release: 0.35.3

Co-authored-by: Elias Schneider <login@eliasschneider.com>

.version

@@ -1 +1 @@
-0.35.1
+0.35.3

CHANGELOG.md

@@ -1,3 +1,19 @@
+## [](https://github.com/pocket-id/pocket-id/compare/v0.35.2...v) (2025-02-25)
+
+
+### Bug Fixes
+
+* add option to manually select SMTP TLS method ([#268](https://github.com/pocket-id/pocket-id/issues/268)) ([01a9de0](https://github.com/pocket-id/pocket-id/commit/01a9de0b04512c62d0f223de33d711f93c49b9cc))
+* **ldap:** sync error if LDAP user collides with an existing user ([fde951b](https://github.com/pocket-id/pocket-id/commit/fde951b543281fedf9f602abae26b50881e3d157))
+
+## [](https://github.com/pocket-id/pocket-id/compare/v0.35.1...v) (2025-02-24)
+
+
+### Bug Fixes
+
+* delete profile picture if user gets deleted ([9a167d4](https://github.com/pocket-id/pocket-id/commit/9a167d4076872e5e3e5d78d2a66ef7203ca5261b))
+* updating profile picture of other user updates own profile picture ([887c5e4](https://github.com/pocket-id/pocket-id/commit/887c5e462a50c8fb579ca6804f1a643d8af78fe8))
+
 ## [](https://github.com/pocket-id/pocket-id/compare/v0.35.0...v) (2025-02-22)
 
 

backend/internal/controller/user_controller.go

@@ -172,7 +172,7 @@ func (uc *UserController) getCurrentUserProfilePictureHandler(c *gin.Context) {
 }
 
 func (uc *UserController) updateUserProfilePictureHandler(c *gin.Context) {
-	userID := c.GetString("userID")
+	userID := c.Param("id")
 	fileHeader, err := c.FormFile("file")
 	if err != nil {
 		c.Error(err)

backend/internal/dto/app_config_dto.go

@@ -21,7 +21,7 @@ type AppConfigUpdateDto struct {
 	SmtpFrom                           string `json:"smtpFrom" binding:"omitempty,email"`
 	SmtpUser                           string `json:"smtpUser"`
 	SmtpPassword                       string `json:"smtpPassword"`
-	SmtpTls                            string `json:"smtpTls"`
+	SmtpTls                            string `json:"smtpTls" binding:"required,oneof=none starttls tls"`
 	SmtpSkipCertVerify                 string `json:"smtpSkipCertVerify"`
 	LdapEnabled                        string `json:"ldapEnabled" binding:"required"`
 	LdapUrl                            string `json:"ldapUrl"`

backend/internal/service/app_config_service.go

@@ -27,6 +27,7 @@ func NewAppConfigService(db *gorm.DB) *AppConfigService {
 	if err := service.InitDbConfig(); err != nil {
 		log.Fatalf("Failed to initialize app config service: %v", err)
 	}
+
 	return service
 }
 
@@ -96,8 +97,8 @@ var defaultDbConfig = model.AppConfig{
 	},
 	SmtpTls: model.AppConfigVariable{
 		Key:          "smtpTls",
-		Type:         "bool",
-		DefaultValue: "true",
+		Type:         "string",
+		DefaultValue: "none",
 	},
 	SmtpSkipCertVerify: model.AppConfigVariable{
 		Key:          "smtpSkipCertVerify",

backend/internal/service/email_service.go

@@ -115,18 +115,22 @@ func (srv *EmailService) getSmtpClient() (client *smtp.Client, err error) {
 	}
 
 	// Connect to the SMTP server
-	if srv.appConfigService.DbConfig.SmtpTls.Value == "false" {
+	// Connect to the SMTP server based on TLS setting
+	switch srv.appConfigService.DbConfig.SmtpTls.Value {
+	case "none":
 		client, err = srv.connectToSmtpServer(smtpAddress)
-	} else if port == "465" {
+	case "tls":
 		client, err = srv.connectToSmtpServerUsingImplicitTLS(
 			smtpAddress,
 			tlsConfig,
 		)
-	} else {
+	case "starttls":
 		client, err = srv.connectToSmtpServerUsingStartTLS(
 			smtpAddress,
 			tlsConfig,
 		)
+	default:
+		return nil, fmt.Errorf("invalid SMTP TLS setting: %s", srv.appConfigService.DbConfig.SmtpTls.Value)
 	}
 	if err != nil {
 		return nil, fmt.Errorf("failed to connect to SMTP server: %w", err)

