Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add option to purge users #18064

Merged
merged 23 commits into from
Jul 14, 2022
Merged
Show file tree
Hide file tree
Changes from 20 commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
a00fcb2
Add option to purge users
zeripath Dec 21, 2021
49a5232
fix paging and pre-disable the user
zeripath Dec 22, 2021
4655372
fix test
zeripath Dec 22, 2021
be5f6a2
Merge remote-tracking branch 'origin/main' into really-delete-user
zeripath Dec 31, 2021
2df52bd
Add force logout
zeripath Dec 31, 2021
2c52a89
Merge branch 'main' into really-delete-user
zeripath Jun 17, 2022
71f2fbb
Merge remote-tracking branch 'origin/main' into really-delete-user
zeripath Jun 19, 2022
eaea431
use FormBool
zeripath Jun 19, 2022
68aaddc
Add some comments as to why a transaction is inappropriate
zeripath Jun 19, 2022
dae68c8
Delete Packages too
zeripath Jun 19, 2022
7af3e8e
update locale_en-US.ini to include that we delete packages
zeripath Jun 19, 2022
fdb5002
Merge remote-tracking branch 'origin/main' into really-delete-user
zeripath Jun 19, 2022
a53d2cc
as per review
zeripath Jun 19, 2022
d4354b4
Cope with DELETE JOINS
zeripath Jun 20, 2022
6af6907
Merge remote-tracking branch 'origin/main' into really-delete-user
zeripath Jun 20, 2022
037692b
Merge remote-tracking branch 'origin/main' into really-delete-user
zeripath Jun 20, 2022
3ecaeb7
fix test
zeripath Jun 20, 2022
9e5685f
attempt to fix mysql query
zeripath Jun 20, 2022
3cb1a1d
Apply suggestions from code review
zeripath Jun 20, 2022
2b88a7b
Merge remote-tracking branch 'origin/main' into really-delete-user
zeripath Jul 9, 2022
f9280a8
Merge branch 'main' into really-delete-user
lafriks Jul 10, 2022
79b7137
Merge branch 'main' into really-delete-user
zeripath Jul 14, 2022
2125491
Merge branch 'main' into really-delete-user
zeripath Jul 14, 2022
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion cmd/admin.go
Original file line number Diff line number Diff line change
Expand Up @@ -157,6 +157,10 @@ var (
Name: "email,e",
Usage: "Email of the user to delete",
},
cli.BoolFlag{
Name: "purge",
Usage: "Purge user, all their repositories, organizations and comments",
},
},
Action: runDeleteUser,
}
Expand Down Expand Up @@ -675,7 +679,7 @@ func runDeleteUser(c *cli.Context) error {
return fmt.Errorf("The user %s does not match the provided id %d", user.Name, c.Int64("id"))
}

return user_service.DeleteUser(user)
return user_service.DeleteUser(ctx, user, c.Bool("purge"))
}

func runGenerateAccessToken(c *cli.Context) error {
Expand Down
2 changes: 1 addition & 1 deletion integrations/admin_user_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ func TestAdminDeleteUser(t *testing.T) {
req := NewRequestWithValues(t, "POST", "/admin/users/8/delete", map[string]string{
"_csrf": csrf,
})
session.MakeRequest(t, req, http.StatusOK)
session.MakeRequest(t, req, http.StatusSeeOther)

assertUserDeleted(t, 8)
unittest.CheckConsistencyFor(t, &user_model.User{})
Expand Down
9 changes: 7 additions & 2 deletions integrations/integration_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -188,8 +188,13 @@ func initIntegrationTest() {

switch {
case setting.Database.UseMySQL:
db, err := sql.Open("mysql", fmt.Sprintf("%s:%s@tcp(%s)/",
setting.Database.User, setting.Database.Passwd, setting.Database.Host))
connType := "tcp"
if len(setting.Database.Host) > 0 && setting.Database.Host[0] == '/' { // looks like a unix socket
connType = "unix"
}

