NotificationsYou must be signed in to change notification settings
Fork1.1k
Star11.8k

Commit4113828

committed

Force soft delete of users, do not allow un-delete

1 parent520b3ef commit4113828Copy full SHA for 4113828

File tree

8 files changed

+77

-109

lines changed

coderd
- database
  - dbauthz
    - dbauthz.go
  - dbmem
    - dbmem.go
  - dbmetrics
    - dbmetrics.go
  - dbmock
    - dbmock.go
  - querier.go
  - queries.sql.go
  - queries
    - users.sql
- users.go

8 files changed

+77

-109

lines changed

`‎coderd/database/dbauthz/dbauthz.go‎`

Lines changed: 4 additions & 22 deletions

Original file line number	Diff line number	Diff line change
`@@ -607,16 +607,6 @@ func (q *querier) SoftDeleteTemplateByID(ctx context.Context, id uuid.UUID) erro`
`607`	`607`	`returndeleteQ(q.log,q.auth,q.db.GetTemplateByID,deleteF)(ctx,id)`
`608`	`608`	`}`
`609`	`609`
`610`		`-func (q*querier)SoftDeleteUserByID(ctx context.Context,id uuid.UUID)error {`
`611`		`-deleteF:=func(ctx context.Context,id uuid.UUID)error {`
`612`		`-returnq.db.UpdateUserDeletedByID(ctx, database.UpdateUserDeletedByIDParams{`
`613`		`-ID:id,`
`614`		`-Deleted:true,`
`615`		`-})`
`616`		`-}`
`617`		`-returndeleteQ(q.log,q.auth,q.db.GetUserByID,deleteF)(ctx,id)`
`618`		`-}`
`619`		`-`
`620`	`610`	`func (q*querier)SoftDeleteWorkspaceByID(ctx context.Context,id uuid.UUID)error {`
`621`	`611`	`returndeleteQ(q.log,q.auth,q.db.GetWorkspaceByID,func(ctx context.Context,id uuid.UUID)error {`
`622`	`612`	`returnq.db.UpdateWorkspaceDeletedByID(ctx, database.UpdateWorkspaceDeletedByIDParams{`
`@@ -2514,6 +2504,10 @@ func (q *querier) RevokeDBCryptKey(ctx context.Context, activeKeyDigest string)`
`2514`	`2504`	`returnq.db.RevokeDBCryptKey(ctx,activeKeyDigest)`
`2515`	`2505`	`}`
`2516`	`2506`
	`2507`	`+func (q*querier)SoftDeleteUserByID(ctx context.Context,id uuid.UUID)error {`
	`2508`	`+returndeleteQ(q.log,q.auth,q.db.GetUserByID,q.db.SoftDeleteUserByID)(ctx,id)`
	`2509`	`+}`
	`2510`	`+`
`2517`	`2511`	`func (q*querier)TryAcquireLock(ctx context.Context,idint64) (bool,error) {`
`2518`	`2512`	`returnq.db.TryAcquireLock(ctx,id)`
`2519`	`2513`	`}`
`@@ -2835,18 +2829,6 @@ func (q *querier) UpdateUserAppearanceSettings(ctx context.Context, arg database`
`2835`	`2829`	`returnq.db.UpdateUserAppearanceSettings(ctx,arg)`
`2836`	`2830`	`}`
`2837`	`2831`
`2838`		`-// UpdateUserDeletedByID`
`2839`		`-// Deprecated: Delete this function in favor of 'SoftDeleteUserByID'. Deletes are`
`2840`		`-// irreversible.`
`2841`		`-func (q*querier)UpdateUserDeletedByID(ctx context.Context,arg database.UpdateUserDeletedByIDParams)error {`
`2842`		`-fetch:=func(ctx context.Context,arg database.UpdateUserDeletedByIDParams) (database.User,error) {`
`2843`		`-returnq.db.GetUserByID(ctx,arg.ID)`
`2844`		`-}`
`2845`		`-// This uses the rbac.ActionDelete action always as this function should always delete.`
`2846`		`-// We should delete this function in favor of 'SoftDeleteUserByID'.`
`2847`		`-returndeleteQ(q.log,q.auth,fetch,q.db.UpdateUserDeletedByID)(ctx,arg)`
`2848`		`-}`
`2849`		`-`
`2850`	`2832`	`func (q*querier)UpdateUserHashedPassword(ctx context.Context,arg database.UpdateUserHashedPasswordParams)error {`
`2851`	`2833`	`user,err:=q.db.GetUserByID(ctx,arg.ID)`
`2852`	`2834`	`iferr!=nil {`