backend/internal/service/ldap_service.go

@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"crypto/tls"
 	"encoding/base64"
+	"errors"
 	"fmt"
 	"io"
 	"log"
@@ -94,7 +95,6 @@ func (s *LdapService) SyncGroups() error {
 	ldapGroupIDs := make(map[string]bool)
 
 	for _, value := range result.Entries {
-		var usersToAddDto dto.UserGroupUpdateUsersDto
 		var membersUserId []string
 
 		ldapId := value.GetAttributeValue(uniqueIdentifierAttribute)
@@ -112,7 +112,16 @@ func (s *LdapService) SyncGroups() error {
 			singleMember := strings.Split(strings.Split(member, "=")[1], ",")[0]
 
 			var databaseUser model.User
-			s.db.Where("username = ?", singleMember).Where("ldap_id IS NOT NULL").First(&databaseUser)
+			err := s.db.Where("username = ? AND ldap_id IS NOT NULL", singleMember).First(&databaseUser).Error
+			if err != nil {
+				if errors.Is(err, gorm.ErrRecordNotFound) {
+					// The user collides with a non-LDAP user, so we skip it
+					continue
+				} else {
+					return err
+				}
+
+			}
 
 			membersUserId = append(membersUserId, databaseUser.ID)
 		}
@@ -123,7 +132,7 @@ func (s *LdapService) SyncGroups() error {
 			LdapID:       value.GetAttributeValue(uniqueIdentifierAttribute),
 		}
 
-		usersToAddDto = dto.UserGroupUpdateUsersDto{
+		usersToAddDto := dto.UserGroupUpdateUsersDto{
 			UserIDs: membersUserId,
 		}
 
@@ -263,7 +272,7 @@ func (s *LdapService) SyncUsers() error {
 	// Delete users that no longer exist in LDAP
 	for _, user := range ldapUsersInDb {
 		if _, exists := ldapUserIDs[*user.LdapID]; !exists {
-			if err := s.db.Delete(&model.User{}, "ldap_id = ?", user.LdapID).Error; err != nil {
+			if err := s.userService.DeleteUser(user.ID); err != nil {
 				log.Printf("Failed to delete user %s with: %v", user.Username, err)
 			} else {
 				log.Printf("Deleted user %s", user.Username)

backend/internal/service/user_service.go

@@ -128,6 +128,12 @@ func (s *UserService) DeleteUser(userID string) error {
 		return &common.LdapUserUpdateError{}
 	}
 
+	// Delete the profile picture
+	profilePicturePath := fmt.Sprintf("%s/profile-pictures/%s.png", common.EnvConfig.UploadPath, userID)
+	if err := os.Remove(profilePicturePath); err != nil && !os.IsNotExist(err) {
+		return err
+	}
+
 	return s.db.Delete(&user).Error
 }
 

backend/resources/migrations/postgres/20250225182112_manual_smtp_tls_selection.down.sql

@@ -0,0 +1 @@
+UPDATE app_config_variables SET value = 'true' WHERE key = 'smtpTls';

backend/resources/migrations/postgres/20250225182112_manual_smtp_tls_selection.up.sql

@@ -0,0 +1,7 @@
+UPDATE app_config_variables AS target
+SET value = CASE
+    WHEN target.value = 'true' AND (SELECT value FROM app_config_variables WHERE key = 'smtpPort' LIMIT 1) = '587' THEN 'starttls'
+    WHEN target.value = 'true' THEN 'tls'
+    ELSE 'none'
+END
+    WHERE target.key = 'smtpTls';

backend/resources/migrations/sqlite/20250225182112_manual_smtp_tls_selection.down.sql

@@ -0,0 +1 @@
+UPDATE app_config_variables SET value = 'true' WHERE key = 'smtpTls';

backend/resources/migrations/sqlite/20250225182112_manual_smtp_tls_selection.up.sql