db, err := sql.Open("mysql", fmt.Sprintf("%s:%s@%s(%s)/",
setting.Database.User, setting.Database.Passwd, connType, setting.Database.Host))
defer db.Close()
if err != nil {
log.Fatal("sql.Open: %v", err)
Expand Down
9 changes: 6 additions & 3 deletions models/packages/package_version.go
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ func getVersionByNameAndVersion(ctx context.Context, ownerID int64, packageType
ExactMatch: true,
Value: version,
},
IsInternal: isInternal,
IsInternal: util.OptionalBoolOf(isInternal),
Paginator: db.NewAbsoluteListOptions(0, 1),
})
if err != nil {
Expand Down Expand Up @@ -171,15 +171,18 @@ type PackageSearchOptions struct {
Name SearchValue // only results with the specific name are found
Version SearchValue // only results with the specific version are found
Properties map[string]string // only results are found which contain all listed version properties with the specific value
IsInternal bool
IsInternal util.OptionalBool
HasFileWithName string // only results are found which are associated with a file with the specific name
HasFiles util.OptionalBool // only results are found which have associated files
Sort string
db.Paginator
}

func (opts *PackageSearchOptions) toConds() builder.Cond {
var cond builder.Cond = builder.Eq{"package_version.is_internal": opts.IsInternal}
cond := builder.NewCond()
if !opts.IsInternal.IsNone() {
cond = builder.Eq{"package_version.is_internal": opts.IsInternal.IsTrue()}
}

if opts.OwnerID != 0 {
cond = cond.And(builder.Eq{"package.owner_id": opts.OwnerID})
Expand Down
37 changes: 37 additions & 0 deletions models/project/project.go
Original file line number Diff line number Diff line change
Expand Up @@ -330,3 +330,40 @@ func DeleteProjectByIDCtx(ctx context.Context, id int64) error {

return updateRepositoryProjectCount(ctx, p.RepoID)
}

func DeleteProjectByRepoIDCtx(ctx context.Context, repoID int64) error {
switch {
case setting.Database.UseSQLite3:
if _, err := db.GetEngine(ctx).Exec("DELETE FROM project_issue WHERE project_issue.id IN (SELECT project_issue.id FROM project_issue INNER JOIN project WHERE project.id = project_issue.project_id AND project.repo_id = ?)", repoID); err != nil {
return err
}
if _, err := db.GetEngine(ctx).Exec("DELETE FROM project_board WHERE project_board.id IN (SELECT project_board.id FROM project_board INNER JOIN project WHERE project.id = project_board.project_id AND project.repo_id = ?)", repoID); err != nil {
return err
}
if _, err := db.GetEngine(ctx).Table("project").Where("repo_id = ? ", repoID).Delete(&Project{}); err != nil {
return err
}
case setting.Database.UsePostgreSQL:
if _, err := db.GetEngine(ctx).Exec("DELETE FROM project_issue USING project WHERE project.id = project_issue.project_id AND project.repo_id = ? ", repoID); err != nil {
return err
}
if _, err := db.GetEngine(ctx).Exec("DELETE FROM project_board USING project WHERE project.id = project_board.project_id AND project.repo_id = ? ", repoID); err != nil {
return err
}
if _, err := db.GetEngine(ctx).Table("project").Where("repo_id = ? ", repoID).Delete(&Project{}); err != nil {
return err
}
default:
if _, err := db.GetEngine(ctx).Exec("DELETE project_issue FROM project_issue INNER JOIN project ON project.id = project_issue.project_id WHERE project.repo_id = ? ", repoID); err != nil {
return err
}
if _, err := db.GetEngine(ctx).Exec("DELETE project_board FROM project_board INNER JOIN project ON project.id = project_board.project_id WHERE project.repo_id = ? ", repoID); err != nil {
return err
}
if _, err := db.GetEngine(ctx).Table("project").Where("repo_id = ? ", repoID).Delete(&Project{}); err != nil {
return err
}
}

