Skip to content

Delay own user record deletion by 7 days

Eugie Limpin requested to merge el-delayed-own-user-deletion into master

What does this MR do?

This MR implements https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/346.

It adds a 7-day delay between a user deleting their own account and the execution of the background job that does the actual deletion. It also updates the job that deletes user records to abort when the user to delete has been banned.

Why?

Please see https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/346 to know why this is needed and the discussion around legal concerns.

How to set up and validate locally

Set up

  1. For easier testing, update app/models/user.rb to set the delay to 5 minutes
    def delete_async(deleted_by:, params: {})
      block if params[:hard_delete]
    
      if deleted_by.id == id && ::Feature.enabled?(:delay_delete_own_user)
        block
       #  DeleteUserWorker.perform_at(7.days.from_now, deleted_by.id, id, params.to_h)
       DeleteUserWorker.perform_at(5.minutes.from_now, deleted_by.id, id, params.to_h) # <<<=== This line
      else
        DeleteUserWorker.perform_async(deleted_by.id, id, params.to_h)
      end
    end
  2. Enable the feature flag
    $ rails console
    > Feature.enable(:delay_delete_own_user)

Validate deletion delay

  1. Log in with a user you want to delete
  2. Go to http://localhost:3000/-/profile/account and delete the user account
  3. Validate that the user is deleted after at least a 5 minute delay

Validate banned users are not deleted

  1. Log in with a user you want to delete
  2. Go to http://localhost:3000/-/profile/account and delete the user account
  3. Ban the user
    $ rails console
    > user = User.find(<you_deleted_user_s_id>)
    > user.ban
  4. Validate that the user is NOT deleted even after the 5 minute delay

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Eugie Limpin

Merge request reports

Loading