2019-07-31 22:56:46 +05:30
# frozen_string_literal: true
2017-08-17 22:00:37 +05:30
require 'spec_helper'
2020-07-28 23:09:34 +05:30
RSpec . describe Users :: DestroyService do
2021-01-29 00:20:46 +05:30
let! ( :user ) { create ( :user ) }
let! ( :admin ) { create ( :admin ) }
let! ( :namespace ) { user . namespace }
let! ( :project ) { create ( :project , namespace : namespace ) }
let ( :service ) { described_class . new ( admin ) }
let ( :gitlab_shell ) { Gitlab :: Shell . new }
2022-10-11 01:57:18 +05:30
shared_examples 'pre-migrate clean-up' do
describe " Deletes a user and all their personal projects " , :enable_admin_mode do
context 'no options are given' do
it 'will delete the personal project' do
expect_next_instance_of ( Projects :: DestroyService ) do | destroy_service |
expect ( destroy_service ) . to receive ( :execute ) . once . and_return ( true )
end
service . execute ( user )
end
2017-08-17 22:00:37 +05:30
end
2022-10-11 01:57:18 +05:30
context 'personal projects in pending_delete' do
before do
project . pending_delete = true
project . save!
end
it 'destroys a personal project in pending_delete' do
expect_next_instance_of ( Projects :: DestroyService ) do | destroy_service |
expect ( destroy_service ) . to receive ( :execute ) . once . and_return ( true )
end
2020-03-13 15:44:24 +05:30
2022-10-11 01:57:18 +05:30
service . execute ( user )
end
2020-03-13 15:44:24 +05:30
end
2022-10-11 01:57:18 +05:30
context " solo owned groups present " do
let ( :solo_owned ) { create ( :group ) }
let ( :member ) { create ( :group_member ) }
let ( :user ) { member . user }
2020-04-08 14:13:33 +05:30
2022-10-11 01:57:18 +05:30
before do
solo_owned . group_members = [ member ]
end
2020-04-08 14:13:33 +05:30
2022-10-11 01:57:18 +05:30
it 'returns the user with attached errors' do
expect ( service . execute ( user ) ) . to be ( user )
expect ( user . errors . full_messages ) . to (
contain_exactly ( 'You must transfer ownership or delete groups before you can remove user' ) )
2018-11-08 19:23:39 +05:30
end
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
it 'does not delete the user, nor the group' do
service . execute ( user )
expect ( User . find ( user . id ) ) . to eq user
expect ( Group . find ( solo_owned . id ) ) . to eq solo_owned
end
2017-08-17 22:00:37 +05:30
end
2020-04-08 14:13:33 +05:30
2022-10-11 01:57:18 +05:30
context " deletions with solo owned groups " do
let ( :solo_owned ) { create ( :group ) }
let ( :member ) { create ( :group_member ) }
let ( :user ) { member . user }
2020-04-08 14:13:33 +05:30
2022-10-11 01:57:18 +05:30
before do
solo_owned . group_members = [ member ]
service . execute ( user , delete_solo_owned_groups : true )
2020-04-08 14:13:33 +05:30
end
2022-10-11 01:57:18 +05:30
it 'deletes solo owned groups' do
expect { Group . find ( solo_owned . id ) } . to raise_error ( ActiveRecord :: RecordNotFound )
end
end
2020-04-08 14:13:33 +05:30
2022-10-11 01:57:18 +05:30
context 'deletions with inherited group owners' do
let ( :group ) { create ( :group , :nested ) }
let ( :user ) { create ( :user ) }
let ( :inherited_owner ) { create ( :user ) }
before do
group . parent . add_owner ( inherited_owner )
group . add_owner ( user )
2020-04-08 14:13:33 +05:30
2022-10-11 01:57:18 +05:30
service . execute ( user , delete_solo_owned_groups : true )
end
2020-04-08 14:13:33 +05:30
2022-10-11 01:57:18 +05:30
it 'does not delete the group' do
expect ( Group . exists? ( id : group ) ) . to be_truthy
2020-04-08 14:13:33 +05:30
end
end
2022-10-11 01:57:18 +05:30
describe " user personal's repository removal " do
context 'storages' do
before do
perform_enqueued_jobs { service . execute ( user ) }
end
2020-06-23 00:09:42 +05:30
2022-10-11 01:57:18 +05:30
context 'legacy storage' do
let! ( :project ) { create ( :project , :empty_repo , :legacy_storage , namespace : user . namespace ) }
2020-06-23 00:09:42 +05:30
2022-10-11 01:57:18 +05:30
it 'removes repository' do
expect (
gitlab_shell . repository_exists? ( project . repository_storage ,
" #{ project . disk_path } .git " )
) . to be_falsey
end
end
2020-06-23 00:09:42 +05:30
2022-10-11 01:57:18 +05:30
context 'hashed storage' do
let! ( :project ) { create ( :project , :empty_repo , namespace : user . namespace ) }
2020-05-24 23:13:21 +05:30
2022-10-11 01:57:18 +05:30
it 'removes repository' do
expect (
gitlab_shell . repository_exists? ( project . repository_storage ,
" #{ project . disk_path } .git " )
) . to be_falsey
end
end
end
2020-04-08 14:13:33 +05:30
2022-10-11 01:57:18 +05:30
context 'repository removal status is taken into account' do