`‎coderd/database/dbmem/dbmem.go‎`

Lines changed: 34 additions & 40 deletions

Original file line number	Diff line number	Diff line change
`@@ -5534,18 +5534,6 @@ func (q *FakeQuerier) InsertUserGroupsByName(_ context.Context, arg database.Ins`
`5534`	`5534`	`returnnil`
`5535`	`5535`	`}`
`5536`	`5536`
`5537`		`-// Took the error from the real database.`
`5538`		`-vardeletedUserLinkError=&pq.Error{`
`5539`		`-Severity:"ERROR",`
`5540`		`-// "raise_exception" error`
`5541`		`-Code:"P0001",`
`5542`		`-Message:"Cannot create user_link for deleted user",`
`5543`		`-Where:"PL/pgSQL function insert_user_links_fail_if_user_deleted() line 7 at RAISE",`
`5544`		`-File:"pl_exec.c",`
`5545`		`-Line:"3864",`
`5546`		`-Routine:"exec_stmt_raise",`
`5547`		`-}`
`5548`		`-`
`5549`	`5537`	`func (q*FakeQuerier)InsertUserLink(_ context.Context,args database.InsertUserLinkParams) (database.UserLink,error) {`
`5550`	`5538`	`q.mutex.Lock()`
`5551`	`5539`	`deferq.mutex.Unlock()`
`@@ -6085,6 +6073,40 @@ func (q *FakeQuerier) RevokeDBCryptKey(_ context.Context, activeKeyDigest string`
`6085`	`6073`	`returnsql.ErrNoRows`
`6086`	`6074`	`}`
`6087`	`6075`
	`6076`	`+// Took the error from the real database.`
	`6077`	`+vardeletedUserLinkError=&pq.Error{`
	`6078`	`+Severity:"ERROR",`
	`6079`	`+// "raise_exception" error`
	`6080`	`+Code:"P0001",`
	`6081`	`+Message:"Cannot create user_link for deleted user",`
	`6082`	`+Where:"PL/pgSQL function insert_user_links_fail_if_user_deleted() line 7 at RAISE",`
	`6083`	`+File:"pl_exec.c",`
	`6084`	`+Line:"3864",`
	`6085`	`+Routine:"exec_stmt_raise",`
	`6086`	`+}`
	`6087`	`+`
	`6088`	`+func (q*FakeQuerier)SoftDeleteUserByID(ctx context.Context,id uuid.UUID)error {`
	`6089`	`+q.mutex.Lock()`
	`6090`	`+deferq.mutex.Unlock()`
	`6091`	`+`
	`6092`	`+fori,u:=rangeq.users {`
	`6093`	`+ifu.ID==id {`
	`6094`	`+u.Deleted=true`
	`6095`	`+q.users[i]=u`
	`6096`	`+// NOTE: In the real world, this is done by a trigger.`
	`6097`	`+q.apiKeys=slices.DeleteFunc(q.apiKeys,func(u database.APIKey)bool {`
	`6098`	`+returnid==u.UserID`
	`6099`	`+})`
	`6100`	`+`
	`6101`	`+q.userLinks=slices.DeleteFunc(q.userLinks,func(u database.UserLink)bool {`
	`6102`	`+returnid==u.UserID`
	`6103`	`+})`
	`6104`	`+returnnil`
	`6105`	`+}`
	`6106`	`+}`
	`6107`	`+returnsql.ErrNoRows`
	`6108`	`+}`
	`6109`	`+`
`6088`	`6110`	`func (*FakeQuerier)TryAcquireLock(_ context.Context,_int64) (bool,error) {`
`6089`	`6111`	`returnfalse,xerrors.New("TryAcquireLock must only be called within a transaction")`
`6090`	`6112`	`}`
`@@ -6686,34 +6708,6 @@ func (q *FakeQuerier) UpdateUserAppearanceSettings(_ context.Context, arg databa`
`6686`	`6708`	`return database.User{},sql.ErrNoRows`
`6687`	`6709`	`}`
`6688`	`6710`
`6689`		`-func (q*FakeQuerier)UpdateUserDeletedByID(_ context.Context,params database.UpdateUserDeletedByIDParams)error {`
`6690`		`-iferr:=validateDatabaseType(params);err!=nil {`
`6691`		`-returnerr`
`6692`		`-}`
`6693`		`-`
`6694`		`-q.mutex.Lock()`
`6695`		`-deferq.mutex.Unlock()`
`6696`		`-`
`6697`		`-fori,u:=rangeq.users {`
`6698`		`-ifu.ID==params.ID {`
`6699`		`-u.Deleted=params.Deleted`
`6700`		`-q.users[i]=u`
`6701`		`-ifparams.Deleted {`
`6702`		`-// NOTE: In the real world, this is done by a trigger.`
`6703`		`-q.apiKeys=slices.DeleteFunc(q.apiKeys,func(u database.APIKey)bool {`
`6704`		`-returnparams.ID==u.UserID`
`6705`		`-})`
`6706`		`-`
`6707`		`-q.userLinks=slices.DeleteFunc(q.userLinks,func(u database.UserLink)bool {`
`6708`		`-returnparams.ID==u.UserID`
`6709`		`-})`
`6710`		`-}`
`6711`		`-returnnil`
`6712`		`-}`
`6713`		`-}`
`6714`		`-returnsql.ErrNoRows`
`6715`		`-}`
`6716`		`-`
`6717`	`6711`	`func (q*FakeQuerier)UpdateUserHashedPassword(_ context.Context,arg database.UpdateUserHashedPasswordParams)error {`
`6718`	`6712`	`iferr:=validateDatabaseType(arg);err!=nil {`
`6719`	`6713`	`returnerr`

