forgejo/services/user/delete.go

220 lines
7.1 KiB
Go
Raw Normal View History

// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
2014-04-10 18:20:58 +00:00
package user
2014-04-10 18:20:58 +00:00
import (
"context"
2014-04-10 18:20:58 +00:00
"fmt"
"time"
_ "image/jpeg" // Needed for jpeg support
actions_model "code.gitea.io/gitea/models/actions"
activities_model "code.gitea.io/gitea/models/activities"
asymkey_model "code.gitea.io/gitea/models/asymkey"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db"
git_model "code.gitea.io/gitea/models/git"
issues_model "code.gitea.io/gitea/models/issues"
"code.gitea.io/gitea/models/organization"
access_model "code.gitea.io/gitea/models/perm/access"
pull_model "code.gitea.io/gitea/models/pull"
repo_model "code.gitea.io/gitea/models/repo"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/setting"
[MODERATION] Purge issues on user deletion - Forgejo has the option to delete users, in which all data except issues and comments are removed, this makes sense in some cases where users need to be removed cleanly but without removing their existing bug reports or comments to an discussion. In the case of spammers, admins have the option to enable purging, where comments are removed. - Add issues to the list of things to be removed if purge is checked. - No unit testing, as this gigantic function doesn't have one to begin with. - Add integration test. - Resolves https://codeberg.org/forgejo/forgejo/issues/1268 (cherry picked from commit 3ed381c75826ffc6834fd54943f71579c060c16d) (cherry picked from commit 44d00650ce77bd4395892a62a64a90829578c81d) (cherry picked from commit 7f4da82779fa1d761b5fe045d3e0b4b2627638c0) (cherry picked from commit d629314def8e3e6d0f78184aa584fa57ece18bb1) Conflicts: models/fixtures/issue.yml https://codeberg.org/forgejo/forgejo/pulls/1508 (cherry picked from commit 794dcc218f2c0c53028aaf617407d46bddda57f3) (cherry picked from commit c433f2ecb60669e5c8748912b30c0433d5fe507a) (cherry picked from commit bb23683f4b10a504da677843bc2ae2b73ec299c4) (cherry picked from commit 634c5604d430b1b531467783bc70bb4efbee023d) (cherry picked from commit 492ff6379adab7dba1f55e6037fd7be7d8804a0d) (cherry picked from commit 496b04f8e7dfe5e52fa1ab5c81591c548b588897) (cherry picked from commit 3c6e5fca849ef6621bd5e2767f78139abcf44f2a) (cherry picked from commit b309d0b54914a73dec2c075265dc2b5a70e62ac2)
2023-08-26 21:10:42 +00:00
issue_service "code.gitea.io/gitea/services/issue"
"xorm.io/builder"
2014-04-10 18:20:58 +00:00
)
// deleteUser deletes models associated to an user.
func deleteUser(ctx context.Context, u *user_model.User, purge bool) (err error) {
e := db.GetEngine(ctx)
2014-06-27 07:37:01 +00:00
2015-08-17 09:05:37 +00:00
// ***** START: Watch *****
watchedRepoIDs, err := db.FindIDs(ctx, "watch", "watch.repo_id",
builder.Eq{"watch.user_id": u.ID}.
