Move user/org deletion to services (#17673)

This commit is contained in:
KN4CK3R 2021-11-18 18:42:27 +01:00 committed by GitHub
parent 55be5fe339
commit f34151bdb2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
24 changed files with 382 additions and 301 deletions

View file

@ -26,6 +26,7 @@ import (
auth_service "code.gitea.io/gitea/services/auth" auth_service "code.gitea.io/gitea/services/auth"
"code.gitea.io/gitea/services/auth/source/oauth2" "code.gitea.io/gitea/services/auth/source/oauth2"
repo_service "code.gitea.io/gitea/services/repository" repo_service "code.gitea.io/gitea/services/repository"
user_service "code.gitea.io/gitea/services/user"
"github.com/urfave/cli" "github.com/urfave/cli"
) )
@ -534,7 +535,7 @@ func runDeleteUser(c *cli.Context) error {
return fmt.Errorf("The user %s does not match the provided id %d", user.Name, c.Int64("id")) return fmt.Errorf("The user %s does not match the provided id %d", user.Name, c.Int64("id"))
} }
return models.DeleteUser(user) return user_service.DeleteUser(user)
} }
func runRepoSyncReleases(_ *cli.Context) error { func runRepoSyncReleases(_ *cli.Context) error {

View file

@ -43,12 +43,7 @@ func (n *Notice) TrStr() string {
} }
// CreateNotice creates new system notice. // CreateNotice creates new system notice.
func CreateNotice(tp NoticeType, desc string, args ...interface{}) error { func CreateNotice(ctx context.Context, tp NoticeType, desc string, args ...interface{}) error {
return CreateNoticeCtx(db.DefaultContext, tp, desc, args...)
}
// CreateNoticeCtx creates new system notice.
func CreateNoticeCtx(ctx context.Context, tp NoticeType, desc string, args ...interface{}) error {
if len(args) > 0 { if len(args) > 0 {
desc = fmt.Sprintf(desc, args...) desc = fmt.Sprintf(desc, args...)
} }
@ -61,38 +56,28 @@ func CreateNoticeCtx(ctx context.Context, tp NoticeType, desc string, args ...in
// CreateRepositoryNotice creates new system notice with type NoticeRepository. // CreateRepositoryNotice creates new system notice with type NoticeRepository.
func CreateRepositoryNotice(desc string, args ...interface{}) error { func CreateRepositoryNotice(desc string, args ...interface{}) error {
return CreateNoticeCtx(db.DefaultContext, NoticeRepository, desc, args...) return CreateNotice(db.DefaultContext, NoticeRepository, desc, args...)
} }
// RemoveAllWithNotice removes all directories in given path and // RemoveAllWithNotice removes all directories in given path and
// creates a system notice when error occurs. // creates a system notice when error occurs.
func RemoveAllWithNotice(title, path string) { func RemoveAllWithNotice(ctx context.Context, title, path string) {
RemoveAllWithNoticeCtx(db.DefaultContext, title, path) if err := util.RemoveAll(path); err != nil {
}
// RemoveStorageWithNotice removes a file from the storage and
// creates a system notice when error occurs.
func RemoveStorageWithNotice(bucket storage.ObjectStorage, title, path string) {
removeStorageWithNotice(db.DefaultContext, bucket, title, path)
}
func removeStorageWithNotice(ctx context.Context, bucket storage.ObjectStorage, title, path string) {
if err := bucket.Delete(path); err != nil {
desc := fmt.Sprintf("%s [%s]: %v", title, path, err) desc := fmt.Sprintf("%s [%s]: %v", title, path, err)
log.Warn(title+" [%s]: %v", path, err) log.Warn(title+" [%s]: %v", path, err)
if err = CreateNoticeCtx(ctx, NoticeRepository, desc); err != nil { if err = CreateNotice(ctx, NoticeRepository, desc); err != nil {
log.Error("CreateRepositoryNotice: %v", err) log.Error("CreateRepositoryNotice: %v", err)
} }
} }
} }
// RemoveAllWithNoticeCtx removes all directories in given path and // RemoveStorageWithNotice removes a file from the storage and
// creates a system notice when error occurs. // creates a system notice when error occurs.
func RemoveAllWithNoticeCtx(ctx context.Context, title, path string) { func RemoveStorageWithNotice(ctx context.Context, bucket storage.ObjectStorage, title, path string) {
if err := util.RemoveAll(path); err != nil { if err := bucket.Delete(path); err != nil {
desc := fmt.Sprintf("%s [%s]: %v", title, path, err) desc := fmt.Sprintf("%s [%s]: %v", title, path, err)
log.Warn(title+" [%s]: %v", path, err) log.Warn(title+" [%s]: %v", path, err)
if err = CreateNoticeCtx(ctx, NoticeRepository, desc); err != nil { if err = CreateNotice(ctx, NoticeRepository, desc); err != nil {
log.Error("CreateRepositoryNotice: %v", err) log.Error("CreateRepositoryNotice: %v", err)
} }
} }

View file

@ -7,6 +7,7 @@ package admin
import ( import (
"testing" "testing"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/unittest" "code.gitea.io/gitea/models/unittest"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
@ -28,7 +29,7 @@ func TestCreateNotice(t *testing.T) {
Description: "test description", Description: "test description",
} }
unittest.AssertNotExistsBean(t, noticeBean) unittest.AssertNotExistsBean(t, noticeBean)
assert.NoError(t, CreateNotice(noticeBean.Type, noticeBean.Description)) assert.NoError(t, CreateNotice(db.DefaultContext, noticeBean.Type, noticeBean.Description))
unittest.AssertExistsAndLoadBean(t, noticeBean) unittest.AssertExistsAndLoadBean(t, noticeBean)
} }

