Merge branch 'unassign-when-leaving-ee' into 'master'

[EE] Don't delete todos or unassign issues and MRs when a user leaves a project See merge request gitlab-org/gitlab-ee!4889

Merge branch 'unassign-when-leaving-ee' into 'master'
[EE] Don't delete todos or unassign issues and MRs when a user leaves a project See merge request gitlab-org/gitlab-ee!4889
306497ea · Robert Speicher · 731003b1 · 095436d8 · 306497ea · 306497ea
Commit 306497ea authored Mar 08, 2018 by Robert Speicher
7 changed files
--- a/app/models/member.rb
+++ b/app/models/member.rb
@@ -86,6 +86,7 @@ class Member < ActiveRecord::Base
  after_create :create_notification_setting, unless: [:pending?, :importing?]
  after_create :post_create_hook, unless: [:pending?, :importing?]
  after_update :post_update_hook, unless: [:pending?, :importing?]
+  after_destroy :destroy_notification_setting
  after_destroy :post_destroy_hook, unless: :pending?
  after_commit :refresh_member_authorized_projects

@@ -323,6 +324,10 @@ class Member < ActiveRecord::Base
    user.notification_settings.find_or_create_for(source)
  end

+  def destroy_notification_setting
+    notification_setting&.destroy
+  end
+
  def notification_setting
    @notification_setting ||= user&.notification_settings_for(source)
  end

--- a/app/models/members/project_member.rb
+++ b/app/models/members/project_member.rb
@@ -13,7 +13,6 @@ class ProjectMember < Member

  scope :in_project, ->(project) { where(source_id: project.id) }

-  before_destroy :delete_member_todos
  before_destroy :delete_member_branch_protection

  class << self
@@ -94,10 +93,6 @@ class ProjectMember < Member

  private

-  def delete_member_todos
-    user.todos.where(project_id: source_id).destroy_all if user
-  end
-
  def delete_member_branch_protection
    if user.present? && project.present?
      project.protected_branches.merge_access_by_user(user).destroy_all

--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1057,14 +1057,33 @@ class User < ActiveRecord::Base
    end
  end

+  def todos_done_count(force: false)
+    Rails.cache.fetch(['users', id, 'todos_done_count'], force: force, expires_in: 20.minutes) do
+      TodosFinder.new(self, state: :done).execute.count
+    end
+  end
+
+  def todos_pending_count(force: false)
+    Rails.cache.fetch(['users', id, 'todos_pending_count'], force: force, expires_in: 20.minutes) do
+      TodosFinder.new(self, state: :pending).execute.count
+    end
+  end
+
  def update_cache_counts
    assigned_open_merge_requests_count(force: true)
    assigned_open_issues_count(force: true)
  end

+  def update_todos_count_cache
+    todos_done_count(force: true)
+    todos_pending_count(force: true)
+  end
+
  def invalidate_cache_counts
    invalidate_issue_cache_counts
    invalidate_merge_request_cache_counts
+    invalidate_todos_done_count
+    invalidate_todos_pending_count
  end

  def invalidate_issue_cache_counts
@@ -1075,21 +1094,12 @@ class User < ActiveRecord::Base
    Rails.cache.delete(['users', id, 'assigned_open_merge_requests_count'])
  end

-  def todos_done_count(force: false)
-    Rails.cache.fetch(['users', id, 'todos_done_count'], force: force, expires_in: 20.minutes) do
-      TodosFinder.new(self, state: :done).execute.count
-    end
+  def invalidate_todos_done_count
+    Rails.cache.delete(['users', id, 'todos_done_count'])
  end

-  def todos_pending_count(force: false)
-    Rails.cache.fetch(['users', id, 'todos_pending_count'], force: force, expires_in: 20.minutes) do
-      TodosFinder.new(self, state: :pending).execute.count
-    end
-  end
-
-  def update_todos_count_cache
-    todos_done_count(force: true)
-    todos_pending_count(force: true)
+  def invalidate_todos_pending_count
+    Rails.cache.delete(['users', id, 'todos_pending_count'])
  end

  # This is copied from Devise::Models::Lockable#valid_for_authentication?, as our auth

--- a/app/services/members/destroy_service.rb
+++ b/app/services/members/destroy_service.rb
@@ -7,12 +7,9 @@ module Members

      return member if member.is_a?(GroupMember) && member.source.last_owner?(member.user)