@@ -0,0 +1,7 @@
+UPDATE app_config_variables
+SET value = CASE
+                WHEN value = 'true' AND (SELECT value FROM app_config_variables WHERE key = 'smtpPort' LIMIT 1) = '587' THEN 'starttls'
+                WHEN value = 'true' THEN 'tls'
+                ELSE 'none'
+    END
+WHERE key = 'smtpTls';

frontend/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "pocket-id-frontend",
-  "version": "0.30.0",
+  "version": "0.35.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "pocket-id-frontend",
-      "version": "0.30.0",
+      "version": "0.35.2",
       "dependencies": {
         "@simplewebauthn/browser": "^13.1.0",
         "@tailwindcss/vite": "^4.0.0",

frontend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pocket-id-frontend",
-  "version": "0.35.1",
+  "version": "0.35.3",
   "private": true,
   "type": "module",
   "scripts": {

frontend/src/lib/types/application-configuration.ts

@@ -15,7 +15,7 @@ export type AllAppConfig = AppConfig & {
 	smtpFrom: string;
 	smtpUser: string;
 	smtpPassword: string;
-	smtpTls: boolean;
+	smtpTls: 'none' | 'starttls' | 'tls';
 	smtpSkipCertVerify: boolean;
 	emailLoginNotificationEnabled: boolean;
 	// LDAP

frontend/src/routes/settings/admin/application-configuration/forms/app-config-email-form.svelte

@@ -1,9 +1,11 @@
 <script lang="ts">
 	import { env } from '$env/dynamic/public';
-	import CheckboxWithLabel from '$lib/components/form/checkbox-with-label.svelte';
 	import { openConfirmDialog } from '$lib/components/confirm-dialog';
+	import CheckboxWithLabel from '$lib/components/form/checkbox-with-label.svelte';
 	import FormInput from '$lib/components/form/form-input.svelte';
 	import { Button } from '$lib/components/ui/button';
+	import Label from '$lib/components/ui/label/label.svelte';
+	import * as Select from '$lib/components/ui/select';
 	import AppConfigService from '$lib/services/app-config-service';
 	import type { AllAppConfig } from '$lib/types/application-configuration';
 	import { createForm } from '$lib/utils/form-util';
@@ -20,6 +22,11 @@
 
 	const appConfigService = new AppConfigService();
 	const uiConfigDisabled = env.PUBLIC_UI_CONFIG_DISABLED === 'true';
+	const tlsOptions = {
+		none: 'None',
+		starttls: 'StartTLS',
+		tls: 'TLS'
+	};
 
 	let isSendingTestEmail = $state(false);
 
@@ -29,7 +36,7 @@
 		smtpUser: z.string(),
 		smtpPassword: z.string(),
 		smtpFrom: z.string().email(),
-		smtpTls: z.boolean(),
+		smtpTls: z.enum(['none', 'starttls', 'tls']),
 		smtpSkipCertVerify: z.boolean(),
 		emailOneTimeAccessEnabled: z.boolean(),
 		emailLoginNotificationEnabled: z.boolean()
@@ -96,12 +103,22 @@
 			<FormInput label="SMTP User" bind:input={$inputs.smtpUser} />
 			<FormInput label="SMTP Password" type="password" bind:input={$inputs.smtpPassword} />
 			<FormInput label="SMTP From" bind:input={$inputs.smtpFrom} />
-			<CheckboxWithLabel
-				id="tls"
-				label="TLS"
-				description="Enable TLS for the SMTP connection."
-				bind:checked={$inputs.smtpTls.value}
-			/>
+			<div class="grid gap-2">
+				<Label class="mb-0" for="smtp-tls">SMTP TLS Option</Label>
+				<Select.Root
+					selected={{ value: $inputs.smtpTls.value, label: tlsOptions[$inputs.smtpTls.value] }}
+					onSelectedChange={(v) => ($inputs.smtpTls.value = v!.value)}
+				>
+					<Select.Trigger>
+						<Select.Value placeholder="Email TLS Option" />
+					</Select.Trigger>
+					<Select.Content>
+						<Select.Item value="none" label="None" />
+						<Select.Item value="starttls" label="StartTLS" />
+						<Select.Item value="tls" label="TLS" />
+					</Select.Content>
+				</Select.Root>
+			</div>
 			<CheckboxWithLabel
 				id="skip-cert-verify"
 				label="Skip Certificate Verification"