Allow users to be hard-deleted from the API

changelogs/unreleased/28694-hard-delete-user-from-api.yml

+---
+title: Allow users to be hard-deleted from the API
+merge_request: 11853
+author:

doc/api/users.md

@@ -300,6 +300,9 @@ DELETE /users/:id
 Parameters:
 
 - `id` (required) - The ID of the user
+- `hard_delete` (optional) - If true, contributions that would usually be
+  [moved to the ghost user](../user/profile/account/delete_account.md#associated-records)
+  will be deleted instead, as well as groups owned solely by this user.
 
 ## User
 

doc/user/profile/account/delete_account.md

@@ -5,9 +5,13 @@
 
 ## Associated Records
 
-> Introduced for issues in [GitLab 9.0][ce-7393], and for merge requests, award emoji, notes, and abuse reports in [GitLab 9.1][ce-10467].
+> Introduced for issues in [GitLab 9.0][ce-7393], and for merge requests, award
+  emoji, notes, and abuse reports in [GitLab 9.1][ce-10467].
+  Hard deletion from abuse reports and spam logs was introduced in
+  [GitLab 9.1][ce-10273], and from the API in [GitLab 9.3][ce-11853].
 
-When a user account is deleted, not all associated records are deleted with it. Here's a list of things that will not be deleted:
+When a user account is deleted, not all associated records are deleted with it.
+Here's a list of things that will not be deleted:
 
 - Issues that the user created
 - Merge requests that the user created
@@ -15,11 +19,16 @@ When a user account is deleted, not all associated records are deleted with it.
 - Abuse reports that the user reported
 - Award emoji that the user craeted
 
+Instead of being deleted, these records will be moved to a system-wide
+"Ghost User", whose sole purpose is to act as a container for such records.
 
-Instead of being deleted, these records will be moved to a system-wide "Ghost User", whose sole purpose is to act as a container for such records.
-
+When a user is deleted from an abuse report or spam log, these associated
+records are not ghosted and will be removed, along with any groups the user
+is a sole owner of. Administrators can also request this behaviour when
+deleting users from the [API](../../../api/users.md#user-deletion)
 
 [ce-7393]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7393
+[ce-10273]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10273
 [ce-10467]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10467
-
+[ce-11853]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11853
 

lib/api/users.rb

@@ -286,13 +286,14 @@ module API
       end
       params do
         requires :id, type: Integer, desc: 'The ID of the user'
+        optional :hard_delete, type: Boolean, desc: "Whether to remove a user's contributions"
       end
       delete ":id" do
         authenticated_as_admin!
         user = User.find_by(id: params[:id])
         not_found!('User') unless user
 
-        DeleteUserWorker.perform_async(current_user.id, user.id)
+        DeleteUserWorker.perform_async(current_user.id, user.id, hard_delete: params[:hard_delete])
       end
 
       desc 'Block a user. Available only for admins.'

spec/requests/api/users_spec.rb

@@ -702,6 +702,7 @@ describe API::Users do
 
   describe "DELETE /users/:id" do
     let!(:namespace) { user.namespace }
+    let!(:issue) { create(:issue, author: user) }
     before { admin }
 
     it "deletes user" do
@@ -733,6 +734,25 @@ describe API::Users do
 
       expect(response).to have_http_status(404)
     end
+
+    context "hard delete disabled" do
+      it "moves contributions to the ghost user" do
+        Sidekiq::Testing.inline! { delete api("/users/#{user.id}", admin) }
+
+        expect(response).to have_http_status(204)
+        expect(issue.reload).to be_persisted
+        expect(issue.author.ghost?).to be_truthy
+      end
+    end
+
+    context "hard delete enabled" do
+      it "removes contributions" do
+        Sidekiq::Testing.inline! { delete api("/users/#{user.id}?hard_delete=true", admin) }
+
+        expect(response).to have_http_status(204)
+        expect(Issue.exists?(issue.id)).to be_falsy
+      end
+    end
   end
 
   describe "GET /user" do