Add the ability to purge users when deleting them. Close #15588 Signed-off-by: Andrew Thornton <art27@cantab.net>tags/v1.18.0-rc0
@@ -157,6 +157,10 @@ var ( | |||
Name: "email,e", | |||
Usage: "Email of the user to delete", | |||
}, | |||
cli.BoolFlag{ | |||
Name: "purge", | |||
Usage: "Purge user, all their repositories, organizations and comments", | |||
}, | |||
}, | |||
Action: runDeleteUser, | |||
} | |||
@@ -675,7 +679,7 @@ func runDeleteUser(c *cli.Context) error { | |||
return fmt.Errorf("The user %s does not match the provided id %d", user.Name, c.Int64("id")) | |||
} | |||
return user_service.DeleteUser(user) | |||
return user_service.DeleteUser(ctx, user, c.Bool("purge")) | |||
} | |||
func runGenerateAccessToken(c *cli.Context) error { |
@@ -76,7 +76,7 @@ func TestAdminDeleteUser(t *testing.T) { | |||
req := NewRequestWithValues(t, "POST", "/admin/users/8/delete", map[string]string{ | |||
"_csrf": csrf, | |||
}) | |||
session.MakeRequest(t, req, http.StatusOK) | |||
session.MakeRequest(t, req, http.StatusSeeOther) | |||
assertUserDeleted(t, 8) | |||
unittest.CheckConsistencyFor(t, &user_model.User{}) |
@@ -188,8 +188,13 @@ func initIntegrationTest() { | |||
switch { | |||
case setting.Database.UseMySQL: | |||
db, err := sql.Open("mysql", fmt.Sprintf("%s:%s@tcp(%s)/", | |||
setting.Database.User, setting.Database.Passwd, setting.Database.Host)) | |||
connType := "tcp" | |||
if len(setting.Database.Host) > 0 && setting.Database.Host[0] == '/' { // looks like a unix socket | |||
connType = "unix" | |||
} | |||
db, err := sql.Open("mysql", fmt.Sprintf("%s:%s@%s(%s)/", | |||
setting.Database.User, setting.Database.Passwd, connType, setting.Database.Host)) | |||
defer db.Close() | |||
if err != nil { | |||
log.Fatal("sql.Open: %v", err) |
@@ -107,7 +107,7 @@ func getVersionByNameAndVersion(ctx context.Context, ownerID int64, packageType | |||
ExactMatch: true, | |||
Value: version, | |||
}, | |||
IsInternal: isInternal, | |||
IsInternal: util.OptionalBoolOf(isInternal), | |||
Paginator: db.NewAbsoluteListOptions(0, 1), | |||
}) | |||
if err != nil { | |||
@@ -171,7 +171,7 @@ type PackageSearchOptions struct { | |||
Name SearchValue // only results with the specific name are found | |||
Version SearchValue // only results with the specific version are found | |||
Properties map[string]string // only results are found which contain all listed version properties with the specific value | |||
IsInternal bool | |||
IsInternal util.OptionalBool | |||
HasFileWithName string // only results are found which are associated with a file with the specific name | |||
HasFiles util.OptionalBool // only results are found which have associated files | |||
Sort string | |||
@@ -179,7 +179,10 @@ type PackageSearchOptions struct { | |||
} | |||
func (opts *PackageSearchOptions) toConds() builder.Cond { | |||
var cond builder.Cond = builder.Eq{"package_version.is_internal": opts.IsInternal} | |||
cond := builder.NewCond() | |||
if !opts.IsInternal.IsNone() { | |||
cond = builder.Eq{"package_version.is_internal": opts.IsInternal.IsTrue()} | |||
} | |||
if opts.OwnerID != 0 { | |||
cond = cond.And(builder.Eq{"package.owner_id": opts.OwnerID}) |
@@ -330,3 +330,40 @@ func DeleteProjectByIDCtx(ctx context.Context, id int64) error { | |||
return updateRepositoryProjectCount(ctx, p.RepoID) | |||
} | |||
func DeleteProjectByRepoIDCtx(ctx context.Context, repoID int64) error { | |||
switch { | |||
case setting.Database.UseSQLite3: | |||
