2019-07-31 22:56:46 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
|
2023-05-27 22:25:52 +05:30
|
|
|
RSpec.describe Users::DestroyService, feature_category: :user_management do
|
2021-01-29 00:20:46 +05:30
|
|
|
let!(:user) { create(:user) }
|
|
|
|
let!(:admin) { create(:admin) }
|
|
|
|
let!(:namespace) { user.namespace }
|
|
|
|
let!(:project) { create(:project, namespace: namespace) }
|
|
|
|
let(:service) { described_class.new(admin) }
|
|
|
|
let(:gitlab_shell) { Gitlab::Shell.new }
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
describe "Initiates user deletion and deletes all their personal projects", :enable_admin_mode do
|
|
|
|
context 'no options are given' do
|
|
|
|
it 'creates GhostUserMigration record to handle migration in a worker' do
|
|
|
|
expect { service.execute(user) }
|
|
|
|
.to(
|
|
|
|
change do
|
|
|
|
Users::GhostUserMigration.where(user: user,
|
|
|
|
initiator_user: admin)
|
|
|
|
.exists?
|
|
|
|
end.from(false).to(true))
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
it 'will delete the personal project' do
|
|
|
|
expect_next_instance_of(Projects::DestroyService) do |destroy_service|
|
|
|
|
expect(destroy_service).to receive(:execute).once.and_return(true)
|
2022-10-11 01:57:18 +05:30
|
|
|
end
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
service.execute(user)
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
2023-01-13 00:05:48 +05:30
|
|
|
end
|
2020-03-13 15:44:24 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
context 'personal projects in pending_delete' do
|
|
|
|
before do
|
|
|
|
project.pending_delete = true
|
|
|
|
project.save!
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2020-04-08 14:13:33 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
it 'destroys a personal project in pending_delete' do
|
|
|
|
expect_next_instance_of(Projects::DestroyService) do |destroy_service|
|
|
|
|
expect(destroy_service).to receive(:execute).once.and_return(true)
|
2020-04-08 14:13:33 +05:30
|
|
|
end
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
service.execute(user)
|
2022-10-11 01:57:18 +05:30
|
|
|
end
|
2023-01-13 00:05:48 +05:30
|
|
|
end
|
2020-04-08 14:13:33 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
context "solo owned groups present" do
|
|
|
|
let(:solo_owned) { create(:group) }
|
|
|
|
let(:member) { create(:group_member) }
|
|
|
|
let(:user) { member.user }
|
2020-04-08 14:13:33 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
before do
|
|
|
|
solo_owned.group_members = [member]
|
2020-04-08 14:13:33 +05:30
|
|
|
end
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
it 'returns the user with attached errors' do
|
|
|
|
expect(service.execute(user)).to be(user)
|
|
|
|
expect(user.errors.full_messages).to(
|
|
|
|
contain_exactly('You must transfer ownership or delete groups before you can remove user'))
|
2020-04-08 14:13:33 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
it 'does not delete the user, nor the group' do
|
|
|
|
service.execute(user)
|
2017-08-17 22:00:37 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
expect(User.find(user.id)).to eq user
|
|
|
|
expect(Group.find(solo_owned.id)).to eq solo_owned
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
context "deletions with solo owned groups" do
|
|
|
|
let(:solo_owned) { create(:group) }
|
|
|
|
let(:member) { create(:group_member) }
|
|
|
|
let(:user) { member.user }
|
2022-10-11 01:57:18 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
before do
|
|
|
|
solo_owned.group_members = [member]
|
|
|
|
service.execute(user, delete_solo_owned_groups: true)
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
it 'deletes solo owned groups' do
|
|
|
|
expect { Group.find(solo_owned.id) }.to raise_error(ActiveRecord::RecordNotFound)
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
2023-01-13 00:05:48 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
context 'deletions with inherited group owners' do
|
|
|
|
let(:group) { create(:group, :nested) }
|
|
|
|
let(:user) { create(:user) }
|
|
|
|
