starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-12-11 01:10:09 +03:00
Code Issues 429 Packages Projects Releases 10 Wiki Activity

Inconsistent User State Prevents Removal/Reset #622

New Issue
Closed
opened 2025-10-09 16:42:00 +03:00 by OVERLORD · 12 comments
OVERLORD commented 2025-10-09 16:42:00 +03:00
Owner
Copy Link

Originally created by @sempervictus on GitHub.

Subject of the issue

Deployment environment

  • vaultwarden version: 1.30.1

  • Install method: Arch OS package

  • Clients used:

  • Reverse proxy and version:

  • MySQL/MariaDB or PostgreSQL version:

  • Other relevant details:
    I have a user who's master password is not working and needs to be deleted. Attempting to delete them shows they are the owner of an org to which they do not actually have any access (i am also the owner of that org), verified in the main webui; this false ownership status prevents the user from being deleted so their account can be reset (if it even needs to be given the apparent corruption).

Originally created by @sempervictus on GitHub. <!-- # ### NOTE: Please update to the latest version of vaultwarden before reporting an issue! This saves you and us a lot of time and troubleshooting. See: * https://github.com/dani-garcia/vaultwarden/issues/1180 * https://github.com/dani-garcia/vaultwarden/wiki/Updating-the-vaultwarden-image # ### --> <!-- Please fill out the following template to make solving your problem easier and faster for us. This is only a guideline. If you think that parts are unnecessary for your issue, feel free to remove them. Remember to hide/redact personal or confidential information, such as passwords, IP addresses, and DNS names as appropriate. --> ### Subject of the issue <!-- Describe your issue here. --> ### Deployment environment <!-- ========================================================================================= Preferably, use the `Generate Support String` button on the admin page's Diagnostics tab. That will auto-generate most of the info requested in this section. ========================================================================================= --> <!-- The version number, obtained from the logs (at startup) or the admin diagnostics page --> <!-- This is NOT the version number shown on the web vault, which is versioned separately from vaultwarden --> <!-- Remember to check if your issue exists on the latest version first! --> * vaultwarden version: 1.30.1 <!-- How the server was installed: Docker image, OS package, built from source, etc. --> * Install method: Arch OS package * Clients used: <!-- web vault, desktop, Android, iOS, etc. (if applicable) --> * Reverse proxy and version: <!-- if applicable --> * MySQL/MariaDB or PostgreSQL version: <!-- if applicable --> * Other relevant details: I have a user who's master password is not working and needs to be deleted. Attempting to delete them shows they are the owner of an org to which they do not actually have any access (i am also the owner of that org), verified in the main webui; this false ownership status prevents the user from being deleted so their account can be reset (if it even needs to be given the apparent corruption).
OVERLORD commented 2025-10-09 16:42:04 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub:

That shows that the user 763ad395-42cd-4e7e-8173-bd1bfc4a8b44 has owner access to organization 6cc922d9-7303-40a3-ae34-daafaf2f6e9f. So that seems to validate the claim during the deletion process.

If you filter the database for only that org_uuid, are there any other users in there?

@BlackDex commented on GitHub: That shows that the user `763ad395-42cd-4e7e-8173-bd1bfc4a8b44` has owner access to organization `6cc922d9-7303-40a3-ae34-daafaf2f6e9f`. So that seems to validate the claim during the deletion process. If you filter the database for only that `org_uuid`, are there any other users in there?
OVERLORD commented 2025-10-09 16:42:05 +03:00
Author
Owner
Copy Link

@sempervictus commented on GitHub:

Sorry, to clarify:

  1. In the "normal" web UI, the user is a member of org A and not at all part of org B.
  2. In the admin web UI, the user is a member or org A and an admin of org B (other admins exist) <-- data corruption/logic error indicator 1
  3. In the admin web UI, attempting to the delete the user which seems to have some level of ownership results in an error stating they are the last admin or org B (when they are not even a member). <-- data corruption/logic error indicator 2
  4. In the database, they appear in the users_organizations table for org b as:
uuid                                  user_uuid                             org_uuid                              access_all  akey                                                          status  atype  reset_password_key  external_id
------------------------------------  ------------------------------------  ------------------------------------  ----------  ------------------------------------------------------------  ------  -----  ------------------  -----------
42e4d005-2fd6-48ba-921b-c71cde0b7091  763ad395-42cd-4e7e-8173-bd1bfc4a8b44  6cc922d9-7303-40a3-ae34-daafaf2f6e9f  1           4.bCNCOnH7yTSgFR6h97eM3eFDoGX08nk7Vm+EvBroL9hYSqtXx7sIEFtjE1  2       0
@sempervictus commented on GitHub: Sorry, to clarify: 1. In the "normal" web UI, the user is a member of org A and not at all part of org B. 2. In the admin web UI, the user is a member or org A and an admin of org B (other admins exist) <-- data corruption/logic error indicator 1 3. In the admin web UI, attempting to the delete the user which seems to have some level of ownership results in an error stating they are the last admin or org B (when they are not even a member). <-- data corruption/logic error indicator 2 4. In the database, they appear in the `users_organizations` table for org b as: ```sql uuid user_uuid org_uuid access_all akey status atype reset_password_key external_id ------------------------------------ ------------------------------------ ------------------------------------ ---------- ------------------------------------------------------------ ------ ----- ------------------ ----------- 42e4d005-2fd6-48ba-921b-c71cde0b7091 763ad395-42cd-4e7e-8173-bd1bfc4a8b44 6cc922d9-7303-40a3-ae34-daafaf2f6e9f 1 4.bCNCOnH7yTSgFR6h97eM3eFDoGX08nk7Vm+EvBroL9hYSqtXx7sIEFtjE1 2 0 ```
OVERLORD commented 2025-10-09 16:42:05 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub:

Of which org? That still doesn't answer the question if you have checked the /admin/ interface by going to the /admin/users/overview endpoint, so https://my.domain.tld/admin/users/overview.