if _, err := db.GetEngine(ctx).Exec("DELETE FROM project_issue WHERE project_issue.id IN (SELECT project_issue.id FROM project_issue INNER JOIN project WHERE project.id = project_issue.project_id AND project.repo_id = ?)", repoID); err != nil { | |||
return err | |||
} | |||
if _, err := db.GetEngine(ctx).Exec("DELETE FROM project_board WHERE project_board.id IN (SELECT project_board.id FROM project_board INNER JOIN project WHERE project.id = project_board.project_id AND project.repo_id = ?)", repoID); err != nil { | |||
return err | |||
} | |||
if _, err := db.GetEngine(ctx).Table("project").Where("repo_id = ? ", repoID).Delete(&Project{}); err != nil { | |||
return err | |||
} | |||
case setting.Database.UsePostgreSQL: | |||
if _, err := db.GetEngine(ctx).Exec("DELETE FROM project_issue USING project WHERE project.id = project_issue.project_id AND project.repo_id = ? ", repoID); err != nil { | |||
return err | |||
} | |||
if _, err := db.GetEngine(ctx).Exec("DELETE FROM project_board USING project WHERE project.id = project_board.project_id AND project.repo_id = ? ", repoID); err != nil { | |||
return err | |||
} | |||
if _, err := db.GetEngine(ctx).Table("project").Where("repo_id = ? ", repoID).Delete(&Project{}); err != nil { | |||
return err | |||
} | |||
default: | |||
if _, err := db.GetEngine(ctx).Exec("DELETE project_issue FROM project_issue INNER JOIN project ON project.id = project_issue.project_id WHERE project.repo_id = ? ", repoID); err != nil { | |||
return err | |||
} | |||
if _, err := db.GetEngine(ctx).Exec("DELETE project_board FROM project_board INNER JOIN project ON project.id = project_board.project_id WHERE project.repo_id = ? ", repoID); err != nil { | |||
return err | |||
} | |||
if _, err := db.GetEngine(ctx).Table("project").Where("repo_id = ? ", repoID).Delete(&Project{}); err != nil { | |||
return err | |||
} | |||
} | |||
return updateRepositoryProjectCount(ctx, repoID) | |||
} |
@@ -342,16 +342,8 @@ func DeleteRepository(doer *user_model.User, uid, repoID int64) error { | |||
} | |||
} | |||
projects, _, err := project_model.GetProjects(ctx, project_model.SearchOptions{ | |||
RepoID: repoID, | |||
}) | |||
if err != nil { | |||
return fmt.Errorf("get projects: %v", err) | |||
} | |||
for i := range projects { | |||
if err := project_model.DeleteProjectByIDCtx(ctx, projects[i].ID); err != nil { | |||
return fmt.Errorf("delete project [%d]: %v", projects[i].ID, err) | |||
} | |||
if err := project_model.DeleteProjectByRepoIDCtx(ctx, repoID); err != nil { | |||
return fmt.Errorf("unable to delete projects for repo[%d]: %v", repoID, err) | |||
} | |||
// Remove LFS objects |
@@ -27,7 +27,7 @@ import ( | |||
) | |||
// DeleteUser deletes models associated to an user. | |||
func DeleteUser(ctx context.Context, u *user_model.User) (err error) { | |||
func DeleteUser(ctx context.Context, u *user_model.User, purge bool) (err error) { | |||
e := db.GetEngine(ctx) | |||
// ***** START: Watch ***** | |||
@@ -95,8 +95,8 @@ func DeleteUser(ctx context.Context, u *user_model.User) (err error) { | |||
return err | |||
} | |||
if setting.Service.UserDeleteWithCommentsMaxTime != 0 && | |||
u.CreatedUnix.AsTime().Add(setting.Service.UserDeleteWithCommentsMaxTime).After(time.Now()) { | |||
if purge || (setting.Service.UserDeleteWithCommentsMaxTime != 0 && | |||
u.CreatedUnix.AsTime().Add(setting.Service.UserDeleteWithCommentsMaxTime).After(time.Now())) { | |||
// Delete Comments | |||
const batchSize = 50 |
@@ -2540,6 +2540,8 @@ users.delete_account = Delete User Account | |||
users.cannot_delete_self = "You cannot delete yourself" | |||