let(:inherited_owner) { create(:user) }
|
2017-08-17 22:00:37 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
before do
|
|
|
|
group.parent.add_owner(inherited_owner)
|
|
|
|
group.add_owner(user)
|
2022-07-16 23:28:13 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
service.execute(user, delete_solo_owned_groups: true)
|
2022-07-16 23:28:13 +05:30
|
|
|
end
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
it 'does not delete the group' do
|
|
|
|
expect(Group.exists?(id: group)).to be_truthy
|
|
|
|
end
|
|
|
|
end
|
2022-07-16 23:28:13 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
describe "user personal's repository removal" do
|
|
|
|
context 'storages' do
|
2022-10-11 01:57:18 +05:30
|
|
|
before do
|
2023-01-13 00:05:48 +05:30
|
|
|
perform_enqueued_jobs { service.execute(user) }
|
2022-10-11 01:57:18 +05:30
|
|
|
end
|
2022-07-16 23:28:13 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
context 'legacy storage' do
|
|
|
|
let!(:project) { create(:project, :empty_repo, :legacy_storage, namespace: user.namespace) }
|
2022-10-11 01:57:18 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
it 'removes repository' do
|
|
|
|
expect(
|
|
|
|
gitlab_shell.repository_exists?(project.repository_storage,
|
|
|
|
"#{project.disk_path}.git")
|
|
|
|
).to be_falsey
|
2022-10-11 01:57:18 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
context 'hashed storage' do
|
|
|
|
let!(:project) { create(:project, :empty_repo, namespace: user.namespace) }
|
2017-08-17 22:00:37 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
it 'removes repository' do
|
|
|
|
expect(
|
|
|
|
gitlab_shell.repository_exists?(project.repository_storage,
|
|
|
|
"#{project.disk_path}.git")
|
|
|
|
).to be_falsey
|
2018-11-20 20:47:30 +05:30
|
|
|
end
|
|
|
|
end
|
2022-10-11 01:57:18 +05:30
|
|
|
end
|
2018-03-17 18:26:18 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
context 'repository removal status is taken into account' do
|
|
|
|
it 'raises exception' do
|
|
|
|
expect_next_instance_of(::Projects::DestroyService) do |destroy_service|
|
|
|
|
expect(destroy_service).to receive(:execute).and_return(false)
|
|
|
|
end
|
2018-03-17 18:26:18 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
expect { service.execute(user) }
|
|
|
|
.to raise_error(Users::DestroyService::DestroyError,
|
|
|
|
"Project #{project.id} can't be deleted")
|
2018-03-17 18:26:18 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2021-01-29 00:20:46 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
describe "calls the before/after callbacks" do
|
|
|
|
it 'of project_members' do
|
|
|
|
expect_any_instance_of(ProjectMember).to receive(:run_callbacks).with(:find).once
|
|
|
|
expect_any_instance_of(ProjectMember).to receive(:run_callbacks).with(:initialize).once
|
|
|
|
expect_any_instance_of(ProjectMember).to receive(:run_callbacks).with(:destroy).once
|
2021-01-29 00:20:46 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
service.execute(user)
|
2022-11-25 23:54:43 +05:30
|
|
|
end
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
it 'of group_members' do
|
|
|
|
group_member = create(:group_member)
|
|
|
|
group_member.group.group_members.create!(user: user, access_level: 40)
|
2022-11-25 23:54:43 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
expect_any_instance_of(GroupMember).to receive(:run_callbacks).with(:find).once
|
|
|
|
expect_any_instance_of(GroupMember).to receive(:run_callbacks).with(:initialize).once
|
|
|
|
expect_any_instance_of(GroupMember).to receive(:run_callbacks).with(:destroy).once
|
2021-01-29 00:20:46 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
service.execute(user)
|
2021-01-29 00:20:46 +05:30
|
|
|
end
|
2023-01-13 00:05:48 +05:30
|
|
|
end
|
2021-01-29 00:20:46 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
describe 'prometheus metrics', :prometheus do
|
|
|
|
context 'scheduled records' do
|
|
|
|
context 'with a single record' do
|
|
|
|
it 'updates the scheduled records gauge' do
|
|
|
|
service.execute(user)
|
