forked from wrenn/wrenn
Fix cascading deletion gaps for user and team cleanup
- Add ON DELETE CASCADE to users_teams, oauth_providers, admin_permissions and ON DELETE SET NULL (with nullable columns) to team_api_keys.created_by, hosts.created_by, host_tokens.created_by so HardDeleteExpiredUsers no longer fails with FK violations - User account deletion now cascades to sole-owned teams via DeleteTeamInternal, preventing orphaned teams with live sandboxes after account removal - ListActiveSandboxesByTeam now includes hibernated sandboxes so their disk snapshots are cleaned up during team deletion - Team soft-delete now hard-deletes sandbox metric points, metric snapshots, API keys, and channels to prevent data accumulation on deleted teams - Extract deleteTeamCore() to deduplicate shared logic across DeleteTeam, AdminDeleteTeam, and DeleteTeamInternal - Fix ListAPIKeysByTeamWithCreator to use LEFT JOIN after created_by became nullable, and update handler to read pgtype.Text.String for creator_email
This commit is contained in:
72
db/migrations/20260415221116_cascade_user_delete.sql
Normal file
72
db/migrations/20260415221116_cascade_user_delete.sql
Normal file
@ -0,0 +1,72 @@
|
||||
-- +goose Up
|
||||
|
||||
-- users_teams: remove membership when user is deleted
|
||||
ALTER TABLE users_teams DROP CONSTRAINT users_teams_user_id_fkey;
|
||||
ALTER TABLE users_teams ADD CONSTRAINT users_teams_user_id_fkey
|
||||
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
|
||||
|
||||
-- oauth_providers: remove auth links when user is deleted
|
||||
ALTER TABLE oauth_providers DROP CONSTRAINT oauth_providers_user_id_fkey;
|
||||
ALTER TABLE oauth_providers ADD CONSTRAINT oauth_providers_user_id_fkey
|
||||
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
|
||||
|
||||
-- admin_permissions: remove permissions when user is deleted
|
||||
ALTER TABLE admin_permissions DROP CONSTRAINT admin_permissions_user_id_fkey;
|
||||
ALTER TABLE admin_permissions ADD CONSTRAINT admin_permissions_user_id_fkey
|
||||
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
|
||||
|
||||
-- team_api_keys.created_by: make nullable, SET NULL on user delete
|
||||
ALTER TABLE team_api_keys ALTER COLUMN created_by DROP NOT NULL;
|
||||
ALTER TABLE team_api_keys DROP CONSTRAINT team_api_keys_created_by_fkey;
|
||||
ALTER TABLE team_api_keys ADD CONSTRAINT team_api_keys_created_by_fkey
|
||||
FOREIGN KEY (created_by) REFERENCES users(id) ON DELETE SET NULL;
|
||||
|
||||
-- hosts.created_by: make nullable, SET NULL on user delete
|
||||
ALTER TABLE hosts ALTER COLUMN created_by DROP NOT NULL;
|
||||
ALTER TABLE hosts DROP CONSTRAINT hosts_created_by_fkey;
|
||||
ALTER TABLE hosts ADD CONSTRAINT hosts_created_by_fkey
|
||||
FOREIGN KEY (created_by) REFERENCES users(id) ON DELETE SET NULL;
|
||||
|
||||
-- host_tokens.created_by: make nullable, SET NULL on user delete
|
||||
ALTER TABLE host_tokens ALTER COLUMN created_by DROP NOT NULL;
|
||||
ALTER TABLE host_tokens DROP CONSTRAINT host_tokens_created_by_fkey;
|
||||
ALTER TABLE host_tokens ADD CONSTRAINT host_tokens_created_by_fkey
|
||||
FOREIGN KEY (created_by) REFERENCES users(id) ON DELETE SET NULL;
|
||||
|
||||
-- +goose Down
|
||||
|
||||
-- Revert host_tokens.created_by
|
||||
ALTER TABLE host_tokens DROP CONSTRAINT host_tokens_created_by_fkey;
|
||||
UPDATE host_tokens SET created_by = '00000000-0000-0000-0000-000000000000' WHERE created_by IS NULL;
|
||||
ALTER TABLE host_tokens ALTER COLUMN created_by SET NOT NULL;
|
||||
ALTER TABLE host_tokens ADD CONSTRAINT host_tokens_created_by_fkey
|
||||
FOREIGN KEY (created_by) REFERENCES users(id);
|
||||
|
||||
-- Revert hosts.created_by
|
||||
ALTER TABLE hosts DROP CONSTRAINT hosts_created_by_fkey;
|
||||
UPDATE hosts SET created_by = '00000000-0000-0000-0000-000000000000' WHERE created_by IS NULL;
|
||||
ALTER TABLE hosts ALTER COLUMN created_by SET NOT NULL;
|
||||
ALTER TABLE hosts ADD CONSTRAINT hosts_created_by_fkey
|
||||
FOREIGN KEY (created_by) REFERENCES users(id);
|
||||
|
||||
-- Revert team_api_keys.created_by
