# frozen_string_literal: true module Users class DestroyService DestroyError = Class.new(StandardError) attr_accessor :current_user def initialize(current_user) @current_user = current_user @scheduled_records_gauge = Gitlab::Metrics.gauge( :gitlab_ghost_user_migration_scheduled_records_total, 'The total number of scheduled ghost user migrations' ) @lag_gauge = Gitlab::Metrics.gauge( :gitlab_ghost_user_migration_lag_seconds, 'The waiting time in seconds of the oldest scheduled record for ghost user migration' ) end # Asynchronously destroys +user+ # Migrating the associated user records, and post-migration cleanup is # handled by the Users::MigrateRecordsToGhostUserWorker cron worker. # # The operation will fail if the user is the sole owner of any groups. To # force the groups to be destroyed, pass `delete_solo_owned_groups: true` in # +options+. # # The user's contributions will be migrated to a global ghost user. To # force the contributions to be destroyed, pass `hard_delete: true` in # +options+. # # `hard_delete: true` implies `delete_solo_owned_groups: true`. To perform # a hard deletion without destroying solo-owned groups, pass # `delete_solo_owned_groups: false, hard_delete: true` in +options+. # def execute(user, options = {}) delete_solo_owned_groups = options.fetch(:delete_solo_owned_groups, options[:hard_delete]) unless Ability.allowed?(current_user, :destroy_user, user) || options[:skip_authorization] raise Gitlab::Access::AccessDeniedError, "#{current_user} tried to destroy user #{user}!" end if !delete_solo_owned_groups && user.solo_owned_groups.present? user.errors.add(:base, 'You must transfer ownership or delete groups before you can remove user') return user end user.block # Load the records. Groups are unavailable after membership is destroyed. solo_owned_groups = user.solo_owned_groups.load user.members.each_batch { |batch| batch.destroy_all } # rubocop:disable Style/SymbolProc, Cop/DestroyAll solo_owned_groups.each do |group| Groups::DestroyService.new(group, current_user).execute end namespace = user.namespace namespace.prepare_for_destroy user.personal_projects.each do |project| success = ::Projects::DestroyService.new(project, current_user).execute raise DestroyError, "Project #{project.id} can't be deleted" unless success end yield(user) if block_given? hard_delete = options.fetch(:hard_delete, false) Users::GhostUserMigration.create!(user: user, initiator_user: current_user, hard_delete: hard_delete) update_metrics end private attr_reader :scheduled_records_gauge, :lag_gauge def update_metrics update_scheduled_records_gauge update_lag_gauge end def update_scheduled_records_gauge # We do not want to issue unbounded COUNT() queries, hence we limit the # query to count 1001 records and then approximate the result. count = Users::GhostUserMigration.limit(1001).count if count == 1001 # more than 1000 records, approximate count min = Users::GhostUserMigration.minimum(:id) || 0 max = Users::GhostUserMigration.maximum(:id) || 0 scheduled_records_gauge.set({}, max - min) else # less than 1000 records, count is accurate scheduled_records_gauge.set({}, count) end end def update_lag_gauge oldest_job = Users::GhostUserMigration.first lag_gauge.set({}, Time.current - oldest_job.created_at) end end end Users::DestroyService.prepend_mod_with('Users::DestroyService')