Email notification for Expired Personal Access Token

What does this MR do?

Adds a cron job that runs at 2 am daily and checks for Personal Access Tokens that have expired on the current day.

Sends out an email notification to the user indicating that their Personal Access Tokens have expired. Also, links the Manage Token page to assist the user to take an action.

Mentions #214721 (closed)

Omnibus changes

omnibus-gitlab!4465 (merged)

Feature flag

Name: expired_pat_email_notification

Disabled by default.

Screenshots

Email preview:

Database changes

Migration

== 20200729151021 AddAfterExpiryNotificationDeliveredToPersonalAccessTokens: migrating
-- add_column(:personal_access_tokens, :after_expiry_notification_delivered, :boolean, {:null=>false, :default=>false})
   -> 0.0035s
== 20200729151021 AddAfterExpiryNotificationDeliveredToPersonalAccessTokens: migrated (0.0036s)

Rollback

== 20200729151021 AddAfterExpiryNotificationDeliveredToPersonalAccessTokens: reverting
-- remove_column(:personal_access_tokens, :after_expiry_notification_delivered, :boolean, {:null=>false, :default=>false})
   -> 0.0039s
== 20200729151021 AddAfterExpiryNotificationDeliveredToPersonalAccessTokens: reverted (0.0070s)

Query

SELECT
    "users".*
FROM
    "users"
WHERE (EXISTS (
        SELECT
            1
        FROM
            "personal_access_tokens"
        WHERE (personal_access_tokens.user_id = users.id)
        AND "personal_access_tokens"."impersonation" = FALSE
        AND (revoked = FALSE
            AND expires_at = CURRENT_DATE
            AND after_expiry_notification_delivered = FALSE)))

After index:

Link to execution plan:

https://explain.depesz.com/s/La7N

Execution Time:

Time: 300.623 ms
  - planning: 1.081 ms
  - execution: 299.542 ms
    - I/O read: 243.414 ms
    - I/O write: 0.000 ms

Shared buffers:
  - hits: 702 (~5.50 MiB) from the buffer pool
  - reads: 8800 (~68.80 MiB) from the OS file cache, including disk I/O
  - dirtied: 0
  - writes: 0

Before index:

Link to execution plan:

https://explain.depesz.com/s/O8lv

Execution Time:

Time: 445.142 ms
  - planning: 0.826 ms
  - execution: 444.316 ms
    - I/O read: 357.225 ms
    - I/O write: 0.000 ms

Shared buffers:
  - hits: 193 (~1.50 MiB) from the buffer pool
  - reads: 11746 (~91.80 MiB) from the OS file cache, including disk I/O
  - dirtied: 151 (~1.20 MiB)
  - writes: 0

Local testing

1. Create a new Personal Access Token that expires today (<gdk link>/profile/personal_access_tokens)
2. Optionally configure the expiry email to be sent immediately (Change deliver_later to deliver_now in the notification service)
3. Head over to rails console:
   • Execute the job: PersonalAccessTokens::ExpiredNotificationWorker.new.perform
   • Check for a new email Your personal access token has expired in <gdk link>/rails/letter_opener

Does this MR meet the acceptance criteria?

Conformity

• Changelog entry
• [-] Documentation (if required)
• Code review guidelines
• Merge request performance guidelines
• Style guides
• Database guides
• [-] Separation of EE specific content

Availability and Testing

• Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
• [-] Tested in all supported browsers
• [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

• [-] Label as security and @ mention @gitlab-com/gl-security/appsec
• [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
• [-] Security reports checked/validated by a reviewer from the AppSec team

changed milestone to %13.3

added backend devopsmanage groupcompliance typefeature labels

Reviewer roulette

Changes that require review have been detected! A merge request is normally reviewed by both a reviewer and a maintainer in its primary category (e.g. frontend or backend), and by a maintainer in all other categories.

To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited, or the chosen person is unavailable.

To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.

Once you've decided who will review this merge request, mention them as you normally would! Danger does not automatically notify them for you.

Category	Reviewer	Maintainer
backend	Kerri Miller (@kerrizor) (UTC-7, 2 hours behind @asubramanian1)	James Fargher (@proglottis) (UTC+12, 17 hours ahead of @asubramanian1)
frontend	Scott Stern (@sstern) (UTC-7, 2 hours behind @asubramanian1)	Nicolò Maria Mezzopera (@nmezzopera)
database	Michał Zając (@quintasan)	Mayra Cabrera (@mayra-cabrera)

Sidekiq queue changes

This merge request contains changes to Sidekiq queues. Please follow the documentation on changing a queue's urgency.

These queues were added:

• cronjob:personal_access_tokens_expired_notification

If needed, you can retry the danger-review job that generated this comment.

Generated by Danger

added 1 commit

• 83768701 - Added mailer files

Compare with previous version

Bundle size analysis [beta]

This compares changes in bundle size for entry points between the commits f53bd910 and fbca4cd1

Special assets

Entrypoint / Name	Size before	Size after	Diff	Diff in percent
average	4.15 MB	4.15 MB	-	0.0 %
mainChunk	3.27 MB	3.27 MB	-	0.0 %

---

Note: We do not have exact data for f53bd910. So we have used data from: 18d573bf.
The target commit was too new, so we used the latest commit from master we have info on.
It might help to rerun the bundle-size-review job
This might mean that you have a few false positives in this report. If something unrelated to your code changes is reported, you can check this comparison in order to see if they caused this change.

Please look at the full report for more details

---

Read more about how this report works.

Generated by Danger

added 1 commit

• 5eb21683 - Modified text

Compare with previous version

added 1 commit

• 93769e6e - Email notification for Expired Personal Access Token

Compare with previous version

added 1 commit

• 889a64e6 - Email notification for Expired Personal Access Token

Compare with previous version

added 1 commit

• 06c9eb7a - Email notification for Expired Personal Access Token

Compare with previous version

added 1 commit

• 50b27969 - Email notification for Expired Personal Access Token

Compare with previous version

marked as a Work In Progress

added 1 commit

• 849393a3 - Added model specs

Compare with previous version

added 1 commit

• d4d4740c - Added worker specs

Compare with previous version

added 1 commit

• bbb241f4 - Email notification for Expired Personal Access Token

Compare with previous version

changed the description

marked the checklist item Changelog entry as completed

unmarked as a Work In Progress

added 1 commit

• f0e37edc - Email notification for Expired Personal Access Token

Compare with previous version

added 1 commit

• 54784537 - Email notification for Expired Personal Access Token

Compare with previous version

@sarcila - Would you mind reviewing the backend changes for this MR whenever you get a chance? It's an extension of the work you had done at !19296 (merged)