users.still_own_repo = This user still owns one or more repositories. Delete or transfer these repositories first. | |||
users.still_has_org = This user is a member of an organization. Remove the user from any organizations first. | |||
users.purge = Purge User | |||
users.purge_help = Forcibly delete user and any repositories, organizations, and packages owned by the user. All comments will be deleted too. | |||
users.still_own_packages = This user still owns one or more packages. Delete these packages first. | |||
users.deletion_success = The user account has been deleted. | |||
users.reset_2fa = Reset 2FA |
@@ -316,7 +316,7 @@ func DeleteUser(ctx *context.APIContext) { | |||
return | |||
} | |||
if err := user_service.DeleteUser(ctx.ContextUser); err != nil { | |||
if err := user_service.DeleteUser(ctx, ctx.ContextUser, ctx.FormBool("purge")); err != nil { | |||
if models.IsErrUserOwnRepos(err) || | |||
models.IsErrUserHasOrgs(err) || | |||
models.IsErrUserOwnPackages(err) { |
@@ -419,29 +419,21 @@ func DeleteUser(ctx *context.Context) { | |||
// admin should not delete themself | |||
if u.ID == ctx.Doer.ID { | |||
ctx.Flash.Error(ctx.Tr("admin.users.cannot_delete_self")) | |||
ctx.JSON(http.StatusOK, map[string]interface{}{ | |||
"redirect": setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")), | |||
}) | |||
ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid"))) | |||
return | |||
} | |||
if err = user_service.DeleteUser(u); err != nil { | |||
if err = user_service.DeleteUser(ctx, u, ctx.FormBool("purge")); err != nil { | |||
switch { | |||
case models.IsErrUserOwnRepos(err): | |||
ctx.Flash.Error(ctx.Tr("admin.users.still_own_repo")) | |||
ctx.JSON(http.StatusOK, map[string]interface{}{ | |||
"redirect": setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")), | |||
}) | |||
ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid"))) | |||
case models.IsErrUserHasOrgs(err): | |||
ctx.Flash.Error(ctx.Tr("admin.users.still_has_org")) | |||
ctx.JSON(http.StatusOK, map[string]interface{}{ | |||
"redirect": setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid")), | |||
}) | |||
ctx.Redirect(setting.AppSubURL + "/admin/users/" + url.PathEscape(ctx.Params(":userid"))) | |||
case models.IsErrUserOwnPackages(err): | |||
ctx.Flash.Error(ctx.Tr("admin.users.still_own_packages")) | |||
ctx.JSON(http.StatusOK, map[string]interface{}{ | |||
"redirect": setting.AppSubURL + "/admin/users/" + ctx.Params(":userid"), | |||
}) | |||
ctx.Redirect(setting.AppSubURL + "/admin/users/" + ctx.Params(":userid")) | |||
default: | |||
ctx.ServerError("DeleteUser", err) | |||
} | |||
@@ -450,9 +442,7 @@ func DeleteUser(ctx *context.Context) { | |||
log.Trace("Account deleted by admin (%s): %s", ctx.Doer.Name, u.Name) | |||
ctx.Flash.Success(ctx.Tr("admin.users.deletion_success")) | |||
ctx.JSON(http.StatusOK, map[string]interface{}{ | |||
"redirect": setting.AppSubURL + "/admin/users", | |||
}) | |||
ctx.Redirect(setting.AppSubURL + "/admin/users") | |||
} | |||
// AvatarPost response for change user's avatar request |
@@ -248,7 +248,7 @@ func DeleteAccount(ctx *context.Context) { | |||
return | |||
} | |||
if err := user.DeleteUser(ctx.Doer); err != nil { | |||
if err := user.DeleteUser(ctx, ctx.Doer, false); err != nil { | |||
switch { | |||
case models.IsErrUserOwnRepos(err): | |||
ctx.Flash.Error(ctx.Tr("form.still_own_repo")) |
@@ -59,7 +59,7 @@ func cleanupExpiredUploadedBlobs(ctx context.Context, olderThan time.Duration) e | |||
ExactMatch: true, | |||
Value: container_model.UploadVersion, | |||
}, | |||