View file

@ -128,7 +128,7 @@ func DeleteOrphanedIssues() error {
// Remove issue attachment files. // Remove issue attachment files.
for i := range attachmentPaths { for i := range attachmentPaths {
admin_model.RemoveAllWithNoticeCtx(db.DefaultContext, "Delete issue attachment", attachmentPaths[i]) admin_model.RemoveAllWithNotice(db.DefaultContext, "Delete issue attachment", attachmentPaths[i])
} }
return nil return nil
} }

View file

@ -6,6 +6,7 @@
package models package models
import ( import (
"context"
"fmt" "fmt"
"strings" "strings"
@ -14,9 +15,7 @@ import (
user_model "code.gitea.io/gitea/models/user" user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/storage"
"code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/modules/util"
"xorm.io/builder" "xorm.io/builder"
"xorm.io/xorm" "xorm.io/xorm"
@ -254,68 +253,23 @@ func CountOrganizations() int64 {
return count return count
} }
// DeleteOrganization completely and permanently deletes everything of organization. // DeleteOrganization deletes models associated to an organization.
func DeleteOrganization(org *User) (err error) { func DeleteOrganization(ctx context.Context, org *User) error {
if !org.IsOrganization() { e := db.GetEngine(ctx)
return fmt.Errorf("%s is a user not an organization", org.Name)
}
sess := db.NewSession(db.DefaultContext)
defer sess.Close()
if err = sess.Begin(); err != nil {
return err
}
if err = deleteOrg(sess, org); err != nil {
if IsErrUserOwnRepos(err) {
return err
} else if err != nil {
return fmt.Errorf("deleteOrg: %v", err)
}
}
return sess.Commit()
}
func deleteOrg(e *xorm.Session, u *User) error {
// Check ownership of repository.
count, err := getRepositoryCount(e, u)
if err != nil {
return fmt.Errorf("GetRepositoryCount: %v", err)
} else if count > 0 {
return ErrUserOwnRepos{UID: u.ID}
}
if err := deleteBeans(e, if err := deleteBeans(e,
&Team{OrgID: u.ID}, &Team{OrgID: org.ID},
&OrgUser{OrgID: u.ID}, &OrgUser{OrgID: org.ID},
&TeamUser{OrgID: u.ID}, &TeamUser{OrgID: org.ID},
&TeamUnit{OrgID: u.ID}, &TeamUnit{OrgID: org.ID},
); err != nil { ); err != nil {
return fmt.Errorf("deleteBeans: %v", err) return fmt.Errorf("deleteBeans: %v", err)
} }
if _, err = e.ID(u.ID).Delete(new(User)); err != nil { if _, err := e.ID(org.ID).Delete(new(User)); err != nil {
return fmt.Errorf("Delete: %v", err) return fmt.Errorf("Delete: %v", err)
} }
// FIXME: system notice
// Note: There are something just cannot be roll back,
// so just keep error logs of those operations.
path := UserPath(u.Name)
if err := util.RemoveAll(path); err != nil {
return fmt.Errorf("Failed to RemoveAll %s: %v", path, err)
}
if len(u.Avatar) > 0 {
avatarPath := u.CustomAvatarRelativePath()
if err := storage.Avatars.Delete(avatarPath); err != nil {
return fmt.Errorf("Failed to remove %s: %v", avatarPath, err)
}
}
return nil return nil
} }

View file

@ -261,24 +261,6 @@ func TestCountOrganizations(t *testing.T) {
assert.Equal(t, expected, CountOrganizations()) assert.Equal(t, expected, CountOrganizations())
} }
func TestDeleteOrganization(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
org := unittest.AssertExistsAndLoadBean(t, &User{ID: 6}).(*User)
assert.NoError(t, DeleteOrganization(org))
unittest.AssertNotExistsBean(t, &User{ID: 6})
unittest.AssertNotExistsBean(t, &OrgUser{OrgID: 6})
unittest.AssertNotExistsBean(t, &Team{OrgID: 6})
org = unittest.AssertExistsAndLoadBean(t, &User{ID: 3}).(*User)
err := DeleteOrganization(org)
assert.Error(t, err)
assert.True(t, IsErrUserOwnRepos(err))
user := unittest.AssertExistsAndLoadBean(t, &User{ID: 5}).(*User)
assert.Error(t, DeleteOrganization(user))
unittest.CheckConsistencyFor(t, &User{}, &Team{})
}
func TestIsOrganizationOwner(t *testing.T) { func TestIsOrganizationOwner(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase()) assert.NoError(t, unittest.PrepareTestDatabase())
test := func(orgID, userID int64, expected bool) { test := func(orgID, userID int64, expected bool) {