it 'raises exception' do
expect_next_instance_of ( :: Projects :: DestroyService ) do | destroy_service |
expect ( destroy_service ) . to receive ( :execute ) . and_return ( false )
end
2020-04-08 14:13:33 +05:30
expect { service . execute ( user ) }
2022-10-11 01:57:18 +05:30
. to raise_error ( Users :: DestroyService :: DestroyError ,
" Project #{ project . id } can't be deleted " )
2020-04-08 14:13:33 +05:30
end
end
end
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
describe " calls the before/after callbacks " do
it 'of project_members' do
expect_any_instance_of ( ProjectMember ) . to receive ( :run_callbacks ) . with ( :find ) . once
expect_any_instance_of ( ProjectMember ) . to receive ( :run_callbacks ) . with ( :initialize ) . once
expect_any_instance_of ( ProjectMember ) . to receive ( :run_callbacks ) . with ( :destroy ) . once
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
service . execute ( user )
2018-11-08 19:23:39 +05:30
end
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
it 'of group_members' do
group_member = create ( :group_member )
group_member . group . group_members . create! ( user : user , access_level : 40 )
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
expect_any_instance_of ( GroupMember ) . to receive ( :run_callbacks ) . with ( :find ) . once
expect_any_instance_of ( GroupMember ) . to receive ( :run_callbacks ) . with ( :initialize ) . once
expect_any_instance_of ( GroupMember ) . to receive ( :run_callbacks ) . with ( :destroy ) . once
service . execute ( user )
end
2017-08-17 22:00:37 +05:30
end
end
2022-10-11 01:57:18 +05:30
end
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
context 'when user_destroy_with_limited_execution_time_worker is disabled' do
before do
stub_feature_flags ( user_destroy_with_limited_execution_time_worker : false )
end
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
include_examples 'pre-migrate clean-up'
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
describe " Deletes a user and all their personal projects " , :enable_admin_mode do
context 'no options are given' do
it 'deletes the user' do
user_data = service . execute ( user )
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
expect ( user_data [ 'email' ] ) . to eq ( user . email )
expect { User . find ( user . id ) } . to raise_error ( ActiveRecord :: RecordNotFound )
expect { Namespace . find ( namespace . id ) } . to raise_error ( ActiveRecord :: RecordNotFound )
2017-08-17 22:00:37 +05:30
end
2022-10-11 01:57:18 +05:30
it 'deletes user associations in batches' do
expect ( user ) . to receive ( :destroy_dependent_associations_in_batches )
service . execute ( user )
2017-08-17 22:00:37 +05:30
end
2022-10-11 01:57:18 +05:30
it 'does not include snippets when deleting in batches' do
expect ( user ) . to receive ( :destroy_dependent_associations_in_batches ) . with ( { exclude : [ :snippets ] } )
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
service . execute ( user )
2017-08-17 22:00:37 +05:30
end
2022-10-11 01:57:18 +05:30
it 'calls the bulk snippet destroy service for the user personal snippets' do
repo1 = create ( :personal_snippet , :repository , author : user ) . snippet_repository
repo2 = create ( :project_snippet , :repository , project : project , author : user ) . snippet_repository
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
aggregate_failures do
expect ( gitlab_shell . repository_exists? ( repo1 . shard_name , repo1 . disk_path + '.git' ) ) . to be_truthy
expect ( gitlab_shell . repository_exists? ( repo2 . shard_name , repo2 . disk_path + '.git' ) ) . to be_truthy
end
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
# Call made when destroying user personal projects
expect ( Snippets :: BulkDestroyService ) . to receive ( :new )
. with ( admin , project . snippets ) . and_call_original
# Call to remove user personal snippets and for
# project snippets where projects are not user personal
# ones
expect ( Snippets :: BulkDestroyService ) . to receive ( :new )
. with ( admin , user . snippets . only_personal_snippets ) . and_call_original
2017-08-17 22:00:37 +05:30
service . execute ( user )
2022-10-11 01:57:18 +05:30
aggregate_failures do
expect ( gitlab_shell . repository_exists? ( repo1 . shard_name , repo1 . disk_path + '.git' ) ) . to be_falsey
expect ( gitlab_shell . repository_exists? ( repo2 . shard_name , repo2 . disk_path + '.git' ) ) . to be_falsey
end
2017-08-17 22:00:37 +05:30
end
2022-10-11 01:57:18 +05:30
it 'calls the bulk snippet destroy service with hard delete option if it is present' do
