Fixing dangling memberships in Crowd
プラットフォームについて: Data Center のみ。 - This article only applies to Atlassian apps on the Data Center プラットフォーム。
この KB は Data Center バージョンの製品用に作成されています。Data Center 固有ではない機能の Data Center KB は、製品のサーバー バージョンでも動作する可能性はありますが、テストは行われていません。 Server* 製品のサポートは 2024 年 2 月 15 日に終了しました。Server 製品を実行している場合は、 アトラシアン Server サポート終了 のお知らせにアクセスして、移行オプションを確認してください。
*Fisheye および Crucible は除く
説明
Due to how memberships were handled prior to Crowd 2.11.0 (https://jira.atlassian.com/browse/CWD-4801), in some cases incremental synchronisation could leave memberships pointing to items which no longer exist. Those memberships not only take up space, but can lead to problems when new memberships are created for items with the same names, but different ids. This could, for example, happen when a user stops meeting the directory's LDAP filter criteria, is synchronised incrementally, and then starts meeting the LDAP filter criteria again, or when a user deletion and a rename of another user to the deleted user's username are picked up in a single incremental synchronisation. This results in Crowd creating a new user with the same name as the deleted one, but with a different id. This could cause problems with authentication to Crowd and cause user memberships to be shown incorrectly in the UI and results from API calls.
修正
Dangling memberships can be found by an SQL query like the one below:
SELECT mem.*,
(
mem.membership_type = 'GROUP_USER' AND mem.child_id NOT IN (SELECT id FROM cwd_user))
OR (mem.membership_type = 'GROUP_GROUP' AND mem.child_id NOT IN (SELECT id FROM cwd_group)
) AS child_missing,
mem.parent_id NOT IN (SELECT id FROM cwd_group) AS parent_missing
FROM cwd_membership mem
WHERE mem.parent_id NOT IN (SELECT id FROM cwd_group)
OR (mem.membership_type = 'GROUP_USER' AND mem.child_id NOT IN (SELECT id FROM cwd_user))
OR (mem.membership_type = 'GROUP_GROUP' AND mem.child_id NOT IN (SELECT id FROM cwd_group))This query will find membership entries that point to a non-existent parent or have a non-existent child. The found entries should be reviewed and deleted.
この内容はお役に立ちましたか?