return updateRepositoryProjectCount(ctx, repoID)
}
12 changes: 2 additions & 10 deletions models/repo.go
Original file line number Diff line number Diff line change
Expand Up @@ -342,16 +342,8 @@ func DeleteRepository(doer *user_model.User, uid, repoID int64) error {
}
}

projects, _, err := project_model.GetProjects(ctx, project_model.SearchOptions{
RepoID: repoID,
})
if err != nil {
return fmt.Errorf("get projects: %v", err)
}
for i := range projects {
if err := project_model.DeleteProjectByIDCtx(ctx, projects[i].ID); err != nil {
return fmt.Errorf("delete project [%d]: %v", projects[i].ID, err)
}
if err := project_model.DeleteProjectByRepoIDCtx(ctx, repoID); err != nil {
return fmt.Errorf("unable to delete projects for repo[%d]: %v", repoID, err)
}

// Remove LFS objects
Expand Down
6 changes: 3 additions & 3 deletions models/user.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ import (
)

// DeleteUser deletes models associated to an user.
func DeleteUser(ctx context.Context, u *user_model.User) (err error) {
func DeleteUser(ctx context.Context, u *user_model.User, purge bool) (err error) {
e := db.GetEngine(ctx)

// ***** START: Watch *****
Expand Down Expand Up @@ -95,8 +95,8 @@ func DeleteUser(ctx context.Context, u *user_model.User) (err error) {
return err
}

if setting.Service.UserDeleteWithCommentsMaxTime != 0 &&
u.CreatedUnix.AsTime().Add(setting.Service.UserDeleteWithCommentsMaxTime).After(time.Now()) {
if purge || (setting.Service.UserDeleteWithCommentsMaxTime != 0 &&
u.CreatedUnix.AsTime().Add(setting.Service.UserDeleteWithCommentsMaxTime).After(time.Now())) {

// Delete Comments
const batchSize = 50
Expand Down
2 changes: 2 additions & 0 deletions options/locale/locale_en-US.ini
Original file line number Diff line number Diff line change
Expand Up @@ -2538,6 +2538,8 @@ users.delete_account = Delete User Account
users.cannot_delete_self = "You cannot delete yourself"
users.still_own_repo = This user still owns one or more repositories. Delete or transfer these repositories first.
users.still_has_org = This user is a member of an organization. Remove the user from any organizations first.
users.purge = Purge User
users.purge_help = Forcibly delete user and any repositories, organizations, and packages owned by the user. All comments will be deleted too.
users.still_own_packages = This user still owns one or more packages. Delete these packages first.
users.deletion_success = The user account has been deleted.
users.reset_2fa = Reset 2FA
Expand Down
2 changes: 1 addition & 1 deletion routers/api/v1/admin/user.go
Original file line number Diff line number Diff line change
Expand Up @@ -316,7 +316,7 @@ func DeleteUser(ctx *context.APIContext) {
return
}

if err := user_service.DeleteUser(ctx.ContextUser); err != nil {
if err := user_service.DeleteUser(ctx, ctx.ContextUser, ctx.FormBool("purge")); err != nil {
if models.IsErrUserOwnRepos(err) ||
models.IsErrUserHasOrgs(err) ||
models.IsErrUserOwnPackages(err) {
Expand Down
22 changes: 6 additions & 16 deletions routers/web/admin/users.go
Original file line number Diff line number Diff line change
Expand Up @@ -419,29 +419,21 @@ func DeleteUser(ctx *context.Context) {
// admin should not delete themself
if u.ID == ctx.Doer.ID {
ctx.Flash.Error(ctx.Tr("admin.users.cannot_delete_self"))
ctx.JSON(http.StatusOK, map[string]interface{}{
"redirect": setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")),
})
ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")))
return
}

if err = user_service.DeleteUser(u); err != nil {
if err = user_service.DeleteUser(ctx, u, ctx.FormBool("purge")); err != nil {
switch {
case models.IsErrUserOwnRepos(err):
ctx.Flash.Error(ctx.Tr("admin.users.still_own_repo"))
ctx.JSON(http.StatusOK, map[string]interface{}{
"redirect": setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")),
})
ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")))
case models.IsErrUserHasOrgs(err):
ctx.Flash.Error(ctx.Tr("admin.users.still_has_org"))
ctx.JSON(http.StatusOK, map[string]interface{}{
"redirect": setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")),
})
ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")))
case models.IsErrUserOwnPackages(err):
ctx.Flash.Error(ctx.Tr("admin.users.still_own_packages"))
ctx.JSON(http.StatusOK, map[string]interface{}{
"redirect": setting.AppSubURL + "/admin/users/" + ctx.Params(":userid"),
})
ctx.Redirect(setting.AppSubURL + "/admin/users/" + ctx.Params(":userid"))
default:
ctx.ServerError("DeleteUser", err)
}
Expand All @@ -450,9 +442,7 @@ func DeleteUser(ctx *context.Context) {
log.Trace("Account deleted by admin (%s): %s", ctx.Doer.Name, u.Name)

ctx.Flash.Success(ctx.Tr("admin.users.deletion_success"))
ctx.JSON(http.StatusOK, map[string]interface{}{
"redirect": setting.AppSubURL + "/admin/users",
})
ctx.Redirect(setting.AppSubURL + "/admin/users")
}

// AvatarPost response for change user's avatar request
Expand Down
2 changes: 1 addition & 1 deletion routers/web/user/setting/account.go
Original file line number Diff line number Diff line change
Expand Up @@ -248,7 +248,7 @@ func DeleteAccount(ctx *context.Context) {
return
}

if err := user.DeleteUser(ctx.Doer); err != nil {
if err := user.DeleteUser(ctx, ctx.Doer, false); err != nil {
switch {
case models.IsErrUserOwnRepos(err):
ctx.Flash.Error(ctx.Tr("form.still_own_repo"))
Expand Down
2 changes: 1 addition & 1 deletion services/packages/container/cleanup.go
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ func cleanupExpiredUploadedBlobs(ctx context.Context, olderThan time.Duration) e
ExactMatch: true,
Value: container_model.UploadVersion,
},
IsInternal: true,
IsInternal: util.OptionalBoolTrue,
HasFiles: util.OptionalBoolFalse,
})
if err != nil {
Expand Down
28 changes: 28 additions & 0 deletions services/packages/packages.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import (

"code.gitea.io/gitea/models/db"
packages_model "code.gitea.io/gitea/models/packages"
repo_model "code.gitea.io/gitea/models/repo"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/json"
"code.gitea.io/gitea/modules/log"
Expand Down Expand Up @@ -451,3 +452,30 @@ func GetPackageFileStream(ctx context.Context, pf *packages_model.PackageFile) (
}
return s, pf, err
}

// RemoveAllPackages for User
func RemoveAllPackages(ctx context.Context, userID int64) (int, error) {
count := 0
for {
pkgVersions, _, err := packages_model.SearchVersions(ctx, &packages_model.PackageSearchOptions{
Paginator: &db.ListOptions{
PageSize: repo_model.RepositoryListDefaultPageSize,
Page: 1,
},
OwnerID: userID,
})
if err != nil {
return count, fmt.Errorf("GetOwnedPackages[%d]: %w", userID, err)
}
if len(pkgVersions) == 0 {
break
}
for _, pv := range pkgVersions {
if err := DeletePackageVersionAndReferences(ctx, pv); err != nil {
return count, fmt.Errorf("unable to delete package %d:%s[%d]. Error: %w", pv.PackageID, pv.Version, pv.ID, err)
}
count++
}
}
return count, nil
}
Loading