2 files changed, 41 insertions, 0 deletions

diff --git a/app/workers/all_queues.yml b/app/workers/all_queues.yml
index 451decce9fb..11bf797fb90 100644
--- a/app/workers/all_queues.yml
+++ b/app/workers/all_queues.yml
@@ -315,6 +315,14 @@
   :weight: 1
   :idempotent:
   :tags: []
+- :name: cronjob:remove_unaccepted_member_invites
+  :feature_category: :authentication_and_authorization
+  :has_external_dependencies:
+  :urgency: :low
+  :resource_boundary: :unknown
+  :weight: 1
+  :idempotent: true
+  :tags: []
 - :name: cronjob:remove_unreferenced_lfs_objects
   :feature_category: :git_lfs
   :has_external_dependencies:
diff --git a/app/workers/remove_unaccepted_member_invites_worker.rb b/app/workers/remove_unaccepted_member_invites_worker.rb
new file mode 100644
index 00000000000..4b75b43791e
--- /dev/null
+++ b/app/workers/remove_unaccepted_member_invites_worker.rb
@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+class RemoveUnacceptedMemberInvitesWorker # rubocop:disable Scalability/IdempotentWorker
+  include ApplicationWorker
+  include CronjobQueue # rubocop:disable Scalability/CronWorkerContext
+
+  feature_category :authentication_and_authorization
+  urgency :low
+  idempotent!
+
+  EXPIRATION_THRESHOLD = 90.days
+  BATCH_SIZE = 10_000
+
+  def perform
+    # We need to check for user_id IS NULL because we have accepted invitations
+    # in the database where we did not clear the invite_token. We do not
+    # want to accidentally delete those members.
+    loop do
+      # rubocop: disable CodeReuse/ActiveRecord
+      inner_query = Member
+                      .select(:id)
+                      .invite
+                      .created_before(EXPIRATION_THRESHOLD.ago)
+                      .where(user_id: nil)
+                      .limit(BATCH_SIZE)
+
+      records_deleted = Member.where(id: inner_query).delete_all
+      # rubocop: enable CodeReuse/ActiveRecord
+
+      break if records_deleted == 0
+    end
+  end
+end