From 78926fbde4e49d41465c39b6d1162d79057c878a Mon Sep 17 00:00:00 2001 From: Jacky Date: Sun, 5 Apr 2026 14:24:01 +0900 Subject: [PATCH] fix: scope DestroyUser to only delete target user's pre-auth keys DestroyUser called ListPreAuthKeys(tx) which returns ALL keys in the database, then deleted every one of them. This caused deleting any single user to wipe all pre-auth keys system-wide. Fix: query only keys belonging to the user being deleted using tx.Where("user_id = ?", uid).Find(&keys). Fixes: https://github.com/juanfont/headscale/issues/3154 --- hscontrol/db/users.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hscontrol/db/users.go b/hscontrol/db/users.go index 6aff9ed1..b2762edb 100644 --- a/hscontrol/db/users.go +++ b/hscontrol/db/users.go @@ -58,8 +58,8 @@ func DestroyUser(tx *gorm.DB, uid types.UserID) error { return ErrUserStillHasNodes } - keys, err := ListPreAuthKeys(tx) - if err != nil { + var keys []types.PreAuthKey + if err := tx.Where("user_id = ?", uid).Find(&keys).Error; err != nil { return err } for _, key := range keys {