View file

@ -134,7 +134,7 @@ func NewRepoContext() {
loadRepoConfig() loadRepoConfig()
unit.LoadUnitConfig() unit.LoadUnitConfig()
admin_model.RemoveAllWithNotice("Clean up repository temporary data", filepath.Join(setting.AppDataPath, "tmp")) admin_model.RemoveAllWithNotice(db.DefaultContext, "Clean up repository temporary data", filepath.Join(setting.AppDataPath, "tmp"))
} }
// RepositoryStatus defines the status of repository // RepositoryStatus defines the status of repository
@ -1649,36 +1649,36 @@ func DeleteRepository(doer *User, uid, repoID int64) error {
// Remove repository files. // Remove repository files.
repoPath := repo.RepoPath() repoPath := repo.RepoPath()
admin_model.RemoveAllWithNotice("Delete repository files", repoPath) admin_model.RemoveAllWithNotice(db.DefaultContext, "Delete repository files", repoPath)
// Remove wiki files // Remove wiki files
if repo.HasWiki() { if repo.HasWiki() {
admin_model.RemoveAllWithNotice("Delete repository wiki", repo.WikiPath()) admin_model.RemoveAllWithNotice(db.DefaultContext, "Delete repository wiki", repo.WikiPath())
} }
// Remove archives // Remove archives
for i := range archivePaths { for i := range archivePaths {
admin_model.RemoveStorageWithNotice(storage.RepoArchives, "Delete repo archive file", archivePaths[i]) admin_model.RemoveStorageWithNotice(db.DefaultContext, storage.RepoArchives, "Delete repo archive file", archivePaths[i])
} }
// Remove lfs objects // Remove lfs objects
for i := range lfsPaths { for i := range lfsPaths {
admin_model.RemoveStorageWithNotice(storage.LFS, "Delete orphaned LFS file", lfsPaths[i]) admin_model.RemoveStorageWithNotice(db.DefaultContext, storage.LFS, "Delete orphaned LFS file", lfsPaths[i])
} }
// Remove issue attachment files. // Remove issue attachment files.
for i := range attachmentPaths { for i := range attachmentPaths {
admin_model.RemoveStorageWithNotice(storage.Attachments, "Delete issue attachment", attachmentPaths[i]) admin_model.RemoveStorageWithNotice(db.DefaultContext, storage.Attachments, "Delete issue attachment", attachmentPaths[i])
} }
// Remove release attachment files. // Remove release attachment files.
for i := range releaseAttachments { for i := range releaseAttachments {
admin_model.RemoveStorageWithNotice(storage.Attachments, "Delete release attachment", releaseAttachments[i]) admin_model.RemoveStorageWithNotice(db.DefaultContext, storage.Attachments, "Delete release attachment", releaseAttachments[i])
} }
// Remove attachment with no issue_id and release_id. // Remove attachment with no issue_id and release_id.
for i := range newAttachmentPaths { for i := range newAttachmentPaths {
admin_model.RemoveStorageWithNotice(storage.Attachments, "Delete issue attachment", attachmentPaths[i]) admin_model.RemoveStorageWithNotice(db.DefaultContext, storage.Attachments, "Delete issue attachment", attachmentPaths[i])
} }
if len(repo.Avatar) > 0 { if len(repo.Avatar) > 0 {
@ -1803,8 +1803,8 @@ func getPrivateRepositoryCount(e db.Engine, u *User) (int64, error) {
} }
// GetRepositoryCount returns the total number of repositories of user. // GetRepositoryCount returns the total number of repositories of user.
func GetRepositoryCount(u *User) (int64, error) { func GetRepositoryCount(ctx context.Context, u *User) (int64, error) {
return getRepositoryCount(db.GetEngine(db.DefaultContext), u) return getRepositoryCount(db.GetEngine(ctx), u)
} }
// GetPublicRepositoryCount returns the total number of public repositories of user. // GetPublicRepositoryCount returns the total number of public repositories of user.

View file

@ -71,7 +71,7 @@ func TestMetas(t *testing.T) {
func TestGetRepositoryCount(t *testing.T) { func TestGetRepositoryCount(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase()) assert.NoError(t, unittest.PrepareTestDatabase())
count, err1 := GetRepositoryCount(&User{ID: int64(10)}) count, err1 := GetRepositoryCount(db.DefaultContext, &User{ID: int64(10)})
privateCount, err2 := GetPrivateRepositoryCount(&User{ID: int64(10)}) privateCount, err2 := GetPrivateRepositoryCount(&User{ID: int64(10)})
publicCount, err3 := GetPublicRepositoryCount(&User{ID: int64(10)}) publicCount, err3 := GetPublicRepositoryCount(&User{ID: int64(10)})
assert.NoError(t, err1) assert.NoError(t, err1)