And(builder.Neq{"watch.mode": repo_model.WatchModeDont}))
if err != nil {
return fmt.Errorf("get all watches: %w", err)
2014-04-10 18:20:58 +00:00
}
if err = db.DecrByIDs(ctx, watchedRepoIDs, "num_watches", new(repo_model.Repository)); err != nil {
return fmt.Errorf("decrease repository num_watches: %w", err)
2014-04-12 01:47:39 +00:00
}
2015-08-17 09:05:37 +00:00
// ***** END: Watch *****
2015-08-17 09:05:37 +00:00
// ***** START: Star *****
starredRepoIDs, err := db.FindIDs(ctx, "star", "star.repo_id",
builder.Eq{"star.uid": u.ID})
if err != nil {
return fmt.Errorf("get all stars: %w", err)
} else if err = db.DecrByIDs(ctx, starredRepoIDs, "num_stars", new(repo_model.Repository)); err != nil {
return fmt.Errorf("decrease repository num_stars: %w", err)
2015-08-17 09:05:37 +00:00
}
// ***** END: Star *****
2015-08-17 09:05:37 +00:00
// ***** START: Follow *****
followeeIDs, err := db.FindIDs(ctx, "follow", "follow.follow_id",
builder.Eq{"follow.user_id": u.ID})
if err != nil {
return fmt.Errorf("get all followees: %w", err)
} else if err = db.DecrByIDs(ctx, followeeIDs, "num_followers", new(user_model.User)); err != nil {
return fmt.Errorf("decrease user num_followers: %w", err)
2015-08-17 09:05:37 +00:00
}
followerIDs, err := db.FindIDs(ctx, "follow", "follow.user_id",
builder.Eq{"follow.follow_id": u.ID})
if err != nil {
return fmt.Errorf("get all followers: %w", err)
} else if err = db.DecrByIDs(ctx, followerIDs, "num_following", new(user_model.User)); err != nil {
return fmt.Errorf("decrease user num_following: %w", err)
2014-04-10 18:20:58 +00:00
}
2015-08-17 09:05:37 +00:00
// ***** END: Follow *****
if err = db.DeleteBeans(ctx,
&auth_model.AccessToken{UID: u.ID},
&repo_model.Collaboration{UserID: u.ID},
&access_model.Access{UserID: u.ID},
&repo_model.Watch{UserID: u.ID},
&repo_model.Star{UID: u.ID},
&user_model.Follow{UserID: u.ID},
&user_model.Follow{FollowID: u.ID},
&activities_model.Action{UserID: u.ID},
&issues_model.IssueUser{UID: u.ID},
&user_model.EmailAddress{UID: u.ID},
&user_model.UserOpenID{UID: u.ID},
&issues_model.Reaction{UserID: u.ID},
&organization.TeamUser{UID: u.ID},
&issues_model.Stopwatch{UserID: u.ID},
&user_model.Setting{UserID: u.ID},
&user_model.UserBadge{UserID: u.ID},
&pull_model.AutoMerge{DoerID: u.ID},
&pull_model.ReviewState{UserID: u.ID},
&user_model.Redirect{RedirectUserID: u.ID},
&actions_model.ActionRunner{OwnerID: u.ID},
); err != nil {
return fmt.Errorf("deleteBeans: %w", err)
2014-04-10 18:20:58 +00:00
}
if err := auth_model.DeleteOAuth2RelictsByUserID(ctx, u.ID); err != nil {
return err
}
if purge || (setting.Service.UserDeleteWithCommentsMaxTime != 0 &&
u.CreatedUnix.AsTime().Add(setting.Service.UserDeleteWithCommentsMaxTime).After(time.Now())) {
// Delete Comments
const batchSize = 50
for {
comments := make([]*issues_model.Comment, 0, batchSize)
if err = e.Where("type=? AND poster_id=?", issues_model.CommentTypeComment, u.ID).Limit(batchSize, 0).Find(&comments); err != nil {
return err
}
if len(comments) == 0 {
break
}
for _, comment := range comments {
if err = issues_model.DeleteComment(ctx, comment); err != nil {
return err
}
}
}
// Delete Reactions
if err = issues_model.DeleteReaction(ctx, &issues_model.ReactionOptions{DoerID: u.ID}); err != nil {
return err
}
}
[MODERATION] Purge issues on user deletion - Forgejo has the option to delete users, in which all data except issues and comments are removed, this makes sense in some cases where users need to be removed cleanly but without removing their existing bug reports or comments to an discussion. In the case of spammers, admins have the option to enable purging, where comments are removed. - Add issues to the list of things to be removed if purge is checked. - No unit testing, as this gigantic function doesn't have one to begin with. - Add integration test. - Resolves https://codeberg.org/forgejo/forgejo/issues/1268 (cherry picked from commit 3ed381c75826ffc6834fd54943f71579c060c16d) (cherry picked from commit 44d00650ce77bd4395892a62a64a90829578c81d) (cherry picked from commit 7f4da82779fa1d761b5fe045d3e0b4b2627638c0) (cherry picked from commit d629314def8e3e6d0f78184aa584fa57ece18bb1) Conflicts: models/fixtures/issue.yml https://codeberg.org/forgejo/forgejo/pulls/1508 (cherry picked from commit 794dcc218f2c0c53028aaf617407d46bddda57f3) (cherry picked from commit c433f2ecb60669e5c8748912b30c0433d5fe507a) (cherry picked from commit bb23683f4b10a504da677843bc2ae2b73ec299c4) (cherry picked from commit 634c5604d430b1b531467783bc70bb4efbee023d) (cherry picked from commit 492ff6379adab7dba1f55e6037fd7be7d8804a0d) (cherry picked from commit 496b04f8e7dfe5e52fa1ab5c81591c548b588897) (cherry picked from commit 3c6e5fca849ef6621bd5e2767f78139abcf44f2a) (cherry picked from commit b309d0b54914a73dec2c075265dc2b5a70e62ac2)
2023-08-26 21:10:42 +00:00
// ***** START: Issues *****
if purge {
const batchSize = 50
for {
issues := make([]*issues_model.Issue, 0, batchSize)
if err = e.Where("poster_id=?", u.ID).Limit(batchSize, 0).Find(&issues); err != nil {
return err
}
if len(issues) == 0 {
break
}
for _, issue := range issues {
// NOTE: Don't open git repositories just to remove the reference data,
// `git gc` is able to remove that reference which is run as a cron job
// by default. Also use the deleted user as doer to delete the issue.