IsInternal: true, | |||
IsInternal: util.OptionalBoolTrue, | |||
HasFiles: util.OptionalBoolFalse, | |||
}) | |||
if err != nil { |
@@ -13,6 +13,7 @@ import ( | |||
"code.gitea.io/gitea/models/db" | |||
packages_model "code.gitea.io/gitea/models/packages" | |||
repo_model "code.gitea.io/gitea/models/repo" | |||
user_model "code.gitea.io/gitea/models/user" | |||
"code.gitea.io/gitea/modules/json" | |||
"code.gitea.io/gitea/modules/log" | |||
@@ -451,3 +452,30 @@ func GetPackageFileStream(ctx context.Context, pf *packages_model.PackageFile) ( | |||
} | |||
return s, pf, err | |||
} | |||
// RemoveAllPackages for User | |||
func RemoveAllPackages(ctx context.Context, userID int64) (int, error) { | |||
count := 0 | |||
for { | |||
pkgVersions, _, err := packages_model.SearchVersions(ctx, &packages_model.PackageSearchOptions{ | |||
Paginator: &db.ListOptions{ | |||
PageSize: repo_model.RepositoryListDefaultPageSize, | |||
Page: 1, | |||
}, | |||
OwnerID: userID, | |||
}) | |||
if err != nil { | |||
return count, fmt.Errorf("GetOwnedPackages[%d]: %w", userID, err) | |||
} | |||
if len(pkgVersions) == 0 { | |||
break | |||
} | |||
for _, pv := range pkgVersions { | |||
if err := DeletePackageVersionAndReferences(ctx, pv); err != nil { | |||
return count, fmt.Errorf("unable to delete package %d:%s[%d]. Error: %w", pv.PackageID, pv.Version, pv.ID, err) | |||
} | |||
count++ | |||
} | |||
} | |||
return count, nil | |||
} |
@@ -21,19 +21,116 @@ import ( | |||
repo_model "code.gitea.io/gitea/models/repo" | |||
user_model "code.gitea.io/gitea/models/user" | |||
"code.gitea.io/gitea/modules/avatar" | |||
"code.gitea.io/gitea/modules/eventsource" | |||
"code.gitea.io/gitea/modules/log" | |||
"code.gitea.io/gitea/modules/setting" | |||
"code.gitea.io/gitea/modules/storage" | |||
"code.gitea.io/gitea/modules/util" | |||
"code.gitea.io/gitea/services/packages" | |||
) | |||
// DeleteUser completely and permanently deletes everything of a user, | |||
// but issues/comments/pulls will be kept and shown as someone has been deleted, | |||
// unless the user is younger than USER_DELETE_WITH_COMMENTS_MAX_DAYS. | |||
func DeleteUser(u *user_model.User) error { | |||
func DeleteUser(ctx context.Context, u *user_model.User, purge bool) error { | |||
if u.IsOrganization() { | |||
return fmt.Errorf("%s is an organization not a user", u.Name) | |||
} | |||
if purge { | |||
// Disable the user first | |||
// NOTE: This is deliberately not within a transaction as it must disable the user immediately to prevent any further action by the user to be purged. | |||
if err := user_model.UpdateUserCols(ctx, &user_model.User{ | |||
ID: u.ID, | |||
IsActive: false, | |||
IsRestricted: true, | |||
IsAdmin: false, | |||
ProhibitLogin: true, | |||
Passwd: "", | |||
Salt: "", | |||
PasswdHashAlgo: "", | |||
MaxRepoCreation: 0, | |||
}, "is_active", "is_restricted", "is_admin", "prohibit_login", "max_repo_creation", "passwd", "salt", "passwd_hash_algo"); err != nil { | |||
return fmt.Errorf("unable to disable user: %s[%d] prior to purge. UpdateUserCols: %w", u.Name, u.ID, err) | |||
} | |||
// Force any logged in sessions to log out | |||
// FIXME: We also need to tell the session manager to log them out too. | |||
eventsource.GetManager().SendMessage(u.ID, &eventsource.Event{ | |||
Name: "logout", | |||
}) | |||
// Delete all repos belonging to this user | |||
// Now this is not within a transaction because there are internal transactions within the DeleteRepository | |||
// BUT: the db will still be consistent even if a number of repos have already been deleted. | |||