View file

@ -22,7 +22,6 @@ import (
_ "image/jpeg" // Needed for jpeg support _ "image/jpeg" // Needed for jpeg support
admin_model "code.gitea.io/gitea/models/admin"
"code.gitea.io/gitea/models/db" "code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/login" "code.gitea.io/gitea/models/login"
"code.gitea.io/gitea/models/unit" "code.gitea.io/gitea/models/unit"
@ -32,7 +31,6 @@ import (
"code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/storage"
"code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/modules/timeutil" "code.gitea.io/gitea/modules/timeutil"
"code.gitea.io/gitea/modules/util" "code.gitea.io/gitea/modules/util"
@ -542,15 +540,16 @@ func (u *User) IsPublicMember(orgID int64) bool {
return isMember return isMember
} }
func (u *User) getOrganizationCount(e db.Engine) (int64, error) { // GetOrganizationCount returns count of membership of organization of the user.
return e. func GetOrganizationCount(ctx context.Context, u *User) (int64, error) {
return db.GetEngine(ctx).
Where("uid=?", u.ID). Where("uid=?", u.ID).
Count(new(OrgUser)) Count(new(OrgUser))
} }
// GetOrganizationCount returns count of membership of organization of user. // GetOrganizationCount returns count of membership of organization of user.
func (u *User) GetOrganizationCount() (int64, error) { func (u *User) GetOrganizationCount() (int64, error) {
return u.getOrganizationCount(db.GetEngine(db.DefaultContext)) return GetOrganizationCount(db.DefaultContext, u)
} }
// GetRepositories returns repositories that user owns, including private repositories. // GetRepositories returns repositories that user owns, including private repositories.
@ -1149,26 +1148,9 @@ func deleteBeans(e db.Engine, beans ...interface{}) (err error) {
return nil return nil
} }
func deleteUser(ctx context.Context, u *User) error { // DeleteUser deletes models associated to an user.
func DeleteUser(ctx context.Context, u *User) (err error) {
e := db.GetEngine(ctx) e := db.GetEngine(ctx)
// Note: A user owns any repository or belongs to any organization
// cannot perform delete operation.
// Check ownership of repository.
count, err := getRepositoryCount(e, u)
if err != nil {
return fmt.Errorf("GetRepositoryCount: %v", err)
} else if count > 0 {
return ErrUserOwnRepos{UID: u.ID}
}
// Check membership of organization.
count, err = u.getOrganizationCount(e)
if err != nil {
return fmt.Errorf("GetOrganizationCount: %v", err)
} else if count > 0 {
return ErrUserHasOrgs{UID: u.ID}
}
// ***** START: Watch ***** // ***** START: Watch *****
watchedRepoIDs := make([]int64, 0, 10) watchedRepoIDs := make([]int64, 0, 10)
@ -1301,85 +1283,21 @@ func deleteUser(ctx context.Context, u *User) error {
return fmt.Errorf("Delete: %v", err) return fmt.Errorf("Delete: %v", err)
} }
// Note: There are something just cannot be roll back,
// so just keep error logs of those operations.
path := UserPath(u.Name)
if err = util.RemoveAll(path); err != nil {
err = fmt.Errorf("Failed to RemoveAll %s: %v", path, err)
_ = admin_model.CreateNoticeCtx(ctx, admin_model.NoticeTask, fmt.Sprintf("delete user '%s': %v", u.Name, err))
return err
}
if len(u.Avatar) > 0 {
avatarPath := u.CustomAvatarRelativePath()
if err = storage.Avatars.Delete(avatarPath); err != nil {
err = fmt.Errorf("Failed to remove %s: %v", avatarPath, err)
_ = admin_model.CreateNoticeCtx(ctx, admin_model.NoticeTask, fmt.Sprintf("delete user '%s': %v", u.Name, err))
return err
}
}
return nil return nil
} }
// DeleteUser completely and permanently deletes everything of a user, // GetInactiveUsers gets all inactive users
// but issues/comments/pulls will be kept and shown as someone has been deleted, func GetInactiveUsers(ctx context.Context, olderThan time.Duration) ([]*User, error) {
// unless the user is younger than USER_DELETE_WITH_COMMENTS_MAX_DAYS. var cond builder.Cond = builder.Eq{"is_active": false}
func DeleteUser(u *User) (err error) {
if u.IsOrganization() {
return fmt.Errorf("%s is an organization not a user", u.Name)
}
ctx, committer, err := db.TxContext()
if err != nil {
return err
}
defer committer.Close()
if err = deleteUser(ctx, u); err != nil {
// Note: don't wrapper error here.
return err
}
return committer.Commit()
}
// DeleteInactiveUsers deletes all inactive users and email addresses.
func DeleteInactiveUsers(ctx context.Context, olderThan time.Duration) (err error) {
users := make([]*User, 0, 10)
if olderThan > 0 { if olderThan > 0 {
if err = db.GetEngine(db.DefaultContext). cond = cond.And(builder.Lt{"created_unix": time.Now().Add(-olderThan).Unix()})
Where("is_active = ? and created_unix < ?", false, time.Now().Add(-olderThan).Unix()).
Find(&users); err != nil {
return fmt.Errorf("get all inactive users: %v", err)
}
} else {
if err = db.GetEngine(db.DefaultContext).
Where("is_active = ?", false).
Find(&users); err != nil {
return fmt.Errorf("get all inactive users: %v", err)
}
}
// FIXME: should only update authorized_keys file once after all deletions.
for _, u := range users {
select {
case <-ctx.Done():
return db.ErrCancelledf("Before delete inactive user %s", u.Name)
default:
}
if err = DeleteUser(u); err != nil {
// Ignore users that were set inactive by admin.
if IsErrUserOwnRepos(err) || IsErrUserHasOrgs(err) {
continue
}
return err
}
} }
_, err = db.GetEngine(db.DefaultContext). users := make([]*User, 0, 10)
Where("is_activated = ?", false). return users, db.GetEngine(ctx).
Delete(new(user_model.EmailAddress)) Where(cond).
return err Find(&users)
} }
// UserPath returns the path absolute path of user repositories. // UserPath returns the path absolute path of user repositories.

View file

@ -267,3 +267,11 @@ func DeleteEmailAddresses(emails []*EmailAddress) (err error) {
return nil return nil
} }
// DeleteInactiveEmailAddresses deletes inactive email addresses
func DeleteInactiveEmailAddresses(ctx context.Context) error {
_, err := db.GetEngine(ctx).
Where("is_activated = ?", false).
Delete(new(EmailAddress))
return err
}