|
||||
ALTER TABLE team_api_keys DROP CONSTRAINT team_api_keys_created_by_fkey;
|
||||
UPDATE team_api_keys SET created_by = '00000000-0000-0000-0000-000000000000' WHERE created_by IS NULL;
|
||||
ALTER TABLE team_api_keys ALTER COLUMN created_by SET NOT NULL;
|
||||
ALTER TABLE team_api_keys ADD CONSTRAINT team_api_keys_created_by_fkey
|
||||
FOREIGN KEY (created_by) REFERENCES users(id);
|
||||
|
||||
-- Revert admin_permissions
|
||||
ALTER TABLE admin_permissions DROP CONSTRAINT admin_permissions_user_id_fkey;
|
||||
ALTER TABLE admin_permissions ADD CONSTRAINT admin_permissions_user_id_fkey
|
||||
FOREIGN KEY (user_id) REFERENCES users(id);
|
||||
|
||||
-- Revert oauth_providers
|
||||
ALTER TABLE oauth_providers DROP CONSTRAINT oauth_providers_user_id_fkey;
|
||||
ALTER TABLE oauth_providers ADD CONSTRAINT oauth_providers_user_id_fkey
|
||||
FOREIGN KEY (user_id) REFERENCES users(id);
|
||||
|
||||
-- Revert users_teams
|
||||
ALTER TABLE users_teams DROP CONSTRAINT users_teams_user_id_fkey;
|
||||
ALTER TABLE users_teams ADD CONSTRAINT users_teams_user_id_fkey
|
||||
FOREIGN KEY (user_id) REFERENCES users(id);
|
||||
@ -13,7 +13,7 @@ SELECT * FROM team_api_keys WHERE team_id = $1 ORDER BY created_at DESC;
|
||||
SELECT k.id, k.team_id, k.name, k.key_hash, k.key_prefix, k.created_by, k.created_at, k.last_used,
|
||||
u.email AS creator_email
|
||||
FROM team_api_keys k
|
||||
JOIN users u ON u.id = k.created_by
|
||||
LEFT JOIN users u ON u.id = k.created_by
|
||||
WHERE k.team_id = $1
|
||||
ORDER BY k.created_at DESC;
|
||||
|
||||
@ -22,3 +22,6 @@ DELETE FROM team_api_keys WHERE id = $1 AND team_id = $2;
|
||||
|
||||
-- name: UpdateAPIKeyLastUsed :exec
|
||||
UPDATE team_api_keys SET last_used = NOW() WHERE id = $1;
|
||||
|
||||
-- name: DeleteAPIKeysByTeam :exec
|
||||
DELETE FROM team_api_keys WHERE team_id = $1;
|
||||
|
||||
@ -22,6 +22,9 @@ RETURNING *;
|
||||
-- name: DeleteChannelByTeam :exec
|
||||
DELETE FROM channels WHERE id = $1 AND team_id = $2;
|
||||
|
||||
-- name: DeleteAllChannelsByTeam :exec
|
||||
DELETE FROM channels WHERE team_id = $1;
|
||||
|
||||
-- name: ListChannelsForEvent :many
|
||||
SELECT * FROM channels
|
||||
WHERE team_id = $1
|
||||
|
||||
@ -51,6 +51,13 @@ WHERE sandbox_id = $1 AND tier = $2;
|
||||
DELETE FROM sandbox_metric_points
|
||||
WHERE ts < EXTRACT(EPOCH FROM NOW() - INTERVAL '30 days')::BIGINT;
|
||||
|
||||
-- name: DeleteMetricsSnapshotsByTeam :exec
|
||||
DELETE FROM sandbox_metrics_snapshots WHERE team_id = $1;
|
||||
|
||||
-- name: DeleteMetricPointsByTeam :exec
|
||||
DELETE FROM sandbox_metric_points
|
||||
WHERE sandbox_id IN (SELECT id FROM sandboxes WHERE team_id = $1);
|
||||
|
||||
-- name: SampleSandboxMetrics :many
|
||||
-- Aggregates per-team resource usage from the live sandboxes table.
|
||||
-- Groups by all teams that have any sandbox row (including stopped) so that
|
||||
|
||||
@ -62,7 +62,7 @@ WHERE id = ANY($1::uuid[]);
|
||||
|
||||
-- name: ListActiveSandboxesByTeam :many
|
||||
SELECT * FROM sandboxes
|
||||
WHERE team_id = $1 AND status IN ('running', 'paused', 'starting')
|
||||
WHERE team_id = $1 AND status IN ('running', 'paused', 'starting', 'hibernated')
|
||||
ORDER BY created_at DESC;
|
||||
|
||||
-- name: MarkSandboxesMissingByHost :exec
|
||||
|
||||
@ -74,6 +74,18 @@ WHERE t.id != '00000000-0000-0000-0000-000000000000'
|
||||
ORDER BY t.deleted_at ASC NULLS FIRST, t.created_at DESC
|
||||
LIMIT $1 OFFSET $2;
|
||||
|
||||
-- name: ListSoleOwnedTeams :many
|
||||
-- Returns teams where the user is the owner and no other members exist.
|
||||
SELECT t.id FROM teams t
|
||||
JOIN users_teams ut ON ut.team_id = t.id
|
||||
WHERE ut.user_id = $1
|
||||
AND ut.role = 'owner'
|
||||
AND t.deleted_at IS NULL
|
||||
AND NOT EXISTS (
|
||||
SELECT 1 FROM users_teams ut2
|
||||
WHERE ut2.team_id = t.id AND ut2.user_id <> $1
|
||||
);
|
||||
|
||||
-- name: CountTeamsAdmin :one
|
||||
SELECT COUNT(*)::int AS total
|
||||
FROM teams
|
||||
|
||||
Reference in New Issue
Block a user