-      Member.transaction do
-        unassign_issues_and_merge_requests(member) unless member.invite?
-        member.notification_setting&.destroy
+      member.destroy

-        member.destroy
-      end
+      member.user&.invalidate_cache_counts

      if member.request? && member.user != current_user
        notification_service.decline_access_request(member)
@@ -39,38 +36,5 @@ module Members
        raise "Unknown member type: #{member}!"
      end
    end
-
-    def unassign_issues_and_merge_requests(member)
-      if member.is_a?(GroupMember)
-        issues = Issue.unscoped.select(1)
-                 .joins(:project)
-                 .where('issues.id = issue_assignees.issue_id AND projects.namespace_id = ?', member.source_id)
-
-        # DELETE FROM issue_assignees WHERE user_id = X AND EXISTS (...)
-        IssueAssignee.unscoped
-          .where('user_id = :user_id AND EXISTS (:sub)', user_id: member.user_id, sub: issues)
-          .delete_all
-
-        MergeRequestsFinder.new(current_user, group_id: member.source_id, assignee_id: member.user_id)
-          .execute
-          .update_all(assignee_id: nil)
-      else
-        project = member.source
-
-        # SELECT 1 FROM issues WHERE issues.id = issue_assignees.issue_id AND issues.project_id = X
-        issues = Issue.unscoped.select(1)
-                 .where('issues.id = issue_assignees.issue_id')
-                 .where(project_id: project.id)
-
-        # DELETE FROM issue_assignees WHERE user_id = X AND EXISTS (...)
-        IssueAssignee.unscoped
-          .where('user_id = :user_id AND EXISTS (:sub)', user_id: member.user_id, sub: issues)
-          .delete_all
-
-        project.merge_requests.opened.assigned_to(member.user).update_all(assignee_id: nil)
-      end
-
-      member.user.invalidate_cache_counts
-    end
  end
 end
--- a/changelogs/unreleased/unassign-when-leaving.yml
+++ b/changelogs/unreleased/unassign-when-leaving.yml
+---
+title: Don't delete todos or unassign issues and MRs when a user leaves a project
+merge_request:
+author:
+type: fixed
--- a/spec/models/members/project_member_spec.rb
+++ b/spec/models/members/project_member_spec.rb
@@ -45,14 +45,6 @@ describe ProjectMember do
    let(:project) { owner.project }
    let(:master)  { create(:project_member, project: project) }

-    let(:owner_todos)  { (0...2).map { create(:todo, user: owner.user, project: project) } }
-    let(:master_todos) { (0...3).map { create(:todo, user: master.user, project: project) } }
-
-    before do
-      owner_todos
-      master_todos
-    end
-
    it "creates an expired event when left due to expiry" do
      expired = create(:project_member, project: project, expires_at: Time.now - 6.days)
      expired.destroy
@@ -63,21 +55,6 @@ describe ProjectMember do
      master.destroy
      expect(Event.recent.first.action).to eq(Event::LEFT)
    end
-
-    it "destroys itself and delete associated todos" do
-      expect(owner.user.todos.size).to eq(2)
-      expect(master.user.todos.size).to eq(3)
-      expect(Todo.count).to eq(5)
-
-      master_todo_ids = master_todos.map(&:id)
-      master.destroy
-
-      expect(owner.user.todos.size).to eq(2)
-      expect(Todo.count).to eq(2)
-      master_todo_ids.each do |id|
-        expect(Todo.exists?(id)).to eq(false)
-      end
-    end
  end

  describe '.import_team' do

--- a/spec/services/members/destroy_service_spec.rb
+++ b/spec/services/members/destroy_service_spec.rb
@@ -19,32 +19,11 @@ describe Members::DestroyService do
    end
  end

-  def number_of_assigned_issuables(user)
-    Issue.assigned_to(user).count + MergeRequest.assigned_to(user).count
-  end
-
  shared_examples 'a service destroying a member' do
    it 'destroys the member' do
      expect { described_class.new(current_user).execute(member, opts) }.to change { member.source.members_and_requesters.count }.by(-1)
    end