`‎coderd/database/dbmetrics/dbmetrics.go‎`

Lines changed: 7 additions & 7 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/dbmock/dbmock.go‎`

Lines changed: 14 additions & 14 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/querier.go‎`

Lines changed: 1 addition & 1 deletion

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/queries.sql.go‎`

Lines changed: 14 additions & 19 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/queries/users.sql‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -112,11 +112,11 @@ SET`
`112`	`112`	`WHERE`
`113`	`113`	`id= $1;`
`114`	`114`
`115`		`--- name:UpdateUserDeletedByID :exec`
	`115`	`+-- name:SoftDeleteUserByID :exec`
`116`	`116`	`UPDATE`
`117`	`117`	`users`
`118`	`118`	`SET`
`119`		`-deleted=$2`
	`119`	`+deleted=true`
`120`	`120`	`WHERE`
`121`	`121`	`id= $1;`
`122`	`122`

`‎coderd/users.go‎`

Lines changed: 1 addition & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -521,10 +521,7 @@ func (api API) deleteUser(rw http.ResponseWriter, r http.Request) {`
`521`	`521`	`return`
`522`	`522`	`}`
`523`	`523`
`524`		`-err=api.Database.UpdateUserDeletedByID(ctx, database.UpdateUserDeletedByIDParams{`
`525`		`-ID:user.ID,`
`526`		`-Deleted:true,`
`527`		`-})`
	`524`	`+err=api.Database.SoftDeleteUserByID(ctx,user.ID)`
`528`	`525`	`ifdbauthz.IsNotAuthorizedError(err) {`
`529`	`526`	`httpapi.Forbidden(rw)`
`530`	`527`	`return`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit4113828

File tree

8 files changed

8 files changed

`‎coderd/database/dbauthz/dbauthz.go‎`

`‎coderd/database/dbmem/dbmem.go‎`

`‎coderd/database/dbmetrics/dbmetrics.go‎`

`‎coderd/database/dbmock/dbmock.go‎`

`‎coderd/database/querier.go‎`

`‎coderd/database/queries.sql.go‎`

`‎coderd/database/queries/users.sql‎`

`‎coderd/users.go‎`

0 commit comments