@BlackDex commented on GitHub: Of which org? That still doesn't answer the question if you have checked the `/admin/` interface by going to the `/admin/users/overview` endpoint, so `https://my.domain.tld/admin/users/overview`.
OVERLORD commented 2025-10-09 16:42:05 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub:

If there are multiple owners of an org, then you should be able to delete that person just fine. It just needs 1 single owner to exists.

Have you checked the /admin interface if that user didn't created an organization it self?

@BlackDex commented on GitHub: If there are multiple owners of an org, then you should be able to delete that person just fine. It just needs 1 single owner to exists. Have you checked the `/admin` interface if that user didn't created an organization it self?
OVERLORD commented 2025-10-09 16:42:06 +03:00
Author
Owner
Copy Link

@sempervictus commented on GitHub:

The user is not even a member of the org, much less an owner.

@sempervictus commented on GitHub: The user is not even a member of the org, much less an owner.
OVERLORD commented 2025-10-09 16:42:07 +03:00
Author
Owner
Copy Link

@sempervictus commented on GitHub:

Interestingly no my membership (listed as owner in the non-admin UI) is not showing up even though i created the org and this other user has never had access to it. DB confuse the user_uuids somehow?

@sempervictus commented on GitHub: Interestingly **no** my membership (listed as owner in the non-admin UI) is not showing up even though i created the org and this other user has _never_ had access to it. DB confuse the `user_uuid`s somehow?
OVERLORD commented 2025-10-09 16:42:08 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub:

So, then, what does the /admin interface show you for that user?
Do the org uuid's match for the orgs which you think that user is part of?
If you lookup that org_uuid in the organizations table, does that match?

@BlackDex commented on GitHub: So, then, what does the `/admin` interface show you for that user? Do the org uuid's match for the orgs which you think that user is part of? If you lookup that org_uuid in the organizations table, does that match?
OVERLORD commented 2025-10-09 16:42:08 +03:00
Author
Owner
Copy Link

@sempervictus commented on GitHub:

the /admin view shows the user as a member of org A and an owner in org B.
The user is not a member or owner or org B and was never granted rights to it, there was no invite email sent (MTA is internal, we have all the logs) granting them any role in org B. Whats stranger is that i am the owner of org B in both UIs but i cannot remove that user because the removal check for "last owner" fails seemingly due to the weird way in which that user is related to the org. How do i re-create my ownership relationship in the database (i think his somehow replaced mine)? There seem to be cryptographic ties in there which do not suffer the user_uuid being changed.

@sempervictus commented on GitHub: the `/admin` view shows the user as a `member` of `org A` and an `owner` in `org B`. The user is **not** a `member` or `owner` or `org B` and was never granted rights to it, there was no invite email sent (MTA is internal, we have all the logs) granting them any role in `org B`. Whats stranger is that **i am** the owner of `org B` in both UIs but i cannot remove that user because the removal check for "last owner" fails seemingly due to the weird way in which that user is related to the org. How do i re-create my ownership relationship in the database (i think his somehow replaced mine)? There seem to be cryptographic ties in there which do not suffer the user_uuid being changed.
OVERLORD commented 2025-10-09 16:42:08 +03:00
Author
Owner
Copy Link

@sempervictus commented on GitHub:

I think it was some sort of corruption - i deleted the org in question, which allowed me to remove the user. Might be postgres time :)

@sempervictus commented on GitHub: I think it was some sort of corruption - i deleted the org in question, which allowed me to remove the user. Might be postgres time :)
OVERLORD commented 2025-10-09 16:42:09 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub:

uuid's do not flip somehow. So either the database is corrupted. Or someone did some manual database changes which caused this strange behavior. But if what you say what you see in the database is the source of truth, then you shouldn't be able to login into your account have access to that org.

The problem here is, i do not have to full picture.
I would need at least a dump of the users, organizations and users_organizations tables (emails, keys and names excluded of course) to make s better guess.

@BlackDex commented on GitHub: uuid's do not flip somehow. So either the database is corrupted. Or someone did some manual database changes which caused this strange behavior. But if what you say what you see in the database is the source of truth, then you shouldn't be able to login into your account have access to that org. The problem here is, i do not have to full picture. I would need at least a dump of the users, organizations and users_organizations tables (emails, keys and names excluded of course) to make s better guess.
OVERLORD commented 2025-10-09 16:42:11 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub:

I'm running on sqlite for many many years already. No issues at all.
Every database could get corrupted in some way.

Just make sure you create backups in the right way, and use the correct storage. Sqlite for example doesn't work correctly via shared storage and could get corrupted.

@BlackDex commented on GitHub: I'm running on sqlite for many many years already. No issues at all. Every database could get corrupted in some way. Just make sure you create backups in the right way, and use the correct storage. Sqlite for example doesn't work correctly via shared storage and could get corrupted.
OVERLORD commented 2025-10-09 16:42:12 +03:00
Author
Owner
Copy Link

@BlackDex commented on GitHub:

Btw, in glad it's solved

@BlackDex commented on GitHub: Btw, in glad it's solved
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
better for forum
bug
bug
bug
documentation
duplicate
enhancement
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
SSO
Third party
troubleshooting
troubleshooting
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/vaultwarden#622
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?