Broken resource_access_tokens page in admin/credentials inventory page on Self-Managed
What?
The group access token of a deleted user still exists. The grAT/prAT page on the credentials inventory has a column for the user who created their token. Since the user does not exist at that point, it breaks the page: /admin/credentials?filter=resource_access_tokens
Screenshots
| Page |
|---|
 |
Current Behaviour
User deletion does not revoke their associated access tokens which triggers the nil error due to the resource_access_token.user.created_by user not existing.
Expected Behaviour
Implement a fallback or include access tokens during user deletion
Steps to Reproduce
- Create a group access token
- Delete the user you used to create the grAT
- Wait for the user to be fully deleted by the
::DeleteUserWorker - Navigate to /admin -> credentials -> Project and group access tokens
- See the nil name error
Edited by Hakeem Abdul-Razak