Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add option to purge users #18064

Merged
merged 23 commits into from
Jul 14, 2022
Merged

Add option to purge users #18064

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
a00fcb2
Add option to purge users
zeripath Dec 21, 2021
49a5232
fix paging and pre-disable the user
zeripath Dec 22, 2021
4655372
fix test
zeripath Dec 22, 2021
be5f6a2
Merge remote-tracking branch 'origin/main' into really-delete-user
zeripath Dec 31, 2021
2df52bd
Add force logout
zeripath Dec 31, 2021
2c52a89
Merge branch 'main' into really-delete-user
zeripath Jun 17, 2022
71f2fbb
Merge remote-tracking branch 'origin/main' into really-delete-user
zeripath Jun 19, 2022
eaea431
use FormBool
zeripath Jun 19, 2022
68aaddc
Add some comments as to why a transaction is inappropriate
zeripath Jun 19, 2022
dae68c8
Delete Packages too
zeripath Jun 19, 2022
7af3e8e
update locale_en-US.ini to include that we delete packages
zeripath Jun 19, 2022
fdb5002
Merge remote-tracking branch 'origin/main' into really-delete-user
zeripath Jun 19, 2022
a53d2cc
as per review
zeripath Jun 19, 2022
d4354b4
Cope with DELETE JOINS
zeripath Jun 20, 2022
6af6907
Merge remote-tracking branch 'origin/main' into really-delete-user
zeripath Jun 20, 2022
037692b
Merge remote-tracking branch 'origin/main' into really-delete-user
zeripath Jun 20, 2022
3ecaeb7
fix test
zeripath Jun 20, 2022
9e5685f
attempt to fix mysql query
zeripath Jun 20, 2022
3cb1a1d
Apply suggestions from code review
zeripath Jun 20, 2022
2b88a7b
Merge remote-tracking branch 'origin/main' into really-delete-user
zeripath Jul 9, 2022
f9280a8
Merge branch 'main' into really-delete-user
lafriks Jul 10, 2022
79b7137
Merge branch 'main' into really-delete-user
zeripath Jul 14, 2022
2125491
Merge branch 'main' into really-delete-user
zeripath Jul 14, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 10 additions & 1 deletion cmd/admin.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,10 @@ var (
Name: "email,e",
Usage: "Email of the user to delete",
},
cli.BoolFlag{
Name: "purge",
Usage: "Purge user, all their repositories, organizations and comments",
},
},
Action: runDeleteUser,
}
Expand Down Expand Up @@ -571,7 +575,12 @@ func runDeleteUser(c *cli.Context) error {
return fmt.Errorf("The user %s does not match the provided id %d", user.Name, c.Int64("id"))
}

return user_service.DeleteUser(user)
purge := false
if c.IsSet("purge") {
purge = c.Bool("purge")
}

return user_service.DeleteUser(ctx, user, purge)
zeripath marked this conversation as resolved.
Show resolved Hide resolved
}

func runRepoSyncReleases(_ *cli.Context) error {
Expand Down
6 changes: 3 additions & 3 deletions models/user.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ func deleteBeans(e db.Engine, beans ...interface{}) (err error) {
}

// DeleteUser deletes models associated to an user.
func DeleteUser(ctx context.Context, u *user_model.User) (err error) {
func DeleteUser(ctx context.Context, u *user_model.User, purge bool) (err error) {
e := db.GetEngine(ctx)

// ***** START: Watch *****
Expand Down Expand Up @@ -207,8 +207,8 @@ func DeleteUser(ctx context.Context, u *user_model.User) (err error) {
return fmt.Errorf("deleteBeans: %v", err)
}

if setting.Service.UserDeleteWithCommentsMaxTime != 0 &&
u.CreatedUnix.AsTime().Add(setting.Service.UserDeleteWithCommentsMaxTime).After(time.Now()) {
if purge || (setting.Service.UserDeleteWithCommentsMaxTime != 0 &&
u.CreatedUnix.AsTime().Add(setting.Service.UserDeleteWithCommentsMaxTime).After(time.Now())) {

// Delete Comments
const batchSize = 50
Expand Down
2 changes: 2 additions & 0 deletions options/locale/locale_en-US.ini
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2420,6 +2420,8 @@ users.update_profile = Update User Account
users.delete_account = Delete User Account
users.still_own_repo = This user still owns one or more repositories. Delete or transfer these repositories first.
users.still_has_org = This user is a member of an organization. Remove the user from any organizations first.
users.purge = Purge User
users.purge_help = Forcibly delete user and any repositories or organizations owned by the user. All comments will be deleted too.
zeripath marked this conversation as resolved.
Show resolved Hide resolved
users.deletion_success = The user account has been deleted.
users.reset_2fa = Reset 2FA
users.list_status_filter.menu_text = Filter
Expand Down
2 changes: 1 addition & 1 deletion routers/api/v1/admin/user.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -308,7 +308,7 @@ func DeleteUser(ctx *context.APIContext) {
return
}

if err := user_service.DeleteUser(u); err != nil {
if err := user_service.DeleteUser(ctx, u, ctx.FormBool("purge")); err != nil {
if models.IsErrUserOwnRepos(err) ||
models.IsErrUserHasOrgs(err) {
ctx.Error(http.StatusUnprocessableEntity, "", err)
Expand Down
19 changes: 9 additions & 10 deletions routers/web/admin/users.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -386,18 +386,19 @@ func DeleteUser(ctx *context.Context) {
return
}

if err = user_service.DeleteUser(u); err != nil {
purge := false
if ctx.FormString("purge") != "" {
zeripath marked this conversation as resolved.
Show resolved Hide resolved
purge = true
}

if err = user_service.DeleteUser(ctx, u, purge); err != nil {
zeripath marked this conversation as resolved.
Show resolved Hide resolved
zeripath marked this conversation as resolved.
Show resolved Hide resolved
switch {
case models.IsErrUserOwnRepos(err):
ctx.Flash.Error(ctx.Tr("admin.users.still_own_repo"))
ctx.JSON(http.StatusOK, map[string]interface{}{
"redirect": setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")),
})
ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")))
case models.IsErrUserHasOrgs(err):
ctx.Flash.Error(ctx.Tr("admin.users.still_has_org"))
ctx.JSON(http.StatusOK, map[string]interface{}{
"redirect": setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")),
})
ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")))
default:
ctx.ServerError("DeleteUser", err)
}
Expand All @@ -406,9 +407,7 @@ func DeleteUser(ctx *context.Context) {
log.Trace("Account deleted by admin (%s): %s", ctx.User.Name, u.Name)

ctx.Flash.Success(ctx.Tr("admin.users.deletion_success"))
ctx.JSON(http.StatusOK, map[string]interface{}{
"redirect": setting.AppSubURL + "/admin/users",
})
ctx.Redirect(setting.AppSubURL + "/admin/users")
}

// AvatarPost response for change user's avatar request
Expand Down
2 changes: 1 addition & 1 deletion routers/web/user/setting/account.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -243,7 +243,7 @@ func DeleteAccount(ctx *context.Context) {
return
}

if err := user.DeleteUser(ctx.User); err != nil {
if err := user.DeleteUser(ctx, ctx.User, false); err != nil {
switch {
case models.IsErrUserOwnRepos(err):
ctx.Flash.Error(ctx.Tr("form.still_own_repo"))
Expand Down
47 changes: 44 additions & 3 deletions services/user/user.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,52 @@ import (
// DeleteUser completely and permanently deletes everything of a user,
// but issues/comments/pulls will be kept and shown as someone has been deleted,
// unless the user is younger than USER_DELETE_WITH_COMMENTS_MAX_DAYS.
func DeleteUser(u *user_model.User) error {
func DeleteUser(ctx context.Context, u *user_model.User, purge bool) error {
zeripath marked this conversation as resolved.
Show resolved Hide resolved
if u.IsOrganization() {
return fmt.Errorf("%s is an organization not a user", u.Name)
}

if purge {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this code block covered by tests?

// Delete all repos belonging to this user
for page := 1; ; page++ {
repos, _, err := models.SearchRepositoryByName(&models.SearchRepoOptions{
zeripath marked this conversation as resolved.
Show resolved Hide resolved
ListOptions: db.ListOptions{
PageSize: models.RepositoryListDefaultPageSize,
Page: page,
},
Private: true,
OwnerID: u.ID,
})
if err != nil {
return fmt.Errorf("SearchRepositoryByName: %v", err)
}
if len(repos) == 0 {
break
}
for _, repo := range repos {
if err := models.DeleteRepository(u, u.ID, repo.ID); err != nil {
return fmt.Errorf("unable to delete repositories for %s[%d]. Error: %v", u.Name, u.ID, err)
}
}
}

// Delete Orgs
orgs, err := models.GetUserOrgsList(u)
if err != nil {
return fmt.Errorf("unable to org list for %s[%d]. Error: %v", u.Name, u.ID, err)
}
for _, org := range orgs {
if err := models.RemoveOrgUser(org.ID, u.ID); err != nil {
if models.IsErrLastOrgOwner(err) {
err = models.DeleteOrganization(ctx, org)
}
if err != nil {
return fmt.Errorf("unable to remove user %s[%d] from org %s[%d]. Error: %v", u.Name, u.ID, org.Name, org.ID, err)
}
}
}
}

ctx, committer, err := db.TxContext()
if err != nil {
return err
Expand All @@ -57,7 +98,7 @@ func DeleteUser(u *user_model.User) error {
return models.ErrUserHasOrgs{UID: u.ID}
}

if err := models.DeleteUser(ctx, u); err != nil {
if err := models.DeleteUser(ctx, u, purge); err != nil {
return fmt.Errorf("DeleteUser: %v", err)
}