# this avoids getting into Projects::DestroyService as it would
# call Snippets::BulkDestroyService first!
allow ( user ) . to receive ( :personal_projects ) . and_return ( [ ] )
expect_next_instance_of ( Snippets :: BulkDestroyService ) do | bulk_destroy_service |
expect ( bulk_destroy_service ) . to receive ( :execute ) . with ( { skip_authorization : true } ) . and_call_original
end
service . execute ( user , { hard_delete : true } )
2017-08-17 22:00:37 +05:30
end
2022-10-11 01:57:18 +05:30
it 'does not delete project snippets that the user is the author of' do
repo = create ( :project_snippet , :repository , author : user ) . snippet_repository
service . execute ( user )
expect ( gitlab_shell . repository_exists? ( repo . shard_name , repo . disk_path + '.git' ) ) . to be_truthy
expect ( User . ghost . snippets ) . to include ( repo . snippet )
end
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
context 'when an error is raised deleting snippets' do
it 'does not delete user' do
snippet = create ( :personal_snippet , :repository , author : user )
bulk_service = double
allow ( Snippets :: BulkDestroyService ) . to receive ( :new ) . and_call_original
allow ( Snippets :: BulkDestroyService ) . to receive ( :new ) . with ( admin , user . snippets ) . and_return ( bulk_service )
allow ( bulk_service ) . to receive ( :execute ) . and_return ( ServiceResponse . error ( message : 'foo' ) )
aggregate_failures do
expect { service . execute ( user ) }
. to raise_error ( Users :: DestroyService :: DestroyError , 'foo' )
expect ( snippet . reload ) . not_to be_nil
expect (
gitlab_shell . repository_exists? ( snippet . repository_storage ,
snippet . disk_path + '.git' )
) . to be_truthy
end
end
2017-08-17 22:00:37 +05:30
end
end
2022-10-11 01:57:18 +05:30
context 'projects in pending_delete' do
before do
project . pending_delete = true
project . save!
end
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
it 'destroys a project in pending_delete' do
expect_next_instance_of ( Projects :: DestroyService ) do | destroy_service |
expect ( destroy_service ) . to receive ( :execute ) . once . and_return ( true )
end
2020-03-13 15:44:24 +05:30
2022-10-11 01:57:18 +05:30
service . execute ( user )
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
expect { Project . find ( project . id ) } . to raise_error ( ActiveRecord :: RecordNotFound )
end
2017-08-17 22:00:37 +05:30
end
2022-10-11 01:57:18 +05:30
context " a deleted user's issues " do
let ( :project ) { create ( :project ) }
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
before do
project . add_developer ( user )
end
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
context " for an issue the user was assigned to " do
let! ( :issue ) { create ( :issue , project : project , assignees : [ user ] ) }
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
before do
service . execute ( user )
end
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
it 'does not delete issues the user is assigned to' do
expect ( Issue . find_by_id ( issue . id ) ) . to be_present
end
2022-07-16 23:28:13 +05:30
2022-10-11 01:57:18 +05:30
it 'migrates the issue so that it is "Unassigned"' do
migrated_issue = Issue . find_by_id ( issue . id )
2022-07-16 23:28:13 +05:30
2022-10-11 01:57:18 +05:30
expect ( migrated_issue . assignees ) . to be_empty
end
end
2022-07-16 23:28:13 +05:30
end
2022-10-11 01:57:18 +05:30
context " a deleted user's merge_requests " do
let ( :project ) { create ( :project , :repository ) }
2022-07-16 23:28:13 +05:30
2022-10-11 01:57:18 +05:30
before do
project . add_developer ( user )
end
2022-07-16 23:28:13 +05:30
2022-10-11 01:57:18 +05:30
context " for an merge request the user was assigned to " do