View file

@ -177,41 +177,6 @@ func TestSearchUsers(t *testing.T) {
[]int64{24}) []int64{24})
} }
func TestDeleteUser(t *testing.T) {
test := func(userID int64) {
assert.NoError(t, unittest.PrepareTestDatabase())
user := unittest.AssertExistsAndLoadBean(t, &User{ID: userID}).(*User)
ownedRepos := make([]*Repository, 0, 10)
assert.NoError(t, db.GetEngine(db.DefaultContext).Find(&ownedRepos, &Repository{OwnerID: userID}))
if len(ownedRepos) > 0 {
err := DeleteUser(user)
assert.Error(t, err)
assert.True(t, IsErrUserOwnRepos(err))
return
}
orgUsers := make([]*OrgUser, 0, 10)
assert.NoError(t, db.GetEngine(db.DefaultContext).Find(&orgUsers, &OrgUser{UID: userID}))
for _, orgUser := range orgUsers {
if err := RemoveOrgUser(orgUser.OrgID, orgUser.UID); err != nil {
assert.True(t, IsErrLastOrgOwner(err))
return
}
}
assert.NoError(t, DeleteUser(user))
unittest.AssertNotExistsBean(t, &User{ID: userID})
unittest.CheckConsistencyFor(t, &User{}, &Repository{})
}
test(2)
test(4)
test(8)
test(11)
org := unittest.AssertExistsAndLoadBean(t, &User{ID: 3}).(*User)
assert.Error(t, DeleteUser(org))
}
func TestEmailNotificationPreferences(t *testing.T) { func TestEmailNotificationPreferences(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase()) assert.NoError(t, unittest.PrepareTestDatabase())
@ -333,21 +298,6 @@ func TestDisplayName(t *testing.T) {
} }
} }
func TestCreateUser(t *testing.T) {
user := &User{
Name: "GiteaBot",
Email: "GiteaBot@gitea.io",
Passwd: ";p['////..-++']",
IsAdmin: false,
Theme: setting.UI.DefaultTheme,
MustChangePassword: false,
}
assert.NoError(t, CreateUser(user))
assert.NoError(t, DeleteUser(user))
}
func TestCreateUserInvalidEmail(t *testing.T) { func TestCreateUserInvalidEmail(t *testing.T) {
user := &User{ user := &User{
Name: "GiteaBot", Name: "GiteaBot",
@ -363,36 +313,6 @@ func TestCreateUserInvalidEmail(t *testing.T) {
assert.True(t, user_model.IsErrEmailInvalid(err)) assert.True(t, user_model.IsErrEmailInvalid(err))
} }
func TestCreateUser_Issue5882(t *testing.T) {
// Init settings
_ = setting.Admin
passwd := ".//.;1;;//.,-=_"
tt := []struct {
user *User
disableOrgCreation bool
}{
{&User{Name: "GiteaBot", Email: "GiteaBot@gitea.io", Passwd: passwd, MustChangePassword: false}, false},
{&User{Name: "GiteaBot2", Email: "GiteaBot2@gitea.io", Passwd: passwd, MustChangePassword: false}, true},
}
setting.Service.DefaultAllowCreateOrganization = true
for _, v := range tt {
setting.Admin.DisableRegularOrgCreation = v.disableOrgCreation
assert.NoError(t, CreateUser(v.user))
u, err := GetUserByEmail(v.user.Email)
assert.NoError(t, err)
assert.Equal(t, !u.AllowCreateOrganization, v.disableOrgCreation)
assert.NoError(t, DeleteUser(v.user))
}
}
func TestGetUserIDsByNames(t *testing.T) { func TestGetUserIDsByNames(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase()) assert.NoError(t, unittest.PrepareTestDatabase())

View file

@ -9,6 +9,7 @@ import (
"testing" "testing"
"code.gitea.io/gitea/models" "code.gitea.io/gitea/models"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/unittest" "code.gitea.io/gitea/models/unittest"
"code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/structs"
@ -142,5 +143,5 @@ func TestIncludesAllRepositoriesTeams(t *testing.T) {
assert.NoError(t, models.DeleteRepository(user, org.ID, rid), "DeleteRepository %d", i) assert.NoError(t, models.DeleteRepository(user, org.ID, rid), "DeleteRepository %d", i)
} }
} }
assert.NoError(t, models.DeleteOrganization(org), "DeleteOrganization") assert.NoError(t, models.DeleteOrganization(db.DefaultContext, org), "DeleteOrganization")
} }

View file

@ -22,6 +22,7 @@ import (
"code.gitea.io/gitea/routers/api/v1/user" "code.gitea.io/gitea/routers/api/v1/user"
"code.gitea.io/gitea/routers/api/v1/utils" "code.gitea.io/gitea/routers/api/v1/utils"
"code.gitea.io/gitea/services/mailer" "code.gitea.io/gitea/services/mailer"
user_service "code.gitea.io/gitea/services/user"
) )
func parseLoginSource(ctx *context.APIContext, u *models.User, sourceID int64, loginName string) { func parseLoginSource(ctx *context.APIContext, u *models.User, sourceID int64, loginName string) {
@ -289,7 +290,7 @@ func DeleteUser(ctx *context.APIContext) {
return return
} }
if err := models.DeleteUser(u); err != nil { if err := user_service.DeleteUser(u); err != nil {
if models.IsErrUserOwnRepos(err) || if models.IsErrUserOwnRepos(err) ||
models.IsErrUserHasOrgs(err) { models.IsErrUserHasOrgs(err) {
ctx.Error(http.StatusUnprocessableEntity, "", err) ctx.Error(http.StatusUnprocessableEntity, "", err)

View file

@ -16,6 +16,7 @@ import (
"code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/modules/web"
"code.gitea.io/gitea/routers/api/v1/user" "code.gitea.io/gitea/routers/api/v1/user"
"code.gitea.io/gitea/routers/api/v1/utils" "code.gitea.io/gitea/routers/api/v1/utils"
"code.gitea.io/gitea/services/org"
) )
func listUserOrgs(ctx *context.APIContext, u *models.User) { func listUserOrgs(ctx *context.APIContext, u *models.User) {
@ -364,7 +365,7 @@ func Delete(ctx *context.APIContext) {
// "204": // "204":
// "$ref": "#/responses/empty" // "$ref": "#/responses/empty"
if err := models.DeleteOrganization(ctx.Org.Organization); err != nil { if err := org.DeleteOrganization(ctx.Org.Organization); err != nil {
ctx.Error(http.StatusInternalServerError, "DeleteOrganization", err) ctx.Error(http.StatusInternalServerError, "DeleteOrganization", err)
return return
} }

