diff options
| author | Stan Hu <stanhu@gmail.com> | 2016-05-28 19:54:17 -0700 |
|---|---|---|
| committer | Stan Hu <stanhu@gmail.com> | 2016-08-11 15:36:35 -0700 |
| commit | cb8a425ba42e9be23b8712ed29b1db2dcc6bd139 (patch) | |
| tree | 632b9c50748615409e6318176706a67a1fd05bab /db | |
| parent | d4f987b2861ecec75b06d5efc2ad59e31a383337 (diff) | |
| download | gitlab-ce-cb8a425ba42e9be23b8712ed29b1db2dcc6bd139.tar.gz | |
Fix bug where destroying a namespace would not always destroy projects
There is a race condition in DestroyGroupService now that projects are deleted asynchronously:
1. User attempts to delete group
2. DestroyGroupService iterates through all projects and schedules a Sidekiq job to delete each Project
3. DestroyGroupService destroys the Group, leaving all its projects without a namespace
4. Projects::DestroyService runs later but the can?(current_user,
:remove_project) is `false` because the user no longer has permission to
destroy projects with no namespace.
5. This leaves the project in pending_delete state with no namespace/group.
Projects without a namespace or group also adds another problem: it's not possible to destroy the container
registry tags, since container_registry_path_with_namespace is the wrong value.
The fix is to destroy the group asynchronously and to run execute directly on Projects::DestroyService.
Closes #17893
Diffstat (limited to 'db')
| -rw-r--r-- | db/migrate/20140407135544_fix_namespaces.rb | 10 | ||||
| -rw-r--r-- | db/migrate/20160805041956_add_deleted_at_to_namespaces.rb | 12 | ||||
| -rw-r--r-- | db/schema.rb | 2 |
3 files changed, 22 insertions, 2 deletions
diff --git a/db/migrate/20140407135544_fix_namespaces.rb b/db/migrate/20140407135544_fix_namespaces.rb index 91374966698..0026ce645a6 100644 --- a/db/migrate/20140407135544_fix_namespaces.rb +++ b/db/migrate/20140407135544_fix_namespaces.rb @@ -1,8 +1,14 @@ # rubocop:disable all class FixNamespaces < ActiveRecord::Migration + DOWNTIME = false + def up - Namespace.where('name <> path and type is null').each do |namespace| - namespace.update_attribute(:name, namespace.path) + namespaces = exec_query('SELECT id, path FROM namespaces WHERE name <> path and type is null') + + namespaces.each do |row| + id = row['id'] + path = row['path'] + exec_query("UPDATE namespaces SET name = '#{path}' WHERE id = #{id}") end end diff --git a/db/migrate/20160805041956_add_deleted_at_to_namespaces.rb b/db/migrate/20160805041956_add_deleted_at_to_namespaces.rb new file mode 100644 index 00000000000..a853de3abfb --- /dev/null +++ b/db/migrate/20160805041956_add_deleted_at_to_namespaces.rb @@ -0,0 +1,12 @@ +class AddDeletedAtToNamespaces < ActiveRecord::Migration + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + disable_ddl_transaction! + + def change + add_column :namespaces, :deleted_at, :datetime + add_concurrent_index :namespaces, :deleted_at + end +end diff --git a/db/schema.rb b/db/schema.rb index 6c85e1e9dba..1de2cdcf026 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -640,9 +640,11 @@ ActiveRecord::Schema.define(version: 20160810142633) do t.boolean "share_with_group_lock", default: false t.integer "visibility_level", default: 20, null: false t.boolean "request_access_enabled", default: true, null: false + t.datetime "deleted_at" end add_index "namespaces", ["created_at"], name: "index_namespaces_on_created_at", using: :btree + add_index "namespaces", ["deleted_at"], name: "index_namespaces_on_deleted_at", using: :btree add_index "namespaces", ["name"], name: "index_namespaces_on_name", unique: true, using: :btree add_index "namespaces", ["name"], name: "index_namespaces_on_name_trigram", using: :gin, opclasses: {"name"=>"gin_trgm_ops"} add_index "namespaces", ["owner_id"], name: "index_namespaces_on_owner_id", using: :btree |