Expand Down Expand Up @@ -108,7 +149,7 @@ func DeleteInactiveUsers(ctx context.Context, olderThan time.Duration) error {
return db.ErrCancelledf("Before delete inactive user %s", u.Name)
default:
}
if err := DeleteUser(u); err != nil {
if err := DeleteUser(ctx, u, false); err != nil {
// Ignore users that were set inactive by admin.
if models.IsErrUserOwnRepos(err) || models.IsErrUserHasOrgs(err) {
continue
Expand Down
10 changes: 5 additions & 5 deletions services/user/user_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ func TestDeleteUser(t *testing.T) {
ownedRepos := make([]*repo_model.Repository, 0, 10)
assert.NoError(t, db.GetEngine(db.DefaultContext).Find(&ownedRepos, &repo_model.Repository{OwnerID: userID}))
if len(ownedRepos) > 0 {
err := DeleteUser(user)
err := DeleteUser(db.DefaultContext, user, false)
assert.Error(t, err)
assert.True(t, models.IsErrUserOwnRepos(err))
return
Expand All @@ -44,7 +44,7 @@ func TestDeleteUser(t *testing.T) {
return
}
}
assert.NoError(t, DeleteUser(user))
assert.NoError(t, DeleteUser(db.DefaultContext, user, false))
unittest.AssertNotExistsBean(t, &user_model.User{ID: userID})
unittest.CheckConsistencyFor(t, &user_model.User{}, &repo_model.Repository{})
}
Expand All @@ -54,7 +54,7 @@ func TestDeleteUser(t *testing.T) {
test(11)

org := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 3}).(*user_model.User)
assert.Error(t, DeleteUser(org))
assert.Error(t, DeleteUser(db.DefaultContext, org, false))
}

func TestCreateUser(t *testing.T) {
Expand All @@ -69,7 +69,7 @@ func TestCreateUser(t *testing.T) {

assert.NoError(t, user_model.CreateUser(user))

assert.NoError(t, DeleteUser(user))
assert.NoError(t, DeleteUser(db.DefaultContext, user, false))
}

func TestCreateUser_Issue5882(t *testing.T) {
Expand Down Expand Up @@ -98,6 +98,6 @@ func TestCreateUser_Issue5882(t *testing.T) {

assert.Equal(t, !u.AllowCreateOrganization, v.disableOrgCreation)

assert.NoError(t, DeleteUser(v.user))
assert.NoError(t, DeleteUser(db.DefaultContext, v.user, false))
}
}
26 changes: 23 additions & 3 deletions templates/admin/user/edit.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -151,7 +151,7 @@

<div class="field">
<button class="ui green button">{{.i18n.Tr "admin.users.update_profile"}}</button>
<div class="ui red button delete-button" data-url="{{$.Link}}/delete" data-id="{{.User.ID}}">{{.i18n.Tr "admin.users.delete_account"}}</div>
<div class="ui red button show-modal" data-modal="#delete-user-modal" data-url="{{$.Link}}/delete" data-id="{{.User.ID}}">{{.i18n.Tr "admin.users.delete_account"}}</div>
</div>
</form>
</div>
Expand Down Expand Up @@ -196,14 +196,34 @@
</div>
</div>

<div class="ui small basic delete modal">
<div class="ui small basic delete modal" id="delete-user-modal">
<div class="ui icon header">
{{svg "octicon-trash"}}
{{.i18n.Tr "settings.delete_account_title"}}
</div>
<div class="content">
<p>{{.i18n.Tr "settings.delete_account_desc"}}</p>
</div>
{{template "base/delete_modal_actions" .}}
<form class="ui form" method="POST" action="{{.Link}}/delete">
{{$.CsrfTokenHtml}}
<input type="hidden" name="id">
<div class="field">
<div class="ui checkbox">
<label for="purge">{{.i18n.Tr "admin.users.purge"}}</label>
<input name="purge" type="checkbox">
</div>
<p class="help">{{.i18n.Tr "admin.users.purge_help"}}</p>
</div>
<div class="text right actions">
<div class="ui red basic inverted cancel button">
{{svg "octicon-x"}}
{{.i18n.Tr "modal.no"}}
</div>
<button class="ui green basic inverted ok button">
{{svg "octicon-check"}}
{{.i18n.Tr "modal.yes"}}
</button>
</div>
zeripath marked this conversation as resolved.
Show resolved Hide resolved
</form>
</div>
{{template "base/footer" .}}