View file

@ -26,6 +26,7 @@ import (
router_user_setting "code.gitea.io/gitea/routers/web/user/setting" router_user_setting "code.gitea.io/gitea/routers/web/user/setting"
"code.gitea.io/gitea/services/forms" "code.gitea.io/gitea/services/forms"
"code.gitea.io/gitea/services/mailer" "code.gitea.io/gitea/services/mailer"
"code.gitea.io/gitea/services/user"
) )
const ( const (
@ -377,7 +378,7 @@ func DeleteUser(ctx *context.Context) {
return return
} }
if err = models.DeleteUser(u); err != nil { if err = user.DeleteUser(u); err != nil {
switch { switch {
case models.IsErrUserOwnRepos(err): case models.IsErrUserOwnRepos(err):
ctx.Flash.Error(ctx.Tr("admin.users.still_own_repo")) ctx.Flash.Error(ctx.Tr("admin.users.still_own_repo"))

View file

@ -20,6 +20,7 @@ import (
"code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/modules/web"
userSetting "code.gitea.io/gitea/routers/web/user/setting" userSetting "code.gitea.io/gitea/routers/web/user/setting"
"code.gitea.io/gitea/services/forms" "code.gitea.io/gitea/services/forms"
"code.gitea.io/gitea/services/org"
) )
const ( const (
@ -156,15 +157,14 @@ func SettingsDelete(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("org.settings") ctx.Data["Title"] = ctx.Tr("org.settings")
ctx.Data["PageIsSettingsDelete"] = true ctx.Data["PageIsSettingsDelete"] = true
org := ctx.Org.Organization
if ctx.Req.Method == "POST" { if ctx.Req.Method == "POST" {
if org.Name != ctx.FormString("org_name") { if ctx.Org.Organization.Name != ctx.FormString("org_name") {
ctx.Data["Err_OrgName"] = true ctx.Data["Err_OrgName"] = true
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_org_name"), tplSettingsDelete, nil) ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_org_name"), tplSettingsDelete, nil)
return return
} }
if err := models.DeleteOrganization(org); err != nil { if err := org.DeleteOrganization(ctx.Org.Organization); err != nil {
if models.IsErrUserOwnRepos(err) { if models.IsErrUserOwnRepos(err) {
ctx.Flash.Error(ctx.Tr("form.org_still_own_repo")) ctx.Flash.Error(ctx.Tr("form.org_still_own_repo"))
ctx.Redirect(ctx.Org.OrgLink + "/settings/delete") ctx.Redirect(ctx.Org.OrgLink + "/settings/delete")
@ -172,7 +172,7 @@ func SettingsDelete(ctx *context.Context) {
ctx.ServerError("DeleteOrganization", err) ctx.ServerError("DeleteOrganization", err)
} }
} else { } else {
log.Trace("Organization deleted: %s", org.Name) log.Trace("Organization deleted: %s", ctx.Org.Organization.Name)
ctx.Redirect(setting.AppSubURL + "/") ctx.Redirect(setting.AppSubURL + "/")
} }
return return

View file

@ -22,6 +22,7 @@ import (
"code.gitea.io/gitea/services/auth" "code.gitea.io/gitea/services/auth"
"code.gitea.io/gitea/services/forms" "code.gitea.io/gitea/services/forms"
"code.gitea.io/gitea/services/mailer" "code.gitea.io/gitea/services/mailer"
"code.gitea.io/gitea/services/user"
) )
const ( const (
@ -241,7 +242,7 @@ func DeleteAccount(ctx *context.Context) {
return return
} }
if err := models.DeleteUser(ctx.User); err != nil { if err := user.DeleteUser(ctx.User); err != nil {
switch { switch {
case models.IsErrUserOwnRepos(err): case models.IsErrUserOwnRepos(err):
ctx.Flash.Error(ctx.Tr("form.still_own_repo")) ctx.Flash.Error(ctx.Tr("form.still_own_repo"))

View file

@ -90,18 +90,18 @@ func (t *Task) RunWithUser(doer *models.User, config Config) {
if err := t.fun(ctx, doer, config); err != nil { if err := t.fun(ctx, doer, config); err != nil {
if db.IsErrCancelled(err) { if db.IsErrCancelled(err) {
message := err.(db.ErrCancelled).Message message := err.(db.ErrCancelled).Message
if err := admin_model.CreateNotice(admin_model.NoticeTask, config.FormatMessage(t.Name, "aborted", doer, message)); err != nil { if err := admin_model.CreateNotice(ctx, admin_model.NoticeTask, config.FormatMessage(t.Name, "aborted", doer, message)); err != nil {
log.Error("CreateNotice: %v", err) log.Error("CreateNotice: %v", err)
} }
return return
} }
if err := admin_model.CreateNotice(admin_model.NoticeTask, config.FormatMessage(t.Name, "error", doer, err)); err != nil { if err := admin_model.CreateNotice(ctx, admin_model.NoticeTask, config.FormatMessage(t.Name, "error", doer, err)); err != nil {
log.Error("CreateNotice: %v", err) log.Error("CreateNotice: %v", err)
} }
return return
} }
if config.DoNoticeOnSuccess() { if config.DoNoticeOnSuccess() {
if err := admin_model.CreateNotice(admin_model.NoticeTask, config.FormatMessage(t.Name, "finished", doer)); err != nil { if err := admin_model.CreateNotice(ctx, admin_model.NoticeTask, config.FormatMessage(t.Name, "finished", doer)); err != nil {
log.Error("CreateNotice: %v", err) log.Error("CreateNotice: %v", err)
} }
} }

