Commit 10cf9383 authored by Nick Thomas's avatar Nick Thomas

Merge branch '49796-project-deletion-may-not-log-audit-events-during-user-deletion' into 'master'

Resolve "Project deletion may not log audit events during user deletion"

Closes #49796

See merge request gitlab-org/gitlab-ce!21248
parents c6f7f938 fbf618fc
......@@ -83,9 +83,6 @@ module Projects
end
def remove_repository(path)
# Skip repository removal. We use this flag when remove user or group
return true if params[:skip_repo] == true
# There is a possibility project does not have repository or wiki
return true unless repo_exists?(path)
......
......@@ -2,6 +2,8 @@
module Users
class DestroyService
DestroyError = Class.new(StandardError)
attr_accessor :current_user
def initialize(current_user)
......@@ -46,9 +48,8 @@ module Users
namespace.prepare_for_destroy
user.personal_projects.each do |project|
# Skip repository removal because we remove directory with namespace
# that contain all this repositories
::Projects::DestroyService.new(project, current_user, skip_repo: project.legacy_storage?).execute
success = ::Projects::DestroyService.new(project, current_user).execute
raise DestroyError, "Project #{project.id} can't be deleted" unless success
end
yield(user) if block_given?
......
---
title: 'Fix: Project deletion may not log audit events during user deletion'
merge_request:
author:
type: fixed
......@@ -20,7 +20,7 @@ describe Users::DestroyService do
it 'will delete the project' do
expect_next_instance_of(Projects::DestroyService) do |destroy_service|
expect(destroy_service).to receive(:execute).once
expect(destroy_service).to receive(:execute).once.and_return(true)
end
service.execute(user)
......@@ -35,7 +35,7 @@ describe Users::DestroyService do
it 'destroys a project in pending_delete' do
expect_next_instance_of(Projects::DestroyService) do |destroy_service|
expect(destroy_service).to receive(:execute).once
expect(destroy_service).to receive(:execute).once.and_return(true)
end
service.execute(user)
......@@ -172,23 +172,36 @@ describe Users::DestroyService do
end
describe "user personal's repository removal" do
before do
perform_enqueued_jobs { service.execute(user) }
end
context 'storages' do
before do
perform_enqueued_jobs { service.execute(user) }
end
context 'legacy storage' do
let!(:project) { create(:project, :empty_repo, :legacy_storage, namespace: user.namespace) }
it 'removes repository' do
expect(gitlab_shell.exists?(project.repository_storage, "#{project.disk_path}.git")).to be_falsey
end
end
context 'legacy storage' do
let!(:project) { create(:project, :empty_repo, :legacy_storage, namespace: user.namespace) }
context 'hashed storage' do
let!(:project) { create(:project, :empty_repo, namespace: user.namespace) }
it 'removes repository' do
expect(gitlab_shell.exists?(project.repository_storage, "#{project.disk_path}.git")).to be_falsey
it 'removes repository' do
expect(gitlab_shell.exists?(project.repository_storage, "#{project.disk_path}.git")).to be_falsey
end
end
end
context 'hashed storage' do
let!(:project) { create(:project, :empty_repo, namespace: user.namespace) }
context 'repository removal status is taken into account' do
it 'raises exception' do
expect_next_instance_of(::Projects::DestroyService) do |destroy_service|
expect(destroy_service).to receive(:execute).and_return(false)
end
it 'removes repository' do
expect(gitlab_shell.exists?(project.repository_storage, "#{project.disk_path}.git")).to be_falsey
expect { service.execute(user) }
.to raise_error(Users::DestroyService::DestroyError, "Project #{project.id} can't be deleted" )
end
end
end
......
......@@ -18,13 +18,6 @@ describe ProjectDestroyWorker do
expect(Dir.exist?(path)).to be_falsey
end
it 'deletes the project but skips repo deletion' do
subject.perform(project.id, project.owner.id, { "skip_repo" => true })
expect(Project.all).not_to include(project)
expect(Dir.exist?(path)).to be_truthy
end
it 'does not raise error when project could not be found' do
expect do
subject.perform(-1, project.owner.id, {})
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment