User roles are not assigned when migrating users with bulk import + isVerified field is ignored.

[bizon91]

🐛 Bug Report

When attempting to migrate users using /bulk-import/import, the roles specified in the userRoles field are ignored. Additionally, even when isVerified is set to false, the response shows the verified field as true

• Issue 1: The roles defined in the userRoles field are ignored during migration via /bulk-import/import.
• Issue 2: The isVerified field is set to false in the request, but the response returns verified: true.

Example request:

curl --location --request POST '<supertokens_core_endpoint>/bulk-import/import' \   
     --header 'api-key: *******************' \
     --header 'Content-Type: application/json; charset=utf-8' \
     --data '
    {
      "externalUserId": "test-external-id",
      "userMetadata": {       
        "deviceId": "test-device-id"
      },
      "userRoles": [{ "role": "user", "tenantIds": [] }],
      "loginMethods": [
        {
          "isVerified": false,
          "timeJoinedInMSSinceEpoch": 1551367594480,
          "recipeId": "emailpassword",
          "email": "test5@example.com",
          "passwordHash": <password_hash>,
          "hashingAlgorithm": "bcrypt"
        }
      ]
    }
'   

Response:

{"status":"OK","user":{"id":"test-external-id","isPrimaryUser":false,"tenantIds":["public"],"timeJoined":1551367594480,"emails":["test5@example.com"],"phoneNumbers":[],"thirdParty":[],"webauthn":{"credentialIds":[]},"loginMethods":[{"tenantIds":["public"],"recipeUserId":"test-external-id","verified":true,"timeJoined":1551367594480,"recipeId":"emailpassword","email":"test5@example.com"}]}}

Useful informations

I'm using latest supertokens-docker-mysql image. I don't use multi-tenancy. Role user is already defined.

[tamassoltesz]

Hi.
For the first issue, I beleive the problem is with your input. Based on your example, you are telling the migration to add the role user on the empty tenant. If you wish to add the role on the public tenant, then you should specify that.

For the second issue, you are right. At first, it was an intentional choice of verifying all emails and the issue was that the isVerified field was even present in the input, but after another round of internal discussions we decided to use that field's value. You can follow the PR's life here: isVerified PR

[bizon91]

Hi.
You're right - when I specified the tenant as public, it worked. However, the specification states that I can simply pass an empty array if I'm not using multi-tenancy.