View file

@ -13,6 +13,7 @@ import (
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/updatechecker" "code.gitea.io/gitea/modules/updatechecker"
repo_service "code.gitea.io/gitea/services/repository" repo_service "code.gitea.io/gitea/services/repository"
user_service "code.gitea.io/gitea/services/user"
) )
func registerDeleteInactiveUsers() { func registerDeleteInactiveUsers() {
@ -25,7 +26,7 @@ func registerDeleteInactiveUsers() {
OlderThan: 0 * time.Second, OlderThan: 0 * time.Second,
}, func(ctx context.Context, _ *models.User, config Config) error { }, func(ctx context.Context, _ *models.User, config Config) error {
olderThanConfig := config.(*OlderThanConfig) olderThanConfig := config.(*OlderThanConfig)
return models.DeleteInactiveUsers(ctx, olderThanConfig.OlderThan) return user_service.DeleteInactiveUsers(ctx, olderThanConfig.OlderThan)
}) })
} }

61
services/org/org.go Normal file
View file

@ -0,0 +1,61 @@
// Copyright 2021 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package org
import (
"fmt"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/modules/storage"
"code.gitea.io/gitea/modules/util"
)
// DeleteOrganization completely and permanently deletes everything of organization.
func DeleteOrganization(org *models.User) error {
if !org.IsOrganization() {
return fmt.Errorf("%s is a user not an organization", org.Name)
}
ctx, commiter, err := db.TxContext()
if err != nil {
return err
}
defer commiter.Close()
// Check ownership of repository.
count, err := models.GetRepositoryCount(ctx, org)
if err != nil {
return fmt.Errorf("GetRepositoryCount: %v", err)
} else if count > 0 {
return models.ErrUserOwnRepos{UID: org.ID}
}
if err := models.DeleteOrganization(ctx, org); err != nil {
return fmt.Errorf("DeleteOrganization: %v", err)
}
if err := commiter.Commit(); err != nil {
return err
}
// FIXME: system notice
// Note: There are something just cannot be roll back,
// so just keep error logs of those operations.
path := models.UserPath(org.Name)
if err := util.RemoveAll(path); err != nil {
return fmt.Errorf("Failed to RemoveAll %s: %v", path, err)
}
if len(org.Avatar) > 0 {
avatarPath := org.CustomAvatarRelativePath()
if err := storage.Avatars.Delete(avatarPath); err != nil {
return fmt.Errorf("Failed to remove %s: %v", avatarPath, err)
}
}
return nil
}

37
services/org/org_test.go Normal file
View file

@ -0,0 +1,37 @@
// Copyright 2021 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package org
import (
"path/filepath"
"testing"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/models/unittest"
"github.com/stretchr/testify/assert"
)
func TestMain(m *testing.M) {
unittest.MainTest(m, filepath.Join("..", ".."))
}
func TestDeleteOrganization(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
org := unittest.AssertExistsAndLoadBean(t, &models.User{ID: 6}).(*models.User)
assert.NoError(t, DeleteOrganization(org))
unittest.AssertNotExistsBean(t, &models.User{ID: 6})
unittest.AssertNotExistsBean(t, &models.OrgUser{OrgID: 6})
unittest.AssertNotExistsBean(t, &models.Team{OrgID: 6})
org = unittest.AssertExistsAndLoadBean(t, &models.User{ID: 3}).(*models.User)
err := DeleteOrganization(org)
assert.Error(t, err)
assert.True(t, models.IsErrUserOwnRepos(err))
user := unittest.AssertExistsAndLoadBean(t, &models.User{ID: 5}).(*models.User)
assert.Error(t, DeleteOrganization(user))
unittest.CheckConsistencyFor(t, &models.User{}, &models.Team{})
}