if err = issue_service.DeleteIssue(ctx, u, nil, issue); err != nil {
return err
}
}
}
}
// ***** END: Issues *****
// ***** START: Branch Protections *****
{
const batchSize = 50
for start := 0; ; start += batchSize {
protections := make([]*git_model.ProtectedBranch, 0, batchSize)
// @perf: We can't filter on DB side by u.ID, as those IDs are serialized as JSON strings.
// We could filter down with `WHERE repo_id IN (reposWithPushPermission(u))`,
// though that query will be quite complex and tricky to maintain (compare `getRepoAssignees()`).
// Also, as we didn't update branch protections when removing entries from `access` table,
// it's safer to iterate all protected branches.
if err = e.Limit(batchSize, start).Find(&protections); err != nil {
return fmt.Errorf("findProtectedBranches: %w", err)
}
if len(protections) == 0 {
break
}
for _, p := range protections {
if err := git_model.RemoveUserIDFromProtectedBranch(ctx, p, u.ID); err != nil {
return err
}
}
}
}
// ***** END: Branch Protections *****
2015-08-17 09:05:37 +00:00
// ***** START: PublicKey *****
if _, err = db.DeleteByBean(ctx, &asymkey_model.PublicKey{OwnerID: u.ID}); err != nil {
return fmt.Errorf("deletePublicKeys: %w", err)
2014-04-10 18:20:58 +00:00
}
2015-08-17 09:05:37 +00:00
// ***** END: PublicKey *****
2014-04-10 18:20:58 +00:00
// ***** START: GPGPublicKey *****
keys, err := asymkey_model.ListGPGKeys(ctx, u.ID, db.ListOptions{})
if err != nil {
return fmt.Errorf("ListGPGKeys: %w", err)
}
// Delete GPGKeyImport(s).
for _, key := range keys {
if _, err = db.DeleteByBean(ctx, &asymkey_model.GPGKeyImport{KeyID: key.KeyID}); err != nil {
return fmt.Errorf("deleteGPGKeyImports: %w", err)
}
}
if _, err = db.DeleteByBean(ctx, &asymkey_model.GPGKey{OwnerID: u.ID}); err != nil {
return fmt.Errorf("deleteGPGKeys: %w", err)
}
// ***** END: GPGPublicKey *****
// Clear assignee.
if _, err = db.DeleteByBean(ctx, &issues_model.IssueAssignees{AssigneeID: u.ID}); err != nil {
return fmt.Errorf("clear assignee: %w", err)
}
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 07:14:37 +00:00
// ***** START: ExternalLoginUser *****
if err = user_model.RemoveAllAccountLinks(ctx, u); err != nil {
return fmt.Errorf("ExternalLoginUser: %w", err)
Oauth2 consumer (#679) * initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 07:14:37 +00:00
}
// ***** END: ExternalLoginUser *****
if _, err = db.DeleteByID(ctx, u.ID, new(user_model.User)); err != nil {
return fmt.Errorf("delete: %w", err)
}
2015-08-17 09:05:37 +00:00
return nil
2014-06-21 04:51:41 +00:00
}