// And in fact we want to capture any repositories that are being created in other transactions in the meantime | |||
// | |||
// An alternative option here would be write a DeleteAllRepositoriesForUserID function which would delete all of the repos | |||
// but such a function would likely get out of date | |||
for { | |||
repos, _, err := repo_model.GetUserRepositories(&repo_model.SearchRepoOptions{ | |||
ListOptions: db.ListOptions{ | |||
PageSize: repo_model.RepositoryListDefaultPageSize, | |||
Page: 1, | |||
}, | |||
Private: true, | |||
OwnerID: u.ID, | |||
}) | |||
if err != nil { | |||
return fmt.Errorf("SearchRepositoryByName: %v", err) | |||
} | |||
if len(repos) == 0 { | |||
break | |||
} | |||
for _, repo := range repos { | |||
if err := models.DeleteRepository(u, u.ID, repo.ID); err != nil { | |||
return fmt.Errorf("unable to delete repository %s for %s[%d]. Error: %v", repo.Name, u.Name, u.ID, err) | |||
} | |||
} | |||
} | |||
// Remove from Organizations and delete last owner organizations | |||
// Now this is not within a transaction because there are internal transactions within the DeleteOrganization | |||
// BUT: the db will still be consistent even if a number of organizations memberships and organizations have already been deleted | |||
// And in fact we want to capture any organization additions that are being created in other transactions in the meantime | |||
// | |||
// An alternative option here would be write a function which would delete all organizations but it seems | |||
// but such a function would likely get out of date | |||
for { | |||
orgs, err := organization.FindOrgs(organization.FindOrgOptions{ | |||
ListOptions: db.ListOptions{ | |||
PageSize: repo_model.RepositoryListDefaultPageSize, | |||
Page: 1, | |||
}, | |||
UserID: u.ID, | |||
IncludePrivate: true, | |||
}) | |||
if err != nil { | |||
return fmt.Errorf("unable to find org list for %s[%d]. Error: %v", u.Name, u.ID, err) | |||
} | |||
if len(orgs) == 0 { | |||
break | |||
} | |||
for _, org := range orgs { | |||
if err := models.RemoveOrgUser(org.ID, u.ID); err != nil { | |||
if organization.IsErrLastOrgOwner(err) { | |||
err = organization.DeleteOrganization(ctx, org) | |||
} | |||
if err != nil { | |||
return fmt.Errorf("unable to remove user %s[%d] from org %s[%d]. Error: %v", u.Name, u.ID, org.Name, org.ID, err) | |||
} | |||
} | |||
} | |||
} | |||
// Delete Packages | |||
if setting.Packages.Enabled { | |||
if _, err := packages.RemoveAllPackages(ctx, u.ID); err != nil { | |||
return err | |||
} | |||
} | |||
} | |||
ctx, committer, err := db.TxContext() | |||
if err != nil { | |||
return err | |||
@@ -41,7 +138,8 @@ func DeleteUser(u *user_model.User) error { | |||
defer committer.Close() | |||
// Note: A user owns any repository or belongs to any organization | |||
// cannot perform delete operation. | |||
// cannot perform delete operation. This causes a race with the purge above | |||
// however consistency requires that we ensure that this is the case | |||
// Check ownership of repository. | |||
count, err := repo_model.CountRepositories(ctx, repo_model.CountRepositoryOptions{OwnerID: u.ID}) | |||
@@ -66,7 +164,7 @@ func DeleteUser(u *user_model.User) error { | |||
return models.ErrUserOwnPackages{UID: u.ID} | |||
} | |||
if err := models.DeleteUser(ctx, u); err != nil { | |||
if err := models.DeleteUser(ctx, u, purge); err != nil { | |||
return fmt.Errorf("DeleteUser: %v", err) | |||
} | |||
@@ -117,7 +215,7 @@ func DeleteInactiveUsers(ctx context.Context, olderThan time.Duration) error { | |||
