Serviceaccounts: Add ability to add samename SA for different orgs (#83893)

* add ability to add samename SA for different orgs * Update pkg/services/user/userimpl/user.go * fix tests * refactor name * removed tests * add migration * fix linting
2025-02-25 18:55:37 -06:00 · 2024-03-06 09:53:58 +01:00
parent 2653bd8fab
commit e611a736ed
3 changed files with 102 additions and 15 deletions
--- a/pkg/services/sqlstore/migrations/user_mig.go
+++ b/pkg/services/sqlstore/migrations/user_mig.go
@@ -153,6 +153,13 @@ func addUserMigrations(mg *Migrator) {
 	mg.AddMigration("Add unique index user_uid", NewAddIndexMigration(userV2, &Index{
 		Cols: []string{"uid"}, Type: UniqueIndex,
 	}))
+
+	// Service accounts login were not unique per org. this migration is part of making it unique per org
+	// to be able to create service accounts that are unique per org
+	mg.AddMigration("Update login field for service accounts", NewRawSQLMigration("").
+		SQLite("UPDATE user SET login = 'sa-' || CAST(org_id AS TEXT) || '-' || REPLACE(login, 'sa-', '') WHERE login IS NOT NULL AND is_service_account = 1;").
+		Postgres("UPDATE \"user\" SET login = 'sa-' || org_id::text || '-' || REPLACE(login, 'sa-', '') WHERE login IS NOT NULL AND is_service_account = true;").
+		Mysql("UPDATE user SET login = CONCAT('sa-', CAST(org_id AS CHAR), '-', REPLACE(login, 'sa-', '')) WHERE login IS NOT NULL AND is_service_account = 1;"))
 }

 const migSQLITEisServiceAccountNullable = `ALTER TABLE user ADD COLUMN tmp_service_account BOOLEAN DEFAULT 0;