diff options
Diffstat (limited to 'app/workers/personal_access_tokens/expiring_worker.rb')
-rw-r--r-- | app/workers/personal_access_tokens/expiring_worker.rb | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/app/workers/personal_access_tokens/expiring_worker.rb b/app/workers/personal_access_tokens/expiring_worker.rb index f9940d9d014..7a016c85a64 100644 --- a/app/workers/personal_access_tokens/expiring_worker.rb +++ b/app/workers/personal_access_tokens/expiring_worker.rb @@ -7,17 +7,32 @@ module PersonalAccessTokens feature_category :authentication_and_authorization + MAX_TOKENS = 100 + def perform(*args) notification_service = NotificationService.new limit_date = PersonalAccessToken::DAYS_TO_EXPIRE.days.from_now.to_date User.with_expiring_and_not_notified_personal_access_tokens(limit_date).find_each do |user| with_context(user: user) do - notification_service.access_token_about_to_expire(user) + expiring_user_tokens = user.personal_access_tokens.without_impersonation.expiring_and_not_notified(limit_date) + + # rubocop: disable CodeReuse/ActiveRecord + # We never materialise the token instances. We need the names to mention them in the + # email. Later we trigger an update query on the entire relation, not on individual instances. + token_names = expiring_user_tokens.limit(MAX_TOKENS).pluck(:name) + # We're limiting to 100 tokens so we avoid loading too many tokens into memory. + # At the time of writing this would only affect 69 users on GitLab.com + + # rubocop: enable CodeReuse/ActiveRecord + + notification_service.access_token_about_to_expire(user, token_names) Gitlab::AppLogger.info "#{self.class}: Notifying User #{user.id} about expiring tokens" - user.personal_access_tokens.without_impersonation.expiring_and_not_notified(limit_date).update_all(expire_notification_delivered: true) + expiring_user_tokens.each_batch do |expiring_tokens| + expiring_tokens.update_all(expire_notification_delivered: true) + end end end end |