Delete access request todos for groups and projects
What does this MR do and why?
History:
- In MRs !103316 (merged) and !106550 (merged), we created todos for last 10 active owners of groups and projects whenever a user raises request for them.
- In MR !110516 (merged), we resolved the todos for the owner who acts(accepts or denies) on the access request.
This MR does following:
- If the access request is accepted or denied by any owner, then enqueue the pending access request todos of other owners for deletion after 1 hour(The standard delay for deletion of todos).
- In case the user withdraws the access request before any owner takes action, pending access request todos will be queued for deletion after 1 hour, from all the owners' todo list.
- In case the user has request is pending when the pending todos are to be deleted then the todos will not be deleted. This situation can happen if a user withdraws and requests access before anyone takes any action on request or if somebody denies the request and user requests again before todo deletion period of 1 hour.
Screenshots or screen recordings
Pending access request todos getting deleted for group access requests
Pending access request todos getting deleted for project access requests
Note: For creating the above video, I have reduced the todo deletion time from 1.hour to 10.seconds.
Query plan
Query 1: Getting distinct user ids from todos
Query 1
SELECT
DISTINCT "todos"."user_id"
FROM
"todos"
WHERE
"todos"."target_id" = 62768704
AND "todos"."target_type" = 'Namespace'
AND "todos"."action" = 10
AND "todos"."author_id" = 11648098
AND (
"todos"."state" IN ('pending')
);
https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/15307/commands/53264
Query 2: Deleting pending todos
Query 2
DELETE FROM
"todos"
WHERE
"todos"."target_id" = 62768704
AND "todos"."target_type" = 'Namespace'
AND "todos"."action" = 10
AND "todos"."author_id" = 11648098
AND (
"todos"."state" IN ('pending')
);
https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/15307/commands/53265
How to set up and validate locally
Adding steps for group access request todos here, steps for project will be similar:
- Create a public group named
todo_public_group
. - Let users
user1
,user2
anduser3
be the owners oftodo_public_group
group. - From another user account
user4
who is not a member of the group, raise access request. - Group access request todos will be created for users
user1
,user2
anduser3
. - There could be following 2 scenarios:
-
user1
accepts/denies the access request foruser4
.- Access request todos for other group owners
user2
anduser3
will be deleted in 1 hour. In case if you want to speed this up, replace1.hour
with1.minute
in https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/todo.rb#L11.
- Access request todos for other group owners
-
user4
withdraws the access request before any one takes any action on it.- Access request todos for all group owners
user1
,user2
anduser3
will be deleted in 1 hour. In case if you want to speed this up, replace1.hour
with1.minute
in https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/todo.rb#L11.
- Access request todos for all group owners
-
Same steps will apply to projects too.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #374726 (closed)
Edited by Hitesh Raghuvanshi