• Stan Hu's avatar
    Fix bug where destroying a namespace would not always destroy projects · cb8a425b
    Stan Hu authored
    There is a race condition in DestroyGroupService now that projects are deleted asynchronously:
    
    1. User attempts to delete group
    2. DestroyGroupService iterates through all projects and schedules a Sidekiq job to delete each Project
    3. DestroyGroupService destroys the Group, leaving all its projects without a namespace
    4. Projects::DestroyService runs later but the can?(current_user,
       :remove_project) is `false` because the user no longer has permission to
       destroy projects with no namespace.
    5. This leaves the project in pending_delete state with no namespace/group.
    
    Projects without a namespace or group also adds another problem: it's not possible to destroy the container
    registry tags, since container_registry_path_with_namespace is the wrong value.
    
    The fix is to destroy the group asynchronously and to run execute directly on Projects::DestroyService.
    
    Closes #17893
    cb8a425b
destroy_group_service.rb 836 Bytes
class DestroyGroupService
  attr_accessor :group, :current_user

  def initialize(group, user)
    @group, @current_user = group, user
  end

  def async_execute
    group.transaction do
      # Soft delete via paranoia gem
      group.destroy
      job_id = GroupDestroyWorker.perform_async(group.id, current_user.id)
      Rails.logger.info("User #{current_user.id} scheduled a deletion of group ID #{group.id} with job ID #{job_id}")
    end
  end

  def execute
    group.projects.each do |project|
      # Execute the destruction of the models immediately to ensure atomic cleanup.
      # Skip repository removal because we remove directory with namespace
      # that contain all these repositories
      ::Projects::DestroyService.new(project, current_user, skip_repo: true).execute
    end

    group.really_destroy!
  end
end