Skip to content

Cleanup used membership invites

Pavel Shutsin requested to merge 330080-cleanup-accepted-invite-tokens into master

What does this MR do?

Cleanups remaining used membership invites. There was a bug which caused invite tokens being generated for users who already accepted an invite. It was fixed in: !67760 (merged) Here we cleanup remaining invalid tokens as separate data migration

Migration output

== 20210825150212 CleanupRemainingOrphanInvites: reverting ====================
-- indexes(:members)
   -> 0.0309s
-- current_schema()
   -> 0.0022s
== 20210825150212 CleanupRemainingOrphanInvites: reverted (0.0376s) ===========

== 20210825150212 CleanupRemainingOrphanInvites: migrating ====================
-- transaction_open?()
   -> 0.0001s
-- index_exists?(:members, :id, {:where=>"invite_token IS NOT NULL AND user_id IS NOT NULL", :name=>"tmp_idx_members_with_orphaned_invites", :algorithm=>:concurrently})
   -> 0.0343s
-- add_index(:members, :id, {:where=>"invite_token IS NOT NULL AND user_id IS NOT NULL", :name=>"tmp_idx_members_with_orphaned_invites", :algorithm=>:concurrently})
   -> 0.0125s
-- transaction_open?()
   -> 0.0000s
-- indexes(:members)
   -> 0.0266s
-- remove_index(:members, {:algorithm=>:concurrently, :name=>"tmp_idx_members_with_orphaned_invites"})
   -> 0.0034s
== 20210825150212 CleanupRemainingOrphanInvites: migrated (0.0993s) ===========

Index creation takes roughly 90 seconds.

Screenshots or Screencasts (strongly suggested)

How to setup and validate locally (strongly suggested)

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

Does this MR contain changes to processing or storing of credentials or tokens, authorization and authentication methods or other items described in the security review guidelines? If not, then delete this Security section.

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team

Related to #330080

Edited by Pavel Shutsin

Merge request reports

Loading