return db.ErrCancelledf("Before delete inactive user %s", u.Name) | |||
default: | |||
} | |||
if err := DeleteUser(u); err != nil { | |||
if err := DeleteUser(ctx, u, false); err != nil { | |||
// Ignore users that were set inactive by admin. | |||
if models.IsErrUserOwnRepos(err) || models.IsErrUserHasOrgs(err) || models.IsErrUserOwnPackages(err) { | |||
continue |
@@ -33,7 +33,7 @@ func TestDeleteUser(t *testing.T) { | |||
ownedRepos := make([]*repo_model.Repository, 0, 10) | |||
assert.NoError(t, db.GetEngine(db.DefaultContext).Find(&ownedRepos, &repo_model.Repository{OwnerID: userID})) | |||
if len(ownedRepos) > 0 { | |||
err := DeleteUser(user) | |||
err := DeleteUser(db.DefaultContext, user, false) | |||
assert.Error(t, err) | |||
assert.True(t, models.IsErrUserOwnRepos(err)) | |||
return | |||
@@ -47,7 +47,7 @@ func TestDeleteUser(t *testing.T) { | |||
return | |||
} | |||
} | |||
assert.NoError(t, DeleteUser(user)) | |||
assert.NoError(t, DeleteUser(db.DefaultContext, user, false)) | |||
unittest.AssertNotExistsBean(t, &user_model.User{ID: userID}) | |||
unittest.CheckConsistencyFor(t, &user_model.User{}, &repo_model.Repository{}) | |||
} | |||
@@ -57,7 +57,7 @@ func TestDeleteUser(t *testing.T) { | |||
test(11) | |||
org := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 3}).(*user_model.User) | |||
assert.Error(t, DeleteUser(org)) | |||
assert.Error(t, DeleteUser(db.DefaultContext, org, false)) | |||
} | |||
func TestCreateUser(t *testing.T) { | |||
@@ -72,7 +72,7 @@ func TestCreateUser(t *testing.T) { | |||
assert.NoError(t, user_model.CreateUser(user)) | |||
assert.NoError(t, DeleteUser(user)) | |||
assert.NoError(t, DeleteUser(db.DefaultContext, user, false)) | |||
} | |||
func TestCreateUser_Issue5882(t *testing.T) { | |||
@@ -101,6 +101,6 @@ func TestCreateUser_Issue5882(t *testing.T) { | |||
assert.Equal(t, !u.AllowCreateOrganization, v.disableOrgCreation) | |||
assert.NoError(t, DeleteUser(v.user)) | |||
assert.NoError(t, DeleteUser(db.DefaultContext, v.user, false)) | |||
} | |||
} |
@@ -151,7 +151,7 @@ | |||
<div class="field"> | |||
<button class="ui green button">{{.locale.Tr "admin.users.update_profile"}}</button> | |||
<div class="ui red button delete-button" data-url="{{$.Link}}/delete" data-id="{{.User.ID}}">{{.locale.Tr "admin.users.delete_account"}}</div> | |||
<div class="ui red button show-modal" data-modal="#delete-user-modal" data-url="{{$.Link}}/delete" data-id="{{.User.ID}}">{{.locale.Tr "admin.users.delete_account"}}</div> | |||
</div> | |||
</form> | |||
</div> | |||
@@ -196,7 +196,7 @@ | |||
</div> | |||
</div> | |||
<div class="ui small basic delete modal"> | |||
<div class="ui small basic delete modal" id="delete-user-modal"> | |||
<div class="ui icon header"> | |||
{{svg "octicon-trash"}} | |||
{{.locale.Tr "settings.delete_account_title"}} | |||
@@ -204,6 +204,17 @@ | |||
<div class="content"> | |||
<p>{{.locale.Tr "settings.delete_account_desc"}}</p> | |||
</div> | |||
{{template "base/delete_modal_actions" .}} | |||
<form class="ui form" method="POST" action="{{.Link}}/delete"> | |||
{{$.CsrfTokenHtml}} | |||
<input type="hidden" name="id"> | |||
<div class="field"> | |||
<div class="ui checkbox"> | |||
<label for="purge">{{.locale.Tr "admin.users.purge"}}</label> | |||
<input name="purge" type="checkbox"> | |||
</div> | |||
<p class="help">{{.locale.Tr "admin.users.purge_help"}}</p> | |||
</div> | |||
{{template "base/delete_modal_actions" .}} | |||
</form> | |||
</div> | |||
{{template "base/footer" .}} |