2021-01-29 00:20:46 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
gauge = Gitlab::Metrics.registry.get(:gitlab_ghost_user_migration_scheduled_records_total)
|
|
|
|
expect(gauge.get).to eq(1)
|
|
|
|
end
|
2022-11-25 23:54:43 +05:30
|
|
|
end
|
2021-01-29 00:20:46 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
context 'with approximate count due to large number of records' do
|
|
|
|
it 'updates the scheduled records gauge' do
|
|
|
|
allow(Users::GhostUserMigration)
|
|
|
|
.to(receive_message_chain(:limit, :count).and_return(1001))
|
|
|
|
allow(Users::GhostUserMigration).to(receive(:minimum)).and_return(42)
|
|
|
|
allow(Users::GhostUserMigration).to(receive(:maximum)).and_return(9042)
|
2022-11-25 23:54:43 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
service.execute(user)
|
2022-11-25 23:54:43 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
gauge = Gitlab::Metrics.registry.get(:gitlab_ghost_user_migration_scheduled_records_total)
|
|
|
|
expect(gauge.get).to eq(9000)
|
|
|
|
end
|
2022-11-25 23:54:43 +05:30
|
|
|
end
|
2022-10-11 01:57:18 +05:30
|
|
|
end
|
2021-01-29 00:20:46 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
context 'lag' do
|
|
|
|
it 'update the lag gauge', :freeze_time do
|
|
|
|
create(:ghost_user_migration, created_at: 10.minutes.ago)
|
2021-01-29 00:20:46 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
service.execute(user)
|
|
|
|
|
|
|
|
gauge = Gitlab::Metrics.registry.get(:gitlab_ghost_user_migration_lag_seconds)
|
|
|
|
expect(gauge.get).to eq(600)
|
2022-10-11 01:57:18 +05:30
|
|
|
end
|
|
|
|
end
|
2021-01-29 00:20:46 +05:30
|
|
|
end
|
2023-01-13 00:05:48 +05:30
|
|
|
end
|
2022-06-21 17:19:12 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
describe "Deletion permission checks" do
|
|
|
|
it 'does not delete the user when user is not an admin' do
|
|
|
|
other_user = create(:user)
|
2022-06-21 17:19:12 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
expect { described_class.new(other_user).execute(user) }.to raise_error(Gitlab::Access::AccessDeniedError)
|
2022-06-21 17:19:12 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
expect(Users::GhostUserMigration).not_to be_exists
|
|
|
|
end
|
2022-06-21 17:19:12 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
context 'when admin mode is enabled', :enable_admin_mode do
|
|
|
|
it 'allows admins to delete anyone' do
|
|
|
|
expect { described_class.new(admin).execute(user) }
|
2022-10-11 01:57:18 +05:30
|
|
|
.to(
|
|
|
|
change do
|
|
|
|
Users::GhostUserMigration.where(user: user,
|
2023-01-13 00:05:48 +05:30
|
|
|
initiator_user: admin)
|
2022-10-11 01:57:18 +05:30
|
|
|
.exists?
|
|
|
|
end.from(false).to(true))
|
|
|
|
end
|
2023-01-13 00:05:48 +05:30
|
|
|
end
|
2022-07-16 23:28:13 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
context 'when admin mode is disabled' do
|
|
|
|
it 'disallows admins to delete anyone' do
|
|
|
|
expect { described_class.new(admin).execute(user) }.to raise_error(Gitlab::Access::AccessDeniedError)
|
|
|
|
|
|
|
|
expect(Users::GhostUserMigration).not_to be_exists
|
|
|
|
end
|
|
|
|
end
|
2022-10-11 01:57:18 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
it 'allows users to delete their own account' do
|
|
|
|
expect { described_class.new(user).execute(user) }
|
|
|
|
.to(
|
2022-10-11 01:57:18 +05:30
|
|
|
change do
|
2023-01-13 00:05:48 +05:30
|
|
|
Users::GhostUserMigration.where(user: user,
|
|
|
|
initiator_user: user)
|
2022-10-11 01:57:18 +05:30
|
|
|
.exists?
|
|
|
|
end.from(false).to(true))
|
2023-01-13 00:05:48 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'allows user to be deleted if skip_authorization: true' do
|
|
|
|
other_user = create(:user)
|
|
|
|
|
|
|
|
expect do
|
|
|
|
described_class.new(user)
|
|
|
|
.execute(other_user, skip_authorization: true)
|
|
|
|
end.to(
|
|
|
|
change do
|
|
|
|
Users::GhostUserMigration.where(user: other_user,
|
|
|
|
initiator_user: user )
|
|
|
|
.exists?
|
|
|
|
end.from(false).to(true))
|
2022-06-21 17:19:12 +05:30
|
|
|
end
|
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|