Delete user related oauth stuff on user deletion too (#19677) (#19680)

Backport (#19677)

* delete user related oauth stuff on user deletion too

* extend doctor check-db-consistency

* make it build for v1.16.x
pull/19653/head^2
6543 3 years ago committed by GitHub
parent 4386eb751f
commit 8f44d00f22
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 8
      models/user.go
  2. 9
      modules/doctor/dbconsistency.go

@ -13,6 +13,7 @@ import (
_ "image/jpeg" // Needed for jpeg support _ "image/jpeg" // Needed for jpeg support
asymkey_model "code.gitea.io/gitea/models/asymkey" asymkey_model "code.gitea.io/gitea/models/asymkey"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db" "code.gitea.io/gitea/models/db"
repo_model "code.gitea.io/gitea/models/repo" repo_model "code.gitea.io/gitea/models/repo"
user_model "code.gitea.io/gitea/models/user" user_model "code.gitea.io/gitea/models/user"
@ -83,6 +84,11 @@ func DeleteUser(ctx context.Context, u *user_model.User) (err error) {
} }
// ***** END: Follow ***** // ***** END: Follow *****
if _, err := db.GetEngine(ctx).In("grant_id", builder.Select("id").From("oauth2_grant").Where(builder.Eq{"oauth2_grant.user_id": u.ID})).
Delete(&auth_model.OAuth2AuthorizationCode{}); err != nil {
return err
}
if err = deleteBeans(e, if err = deleteBeans(e,
&AccessToken{UID: u.ID}, &AccessToken{UID: u.ID},
&Collaboration{UserID: u.ID}, &Collaboration{UserID: u.ID},
@ -100,6 +106,8 @@ func DeleteUser(ctx context.Context, u *user_model.User) (err error) {
&Collaboration{UserID: u.ID}, &Collaboration{UserID: u.ID},
&Stopwatch{UserID: u.ID}, &Stopwatch{UserID: u.ID},
&user_model.Setting{UserID: u.ID}, &user_model.Setting{UserID: u.ID},
&auth_model.OAuth2Application{UID: u.ID},
&auth_model.OAuth2Grant{UserID: u.ID},
); err != nil { ); err != nil {
return fmt.Errorf("deleteBeans: %v", err) return fmt.Errorf("deleteBeans: %v", err)
} }

@ -186,6 +186,15 @@ func checkDBConsistency(logger log.Logger, autofix bool) error {
// find action without repository // find action without repository
genericOrphanCheck("Action entries without existing repository", genericOrphanCheck("Action entries without existing repository",
"action", "repository", "action.repo_id=repository.id"), "action", "repository", "action.repo_id=repository.id"),
// find OAuth2Grant without existing user
genericOrphanCheck("Orphaned OAuth2Grant without existing User",
"oauth2_grant", "user", "oauth2_grant.user_id=user.id"),
// find OAuth2Application without existing user
genericOrphanCheck("Orphaned OAuth2Application without existing User",
"oauth2_application", "user", "oauth2_application.uid=user.id"),
// find OAuth2AuthorizationCode without existing OAuth2Grant
genericOrphanCheck("Orphaned OAuth2AuthorizationCode without existing OAuth2Grant",
"oauth2_authorization_code", "oauth2_grant", "oauth2_authorization_code.grant_id=oauth2_grant.id"),
) )
for _, c := range consistencyChecks { for _, c := range consistencyChecks {

Loading…
Cancel
Save