let! ( :merge_request ) { create ( :merge_request , source_project : project , assignees : [ user ] ) }
before do
service . execute ( user )
end
2017-09-10 17:25:29 +05:30
2022-10-11 01:57:18 +05:30
it 'does not delete merge requests the user is assigned to' do
expect ( MergeRequest . find_by_id ( merge_request . id ) ) . to be_present
end
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
it 'migrates the merge request so that it is "Unassigned"' do
migrated_merge_request = MergeRequest . find_by_id ( merge_request . id )
2017-09-10 17:25:29 +05:30
2022-10-11 01:57:18 +05:30
expect ( migrated_merge_request . assignees ) . to be_empty
end
end
2017-08-17 22:00:37 +05:30
end
2022-10-11 01:57:18 +05:30
context 'migrating associated records' do
let! ( :issue ) { create ( :issue , author : user ) }
it 'delegates to the `MigrateToGhostUser` service to move associated records to the ghost user' do
2022-04-04 11:22:00 +05:30
expect_any_instance_of ( Users :: MigrateToGhostUserService ) . to receive ( :execute ) . once . and_call_original
2017-08-17 22:00:37 +05:30
2022-10-11 01:57:18 +05:30
service . execute ( user )
2017-09-10 17:25:29 +05:30
2022-10-11 01:57:18 +05:30
expect ( issue . reload . author ) . to be_ghost
2022-04-04 11:22:00 +05:30
end
2018-03-17 18:26:18 +05:30
2022-10-11 01:57:18 +05:30
context 'when hard_delete option is given' do
it 'will not ghost certain records' do
expect_any_instance_of ( Users :: MigrateToGhostUserService ) . to receive ( :execute ) . once . and_call_original
2018-11-20 20:47:30 +05:30
2022-10-11 01:57:18 +05:30
service . execute ( user , hard_delete : true )
2018-11-20 20:47:30 +05:30
2022-10-11 01:57:18 +05:30
expect ( Issue . exists? ( issue . id ) ) . to be_falsy
2018-11-20 20:47:30 +05:30
end
end
2022-10-11 01:57:18 +05:30
end
end
2018-03-17 18:26:18 +05:30
2022-10-11 01:57:18 +05:30
describe " Deletion permission checks " do
it 'does not delete the user when user is not an admin' do
other_user = create ( :user )
2018-03-17 18:26:18 +05:30
2022-10-11 01:57:18 +05:30
expect { described_class . new ( other_user ) . execute ( user ) } . to raise_error ( Gitlab :: Access :: AccessDeniedError )
expect ( User . exists? ( user . id ) ) . to be ( true )
end
context 'when admin mode is enabled' , :enable_admin_mode do
it 'allows admins to delete anyone' do
described_class . new ( admin ) . execute ( user )
expect ( User . exists? ( user . id ) ) . to be ( false )
2018-03-17 18:26:18 +05:30
end
end
2022-10-11 01:57:18 +05:30
context 'when admin mode is disabled' do
it 'disallows admins to delete anyone' do
expect { described_class . new ( admin ) . execute ( user ) } . to raise_error ( Gitlab :: Access :: AccessDeniedError )
2018-03-17 18:26:18 +05:30
2022-10-11 01:57:18 +05:30
expect ( User . exists? ( user . id ) ) . to be ( true )
2018-03-17 18:26:18 +05:30
end
end
2022-10-11 01:57:18 +05:30
it 'allows users to delete their own account' do
described_class . new ( user ) . execute ( user )
2018-03-17 18:26:18 +05:30
2022-10-11 01:57:18 +05:30
expect ( User . exists? ( user . id ) ) . to be ( false )
2018-03-17 18:26:18 +05:30
end
2022-10-11 01:57:18 +05:30
it 'allows user to be deleted if skip_authorization: true' do
other_user = create ( :user )
2018-03-17 18:26:18 +05:30
2022-10-11 01:57:18 +05:30
described_class . new ( user ) . execute ( other_user , skip_authorization : true )
2018-03-17 18:26:18 +05:30
2022-10-11 01:57:18 +05:30
expect ( User . exists? ( other_user . id ) ) . to be ( false )
2018-03-17 18:26:18 +05:30
end
end
2021-01-29 00:20:46 +05:30
2022-10-11 01:57:18 +05:30
context 'batched nullify' do
let ( :other_user ) { create ( :user ) }
2021-01-29 00:20:46 +05:30
2022-11-25 23:54:43 +05:30
