bug Something isn't working label May 4, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@CC3301