106
services/user/user.go Normal file
View file

@ -0,0 +1,106 @@
// Copyright 2021 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package user
import (
"context"
"fmt"
"time"
"code.gitea.io/gitea/models"
admin_model "code.gitea.io/gitea/models/admin"
"code.gitea.io/gitea/models/db"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/storage"
"code.gitea.io/gitea/modules/util"
)
// DeleteUser completely and permanently deletes everything of a user,
// but issues/comments/pulls will be kept and shown as someone has been deleted,
// unless the user is younger than USER_DELETE_WITH_COMMENTS_MAX_DAYS.
func DeleteUser(u *models.User) error {
if u.IsOrganization() {
return fmt.Errorf("%s is an organization not a user", u.Name)
}
ctx, commiter, err := db.TxContext()
if err != nil {
return err
}
defer commiter.Close()
// Note: A user owns any repository or belongs to any organization
// cannot perform delete operation.
// Check ownership of repository.
count, err := models.GetRepositoryCount(ctx, u)
if err != nil {
return fmt.Errorf("GetRepositoryCount: %v", err)
} else if count > 0 {
return models.ErrUserOwnRepos{UID: u.ID}
}
// Check membership of organization.
count, err = models.GetOrganizationCount(ctx, u)
if err != nil {
return fmt.Errorf("GetOrganizationCount: %v", err)
} else if count > 0 {
return models.ErrUserHasOrgs{UID: u.ID}
}
if err := models.DeleteUser(ctx, u); err != nil {
return fmt.Errorf("DeleteUser: %v", err)
}
if err := commiter.Commit(); err != nil {
return err
}
// Note: There are something just cannot be roll back,
// so just keep error logs of those operations.
path := models.UserPath(u.Name)
if err := util.RemoveAll(path); err != nil {
err = fmt.Errorf("Failed to RemoveAll %s: %v", path, err)
_ = admin_model.CreateNotice(db.DefaultContext, admin_model.NoticeTask, fmt.Sprintf("delete user '%s': %v", u.Name, err))
return err
}
if u.Avatar != "" {
avatarPath := u.CustomAvatarRelativePath()
if err := storage.Avatars.Delete(avatarPath); err != nil {
err = fmt.Errorf("Failed to remove %s: %v", avatarPath, err)
_ = admin_model.CreateNotice(db.DefaultContext, admin_model.NoticeTask, fmt.Sprintf("delete user '%s': %v", u.Name, err))
return err
}
}
return nil
}
// DeleteInactiveUsers deletes all inactive users and email addresses.
func DeleteInactiveUsers(ctx context.Context, olderThan time.Duration) error {
users, err := models.GetInactiveUsers(ctx, olderThan)
if err != nil {
return err
}
// FIXME: should only update authorized_keys file once after all deletions.
for _, u := range users {
select {
case <-ctx.Done():
return db.ErrCancelledf("Before delete inactive user %s", u.Name)
default:
}
if err := DeleteUser(u); err != nil {
// Ignore users that were set inactive by admin.
if models.IsErrUserOwnRepos(err) || models.IsErrUserHasOrgs(err) {
continue
}
return err
}
}
return user_model.DeleteInactiveEmailAddresses(ctx)
}

101
services/user/user_test.go Normal file
View file

@ -0,0 +1,101 @@
// Copyright 2021 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package user
import (
"path/filepath"
"testing"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/unittest"
"code.gitea.io/gitea/modules/setting"
"github.com/stretchr/testify/assert"
)
func TestMain(m *testing.M) {
unittest.MainTest(m, filepath.Join("..", ".."))
}
func TestDeleteUser(t *testing.T) {
test := func(userID int64) {
assert.NoError(t, unittest.PrepareTestDatabase())
user := unittest.AssertExistsAndLoadBean(t, &models.User{ID: userID}).(*models.User)
ownedRepos := make([]*models.Repository, 0, 10)
assert.NoError(t, db.GetEngine(db.DefaultContext).Find(&ownedRepos, &models.Repository{OwnerID: userID}))
if len(ownedRepos) > 0 {
err := DeleteUser(user)
assert.Error(t, err)
assert.True(t, models.IsErrUserOwnRepos(err))
return
}
orgUsers := make([]*models.OrgUser, 0, 10)
assert.NoError(t, db.GetEngine(db.DefaultContext).Find(&orgUsers, &models.OrgUser{UID: userID}))
for _, orgUser := range orgUsers {
if err := models.RemoveOrgUser(orgUser.OrgID, orgUser.UID); err != nil {
assert.True(t, models.IsErrLastOrgOwner(err))
return
}
}
assert.NoError(t, DeleteUser(user))
unittest.AssertNotExistsBean(t, &models.User{ID: userID})
unittest.CheckConsistencyFor(t, &models.User{}, &models.Repository{})
}
test(2)
test(4)
test(8)
test(11)
org := unittest.AssertExistsAndLoadBean(t, &models.User{ID: 3}).(*models.User)
assert.Error(t, DeleteUser(org))
}
func TestCreateUser(t *testing.T) {
user := &models.User{
Name: "GiteaBot",
Email: "GiteaBot@gitea.io",
Passwd: ";p['////..-++']",
IsAdmin: false,
Theme: setting.UI.DefaultTheme,
MustChangePassword: false,
}
assert.NoError(t, models.CreateUser(user))
assert.NoError(t, DeleteUser(user))
}
func TestCreateUser_Issue5882(t *testing.T) {
// Init settings
_ = setting.Admin
passwd := ".//.;1;;//.,-=_"
tt := []struct {
user *models.User
disableOrgCreation bool
}{
{&models.User{Name: "GiteaBot", Email: "GiteaBot@gitea.io", Passwd: passwd, MustChangePassword: false}, false},
{&models.User{Name: "GiteaBot2", Email: "GiteaBot2@gitea.io", Passwd: passwd, MustChangePassword: false}, true},
}
setting.Service.DefaultAllowCreateOrganization = true
for _, v := range tt {
setting.Admin.DisableRegularOrgCreation = v.disableOrgCreation
assert.NoError(t, models.CreateUser(v.user))
u, err := models.GetUserByEmail(v.user.Email)
assert.NoError(t, err)
assert.Equal(t, !u.AllowCreateOrganization, v.disableOrgCreation)
assert.NoError(t, DeleteUser(v.user))
}
}

View file

@ -13,6 +13,7 @@ import (
"code.gitea.io/gitea/models" "code.gitea.io/gitea/models"
admin_model "code.gitea.io/gitea/models/admin" admin_model "code.gitea.io/gitea/models/admin"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/unit" "code.gitea.io/gitea/models/unit"
"code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
@ -375,6 +376,6 @@ func DeleteWiki(repo *models.Repository) error {
return err return err
} }
admin_model.RemoveAllWithNotice("Delete repository wiki", repo.WikiPath()) admin_model.RemoveAllWithNotice(db.DefaultContext, "Delete repository wiki", repo.WikiPath())
return nil return nil
} }