# rubocop:disable Layout/LineLength
def nullify_in_batches_regexp ( table , column , user , batch_size : 100 )
%r{ ^UPDATE " #{ table } " SET " #{ column } " = NULL WHERE " #{ table } "."id" IN \ (SELECT " #{ table } "."id" FROM " #{ table } " WHERE " #{ table } "." #{ column } " = #{ user . id } LIMIT #{ batch_size } \ ) }
end
def delete_in_batches_regexps ( table , column , user , items , batch_size : 1000 )
select_query = %r{ ^SELECT " #{ table } ".* FROM " #{ table } " WHERE " #{ table } "." #{ column } " = #{ user . id } .*ORDER BY " #{ table } "."id" ASC LIMIT #{ batch_size } }
[ select_query ] + items . map { | item | %r{ ^DELETE FROM " #{ table } " WHERE " #{ table } "."id" = #{ item . id } } }
end
# rubocop:enable Layout/LineLength
2022-10-11 01:57:18 +05:30
it 'nullifies related associations in batches' do
expect ( other_user ) . to receive ( :nullify_dependent_associations_in_batches ) . and_call_original
2021-01-29 00:20:46 +05:30
2022-10-11 01:57:18 +05:30
described_class . new ( user ) . execute ( other_user , skip_authorization : true )
2021-01-29 00:20:46 +05:30
end
2022-11-25 23:54:43 +05:30
it 'nullifies issues and resource associations' , :aggregate_failures do
2022-10-11 01:57:18 +05:30
issue = create ( :issue , closed_by : other_user , updated_by : other_user )
resource_label_event = create ( :resource_label_event , user : other_user )
2022-11-25 23:54:43 +05:30
resource_state_event = create ( :resource_state_event , user : other_user )
todos = create_list ( :todo , 2 , project : issue . project , user : other_user , author : other_user , target : issue )
event = create ( :event , project : issue . project , author : other_user )
2021-01-29 00:20:46 +05:30
2022-11-25 23:54:43 +05:30
query_recorder = ActiveRecord :: QueryRecorder . new do
described_class . new ( user ) . execute ( other_user , skip_authorization : true )
end
2021-01-29 00:20:46 +05:30
2022-10-11 01:57:18 +05:30
issue . reload
resource_label_event . reload
2022-11-25 23:54:43 +05:30
resource_state_event . reload
2021-01-29 00:20:46 +05:30
2022-10-11 01:57:18 +05:30
expect ( issue . closed_by ) . to be_nil
expect ( issue . updated_by ) . to be_nil
expect ( resource_label_event . user ) . to be_nil
2022-11-25 23:54:43 +05:30
expect ( resource_state_event . user ) . to be_nil
expect ( other_user . authored_todos ) . to be_empty
expect ( other_user . todos ) . to be_empty
expect ( other_user . authored_events ) . to be_empty
expected_queries = [
nullify_in_batches_regexp ( :issues , :updated_by_id , other_user ) ,
nullify_in_batches_regexp ( :issues , :closed_by_id , other_user ) ,
nullify_in_batches_regexp ( :resource_label_events , :user_id , other_user ) ,
nullify_in_batches_regexp ( :resource_state_events , :user_id , other_user )
]
expected_queries += delete_in_batches_regexps ( :todos , :user_id , other_user , todos )
expected_queries += delete_in_batches_regexps ( :todos , :author_id , other_user , todos )
expected_queries += delete_in_batches_regexps ( :events , :author_id , other_user , [ event ] )
expect ( query_recorder . log ) . to include ( * expected_queries )
end
it 'nullifies merge request associations' , :aggregate_failures do
merge_request = create ( :merge_request , source_project : project , target_project : project ,
assignee : other_user , updated_by : other_user , merge_user : other_user )
merge_request . metrics . update! ( merged_by : other_user , latest_closed_by : other_user )
merge_request . reviewers = [ other_user ]
merge_request . assignees = [ other_user ]
query_recorder = ActiveRecord :: QueryRecorder . new do
described_class . new ( user ) . execute ( other_user , skip_authorization : true )
end
merge_request . reload
