fix: disabling auth wipes all users' preferences on next pref save (#1764)

2026-06-17 10:15:27 -04:00 · 2026-06-03 05:23:50 +01:00
parent 68da800dcb
commit c4fcebd9c7
2 changed files with 65 additions and 1 deletions
@@ -40,7 +40,18 @@ def _save_for_user(user: Optional[str], prefs: dict):
    """Save preferences for a specific user."""
    all_prefs = _load()
    if user is None:
-        # Auth disabled — save flat
+        # Auth disabled. If the store is already multi-user (e.g. auth was
+        # turned off on a deployment that previously ran multi-user), writing
+        # `prefs` flat would overwrite the whole `_users` map and destroy every
+        # other user's preferences. Instead write back into the same (first)
+        # slot _load_for_user(None) reads from, preserving the others.
+        if "_users" in all_prefs:
+            users = all_prefs["_users"]
+            first_key = next(iter(users), None)
+            if first_key is not None:
+                users[first_key] = prefs
+                _save(all_prefs)
+                return
        _save(prefs)
        return
    if "_users" not in all_prefs: