Skip to content

Commit

Permalink
Delete user related oauth stuff on user deletion too (#19677) (#19680)
Browse files Browse the repository at this point in the history
Backport (#19677)

* delete user related oauth stuff on user deletion too

* extend doctor check-db-consistency

* make it build for v1.16.x
  • Loading branch information
6543 authored May 12, 2022
1 parent 4386eb7 commit 8f44d00
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 0 deletions.
8 changes: 8 additions & 0 deletions models/user.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import (
_ "image/jpeg" // Needed for jpeg support

asymkey_model "code.gitea.io/gitea/models/asymkey"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db"
repo_model "code.gitea.io/gitea/models/repo"
user_model "code.gitea.io/gitea/models/user"
Expand Down Expand Up @@ -83,6 +84,11 @@ func DeleteUser(ctx context.Context, u *user_model.User) (err error) {
}
// ***** END: Follow *****

if _, err := db.GetEngine(ctx).In("grant_id", builder.Select("id").From("oauth2_grant").Where(builder.Eq{"oauth2_grant.user_id": u.ID})).
Delete(&auth_model.OAuth2AuthorizationCode{}); err != nil {
return err
}

if err = deleteBeans(e,
&AccessToken{UID: u.ID},
&Collaboration{UserID: u.ID},
Expand All @@ -100,6 +106,8 @@ func DeleteUser(ctx context.Context, u *user_model.User) (err error) {
&Collaboration{UserID: u.ID},
&Stopwatch{UserID: u.ID},
&user_model.Setting{UserID: u.ID},
&auth_model.OAuth2Application{UID: u.ID},
&auth_model.OAuth2Grant{UserID: u.ID},
); err != nil {
return fmt.Errorf("deleteBeans: %v", err)
}
Expand Down
9 changes: 9 additions & 0 deletions modules/doctor/dbconsistency.go
Original file line number Diff line number Diff line change
Expand Up @@ -186,6 +186,15 @@ func checkDBConsistency(logger log.Logger, autofix bool) error {
// find action without repository
genericOrphanCheck("Action entries without existing repository",
"action", "repository", "action.repo_id=repository.id"),
// find OAuth2Grant without existing user
genericOrphanCheck("Orphaned OAuth2Grant without existing User",
"oauth2_grant", "user", "oauth2_grant.user_id=user.id"),
// find OAuth2Application without existing user
genericOrphanCheck("Orphaned OAuth2Application without existing User",
"oauth2_application", "user", "oauth2_application.uid=user.id"),
// find OAuth2AuthorizationCode without existing OAuth2Grant
genericOrphanCheck("Orphaned OAuth2AuthorizationCode without existing OAuth2Grant",
"oauth2_authorization_code", "oauth2_grant", "oauth2_authorization_code.grant_id=oauth2_grant.id"),
)

for _, c := range consistencyChecks {
Expand Down

0 comments on commit 8f44d00

Please sign in to comment.