expect ( merge_request . updated_by ) . to be_nil
expect ( merge_request . assignee ) . to be_nil
expect ( merge_request . assignee_id ) . to be_nil
expect ( merge_request . metrics . merged_by ) . to be_nil
expect ( merge_request . metrics . latest_closed_by ) . to be_nil
expect ( merge_request . reviewers ) . to be_empty
expect ( merge_request . assignees ) . to be_empty
expected_queries = [
nullify_in_batches_regexp ( :merge_requests , :updated_by_id , other_user ) ,
nullify_in_batches_regexp ( :merge_requests , :assignee_id , other_user ) ,
nullify_in_batches_regexp ( :merge_request_metrics , :merged_by_id , other_user ) ,
nullify_in_batches_regexp ( :merge_request_metrics , :latest_closed_by_id , other_user )
]
expected_queries += delete_in_batches_regexps ( :merge_request_assignees , :user_id , other_user ,
merge_request . assignees )
expected_queries += delete_in_batches_regexps ( :merge_request_reviewers , :user_id , other_user ,
merge_request . reviewers )
expect ( query_recorder . log ) . to include ( * expected_queries )
2022-10-11 01:57:18 +05:30
end
2021-01-29 00:20:46 +05:30
end
2022-10-11 01:57:18 +05:30
end
2021-01-29 00:20:46 +05:30
2022-10-11 01:57:18 +05:30
context 'when user_destroy_with_limited_execution_time_worker is enabled' do
include_examples 'pre-migrate clean-up'
2021-01-29 00:20:46 +05:30
2022-10-11 01:57:18 +05:30
describe " Deletes a user and all their personal projects " , :enable_admin_mode do
context 'no options are given' do
it 'creates GhostUserMigration record to handle migration in a worker' do
expect { service . execute ( user ) }
. to (
change do
Users :: GhostUserMigration . where ( user : user ,
initiator_user : admin )
. exists?
end . from ( false ) . to ( true ) )
end
end
2021-01-29 00:20:46 +05:30
end
2022-06-21 17:19:12 +05:30
2022-10-11 01:57:18 +05:30
describe " Deletion permission checks " do
it 'does not delete the user when user is not an admin' do
other_user = create ( :user )
2022-06-21 17:19:12 +05:30
2022-10-11 01:57:18 +05:30
expect { described_class . new ( other_user ) . execute ( user ) } . to raise_error ( Gitlab :: Access :: AccessDeniedError )
2022-06-21 17:19:12 +05:30
2022-10-11 01:57:18 +05:30
expect ( Users :: GhostUserMigration ) . not_to be_exists
end
context 'when admin mode is enabled' , :enable_admin_mode do
it 'allows admins to delete anyone' do
expect { described_class . new ( admin ) . execute ( user ) }
. to (
change do
Users :: GhostUserMigration . where ( user : user ,
initiator_user : admin )
. exists?
end . from ( false ) . to ( true ) )
end
end
2022-06-21 17:19:12 +05:30
2022-10-11 01:57:18 +05:30
context 'when admin mode is disabled' do
it 'disallows admins to delete anyone' do
expect { described_class . new ( admin ) . execute ( user ) } . to raise_error ( Gitlab :: Access :: AccessDeniedError )
2022-06-21 17:19:12 +05:30
2022-10-11 01:57:18 +05:30
expect ( Users :: GhostUserMigration ) . not_to be_exists
end
end
2022-06-21 17:19:12 +05:30
2022-10-11 01:57:18 +05:30
it 'allows users to delete their own account' do
expect { described_class . new ( user ) . execute ( user ) }
. to (
change do
Users :: GhostUserMigration . where ( user : user ,
initiator_user : user )
. exists?
end . from ( false ) . to ( true ) )
end
2022-07-16 23:28:13 +05:30
2022-10-11 01:57:18 +05:30
it 'allows user to be deleted if skip_authorization: true' do
other_user = create ( :user )
expect do
described_class . new ( user )
. execute ( other_user , skip_authorization : true )
end . to (
change do
Users :: GhostUserMigration . where ( user : other_user ,
initiator_user : user )
. exists?
end . from ( false ) . to ( true ) )
end
2022-06-21 17:19:12 +05:30
end
end
2017-08-17 22:00:37 +05:30
end
