Delete access request todos for groups and projects (!107914) · Merge requests · GitLab.org / GitLab

Hitesh Raghuvanshi requested to merge 374726-delete-group-project-access-todos into master Dec 29, 2022

What does this MR do and why?

History:

In MRs !103316 (merged) and !106550 (merged), we created todos for last 10 active owners of groups and projects whenever a user raises request for them.
In MR !110516 (merged), we resolved the todos for the owner who acts(accepts or denies) on the access request.

This MR does following:

If the access request is accepted or denied by any owner, then enqueue the pending access request todos of other owners for deletion after 1 hour(The standard delay for deletion of todos).
In case the user withdraws the access request before any owner takes action, pending access request todos will be queued for deletion after 1 hour, from all the owners' todo list.
In case the user has request is pending when the pending todos are to be deleted then the todos will not be deleted. This situation can happen if a user withdraws and requests access before anyone takes any action on request or if somebody denies the request and user requests again before todo deletion period of 1 hour.

Screenshots or screen recordings

Pending access request todos getting deleted for group access requests

group_todos_deletion_1080

Pending access request todos getting deleted for project access requests

project_delete_todos_1080

Note: For creating the above video, I have reduced the todo deletion time from 1.hour to 10.seconds.

Query plan

Query 1: Getting distinct user ids from todos

Query 1

SELECT 
  DISTINCT "todos"."user_id" 
FROM 
  "todos" 
WHERE 
  "todos"."target_id" = 62768704 
  AND "todos"."target_type" = 'Namespace' 
  AND "todos"."action" = 10 
  AND "todos"."author_id" = 11648098 
  AND (
    "todos"."state" IN ('pending')
  );

https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/15307/commands/53264

Query 2: Deleting pending todos

Query 2

DELETE FROM 
  "todos" 
WHERE 
  "todos"."target_id" = 62768704 
  AND "todos"."target_type" = 'Namespace' 
  AND "todos"."action" = 10 
  AND "todos"."author_id" = 11648098 
  AND (
    "todos"."state" IN ('pending')
  );

https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/15307/commands/53265

How to set up and validate locally

Adding steps for group access request todos here, steps for project will be similar:

Create a public group named todo_public_group.
Let users user1, user2 and user3 be the owners of todo_public_group group.
From another user account user4 who is not a member of the group, raise access request.
Group access request todos will be created for users user1, user2 and user3.
There could be following 2 scenarios:
1. user1 accepts/denies the access request for user4.
  1. Access request todos for other group owners user2 and user3 will be deleted in 1 hour. In case if you want to speed this up, replace 1.hour with 1.minute in https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/todo.rb#L11.
2. user4 withdraws the access request before any one takes any action on it.
  1. Access request todos for all group owners user1, user2 and user3 will be deleted in 1 hour. In case if you want to speed this up, replace 1.hour with 1.minute in https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/todo.rb#L11.

Same steps will apply to projects too.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #374726 (closed)

Edited Feb 08, 2023 by Hitesh Raghuvanshi

Delete access request todos for groups and projects