-    it 'unassigns issues and merge requests' do
-      if member.invite?
-        expect { described_class.new(current_user).execute(member, opts) }
-          .not_to change { number_of_assigned_issuables(member_user) }
-      else
-        create :issue, assignees: [member_user]
-        issue = create :issue, project: group_project, assignees: [member_user]
-        merge_request = create :merge_request, target_project: group_project, source_project: group_project, assignee: member_user
-
-        expect { described_class.new(current_user).execute(member, opts) }
-          .to change { number_of_assigned_issuables(member_user) }.from(3).to(1)
-
-        expect(issue.reload.assignee_ids).to be_empty
-        expect(merge_request.reload.assignee_id).to be_nil
-      end
-    end
-
    it 'destroys member notification_settings' do
      if member_user.notification_settings.any?
        expect { described_class.new(current_user).execute(member, opts) }
@@ -56,6 +35,29 @@ describe Members::DestroyService do
    end
  end

+  shared_examples 'a service destroying a member with access' do
+    it_behaves_like 'a service destroying a member'
+
+    it 'invalidates cached counts for todos and assigned issues and merge requests', :aggregate_failures do
+      create(:issue, project: group_project, assignees: [member_user])
+      create(:merge_request, source_project: group_project, assignee: member_user)
+      create(:todo, :pending, project: group_project, user: member_user)
+      create(:todo, :done, project: group_project, user: member_user)
+
+      expect(member_user.assigned_open_merge_requests_count).to be(1)
+      expect(member_user.assigned_open_issues_count).to be(1)
+      expect(member_user.todos_pending_count).to be(1)
+      expect(member_user.todos_done_count).to be(1)
+
+      described_class.new(current_user).execute(member, opts)
+
+      expect(member_user.assigned_open_merge_requests_count).to be(0)
+      expect(member_user.assigned_open_issues_count).to be(0)
+      expect(member_user.todos_pending_count).to be(0)
+      expect(member_user.todos_done_count).to be(0)
+    end
+  end
+
  shared_examples 'a service destroying an access requester' do
    it_behaves_like 'a service destroying a member'

@@ -74,29 +76,39 @@ describe Members::DestroyService do
    end
  end

-  context 'with a member' do
+  context 'with a member with access' do
    before do
-      group_project.add_developer(member_user)
-      group.add_developer(member_user)
+      group_project.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PRIVATE)
+      group.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PRIVATE)
    end

    context 'when current user cannot destroy the given member' do
-      it_behaves_like 'a service raising Gitlab::Access::AccessDeniedError' do
+      context 'with a project member' do
        let(:member) { group_project.members.find_by(user_id: member_user.id) }
-      end

-      it_behaves_like 'a service destroying a member' do
-        let(:opts) { { skip_authorization: true } }
-        let(:member) { group_project.members.find_by(user_id: member_user.id) }
-      end
+        before do
+          group_project.add_developer(member_user)
+        end

-      it_behaves_like 'a service raising Gitlab::Access::AccessDeniedError' do
-        let(:member) { group.members.find_by(user_id: member_user.id) }
+        it_behaves_like 'a service raising Gitlab::Access::AccessDeniedError'
+
+        it_behaves_like 'a service destroying a member with access' do
+          let(:opts) { { skip_authorization: true } }
+        end
      end

-      it_behaves_like 'a service destroying a member' do
-        let(:opts) { { skip_authorization: true } }
+      context 'with a group member' do
        let(:member) { group.members.find_by(user_id: member_user.id) }
+
+        before do
+          group.add_developer(member_user)
+        end
+
+        it_behaves_like 'a service raising Gitlab::Access::AccessDeniedError'
+
+        it_behaves_like 'a service destroying a member with access' do
+          let(:opts) { { skip_authorization: true } }
+        end
      end
    end

@@ -106,12 +118,24 @@ describe Members::DestroyService do
        group.add_owner(current_user)
      end

-      it_behaves_like 'a service destroying a member' do
+      context 'with a project member' do
        let(:member) { group_project.members.find_by(user_id: member_user.id) }
+
+        before do
+          group_project.add_developer(member_user)
+        end
+
+        it_behaves_like 'a service destroying a member with access'
      end

-      it_behaves_like 'a service destroying a member' do
+      context 'with a group member' do
        let(:member) { group.members.find_by(user_id: member_user.id) }
+
+        before do
+          group.add_developer(member_user)
+        end
+
+        it_behaves_like 'a service destroying a member with access'
      end
    end
  end