From: Fabrice Bellingard <bellingard@gmail.com>
Date: Fri, 10 Feb 2012 17:43:25 +0000 (+0100)
Subject: SONAR-3258 No more delete users in the Sonar DB but deactivate them
X-Git-Tag: 2.14~112
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=c2cb97c242b64f0815d01ed5fa193fffadc97bca;p=sonarqube.git

SONAR-3258 No more delete users in the Sonar DB but deactivate them

- When deleting:
  - user is deactivated ('active' set to false)
  - its roles are deleted
  - its properties are deleted
  - its filters & active filters are deleted
  - its dashbaords & active dashboards are deleted
- Login is now not possible for deactivated users
---

diff --git a/sonar-core/src/main/java/org/sonar/jpa/entity/SchemaMigration.java b/sonar-core/src/main/java/org/sonar/jpa/entity/SchemaMigration.java
index 2cddd8ca3b8..5b77f98c423 100644
--- a/sonar-core/src/main/java/org/sonar/jpa/entity/SchemaMigration.java
+++ b/sonar-core/src/main/java/org/sonar/jpa/entity/SchemaMigration.java
@@ -34,7 +34,7 @@ public class SchemaMigration {
 
   public final static int VERSION_UNKNOWN = -1;
 
-  public static final int LAST_VERSION = 256;
+  public static final int LAST_VERSION = 257;
   public static final int VERSION_2_13 = 241;
 
   public final static String TABLE_NAME = "schema_migrations";
diff --git a/sonar-core/src/main/resources/org/sonar/core/persistence/rows-derby.sql b/sonar-core/src/main/resources/org/sonar/core/persistence/rows-derby.sql
index 5bc729a4199..26a063c5a2e 100644
--- a/sonar-core/src/main/resources/org/sonar/core/persistence/rows-derby.sql
+++ b/sonar-core/src/main/resources/org/sonar/core/persistence/rows-derby.sql
@@ -174,6 +174,7 @@ INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('252');
 INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('254');
 INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('255');
 INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('256');
+INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('257');
 
 INSERT INTO USERS(ID, LOGIN, NAME, EMAIL, CRYPTED_PASSWORD, SALT, CREATED_AT, UPDATED_AT, REMEMBER_TOKEN, REMEMBER_TOKEN_EXPIRES_AT) VALUES (1, 'admin', 'Administrator', '', 'a373a0e667abb2604c1fd571eb4ad47fe8cc0878', '48bc4b0d93179b5103fd3885ea9119498e9d161b', '2011-09-26 22:27:48.0', '2011-09-26 22:27:48.0', null, null);
 ALTER TABLE USERS ALTER COLUMN ID RESTART WITH 2;
diff --git a/sonar-core/src/main/resources/org/sonar/core/persistence/schema-derby.ddl b/sonar-core/src/main/resources/org/sonar/core/persistence/schema-derby.ddl
index 33f37c08298..99696f47e54 100644
--- a/sonar-core/src/main/resources/org/sonar/core/persistence/schema-derby.ddl
+++ b/sonar-core/src/main/resources/org/sonar/core/persistence/schema-derby.ddl
@@ -395,7 +395,8 @@ CREATE TABLE "USERS" (
   "CREATED_AT" TIMESTAMP,
   "UPDATED_AT" TIMESTAMP,
   "REMEMBER_TOKEN" VARCHAR(500),
-  "REMEMBER_TOKEN_EXPIRES_AT" TIMESTAMP
+  "REMEMBER_TOKEN_EXPIRES_AT" TIMESTAMP,
+  "ACTIVE" BOOLEAN DEFAULT TRUE,
 );
 
 CREATE TABLE "FILTERS" (
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb
index 9edb145c3c0..dc153eeca3f 100644
--- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/sessions_controller.rb
@@ -28,7 +28,7 @@ class SessionsController < ApplicationController
     return unless request.post?
     
     self.current_user = User.authenticate(params[:login], params[:password])
-    if logged_in?
+    if logged_in? && current_user.active
       if params[:remember_me] == '1'
         self.current_user.remember_me
         cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/users_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/users_controller.rb
index f367c4371ab..fdb33b76046 100644
--- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/users_controller.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/users_controller.rb
@@ -50,7 +50,7 @@ class UsersController < ApplicationController
   end
 
   def index
-    @users = User.find(:all, :include => 'groups')
+    @users = User.find(:all, :conditions => ["active=?", true], :include => 'groups')
     if params[:id]
       @user = User.find(params[:id])
     else
@@ -104,7 +104,8 @@ class UsersController < ApplicationController
     if current_user.id==@user.id
       flash[:error] = 'Please log in with another user in order to delete yourself.'
 
-    elsif @user.destroy
+    else
+      @user.deactivate
       flash[:notice] = 'User is deleted.'
     end
 
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb b/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb
index ac30cd3aee4..e7f4cc66dbd 100644
--- a/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb
@@ -25,7 +25,9 @@ class User < ActiveRecord::Base
 
   has_and_belongs_to_many :groups
   has_many :user_roles, :dependent => :delete_all
+
   has_many :properties, :foreign_key => 'user_id', :dependent => :delete_all
+
   has_many :active_filters, :include => 'filter', :order => 'order_index'
   has_many :filters, :dependent => :destroy
 
@@ -38,7 +40,7 @@ class User < ActiveRecord::Base
   include NeedAuthorization::ForUser
   include NeedAuthentication::ForUser
 
-  validates_length_of       :name, :maximum => 200, :allow_blank => true, :allow_nil => true
+  validates_length_of       :name,  :maximum => 200, :allow_blank => true, :allow_nil => true
   validates_length_of       :email, :maximum => 100, :allow_blank => true, :allow_nil => true
 
   # The following two validations not needed, because they come with Authentication::ByPassword - see SONAR-2656
@@ -47,7 +49,7 @@ class User < ActiveRecord::Base
 
   validates_presence_of     :login
   validates_length_of       :login,    :within => 2..40
-  validates_uniqueness_of   :login, :case_sensitive => true
+  validates_uniqueness_of   :login,    :case_sensitive => true
   validates_format_of       :login,    :with => Authentication.login_regex, :message => Authentication.bad_login_message
   
 
@@ -82,6 +84,18 @@ class User < ActiveRecord::Base
     return 1 if other.name.nil?
     name.downcase<=>other.name.downcase
   end
+  
+  # SONAR-3258 : we do not delete users anymore. Users are just deactivated.
+  # However, all related data is removed from the DB.
+  def deactivate
+    self.active = false
+    self.save!
+    self.user_roles.each {|role| role.delete}
+    self.properties.each {|prop| prop.delete}
+    self.filters.each {|f| f.destroy}
+    self.dashboards.each {|d| d.destroy}
+    self.active_dashboards.each {|ad| ad.destroy}    
+  end
 
 
   #---------------------------------------------------------------------
diff --git a/sonar-server/src/main/webapp/WEB-INF/db/migrate/257_add_active_field_on_users.rb b/sonar-server/src/main/webapp/WEB-INF/db/migrate/257_add_active_field_on_users.rb
new file mode 100644
index 00000000000..ddcb1b06d41
--- /dev/null
+++ b/sonar-server/src/main/webapp/WEB-INF/db/migrate/257_add_active_field_on_users.rb
@@ -0,0 +1,36 @@
+#
+# Sonar, entreprise quality control tool.
+# Copyright (C) 2008-2012 SonarSource
+# mailto:contact AT sonarsource DOT com
+#
+# Sonar is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 3 of the License, or (at your option) any later version.
+#
+# Sonar is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with Sonar; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02
+#
+
+#
+# Sonar 2.14
+#
+class AddActiveFieldOnUsers < ActiveRecord::Migration
+
+  def self.up
+    add_column 'users', 'active', :boolean, :null => true, :default => true
+    User.reset_column_information
+    
+    User.find(:all).each do |user|
+      user.active = true
+      user.save
+    end
+  end
+
+end
diff --git a/sonar-server/src/main/webapp/WEB-INF/db/migrate/README.txt b/sonar-server/src/main/webapp/WEB-INF/db/migrate/README.txt
index 39c1ac7f02a..e22d74cd5d7 100644
--- a/sonar-server/src/main/webapp/WEB-INF/db/migrate/README.txt
+++ b/sonar-server/src/main/webapp/WEB-INF/db/migrate/README.txt
@@ -6,7 +6,7 @@ HOW TO ADD A MIGRATION
   + sonar-core/src/main/resources/org/sonar/core/persistence/rows-derby.sql :
     - add "INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('<THE MIGRATION ID>')"
 * Update the migration id defined in sonar-core/src/main/java/org/sonar/jpa/entity/SchemaMigration.java
-* If a table is addded or removed, then edit sonar-core/src/main/java/org/sonar/core/persistence/DatabaseUtils.java
+* If a table is added or removed, then edit sonar-core/src/main/java/org/sonar/core/persistence/DatabaseUtils.java