[#5356] Delete GPG keys with user deletion

[JohnnyLeone]

Had the same issue with my instance. The following code fixed it for me, it extends the actual behavior of the existing functions.

[codecov-io]

Codecov Report

Merging #5357 into master will increase coverage by 0.01%.
The diff coverage is 35.29%.

@@            Coverage Diff             @@
##           master    #5357      +/-   ##
==========================================
+ Coverage   37.35%   37.36%   +0.01%     
==========================================
  Files         312      312              
  Lines       46436    46453      +17     
==========================================
+ Hits        17344    17355      +11     
- Misses      26604    26608       +4     
- Partials     2488     2490       +2

Impacted Files	Coverage Δ
models/user.go	44.37% <18.18%> (-0.28%)	⬇️
models/gpg_key.go	55.45% <66.66%> (+0.21%)	⬆️
models/repo_list.go	64.55% <0%> (+1.26%)	⬆️
modules/process/manager.go	81.15% <0%> (+4.34%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e08c7e5...1730048. Read the comment docs.

[lunny]

Why not just e.Where("owner_id =?", userID).Delete(new(GPGKey))?

[JohnnyLeone]

This is a nice solution and makes this code a lot smaller. Also this check can simplify the public key deletion.

[sapk]

A minor comment or change needed. Otherwise LGTM.

[sapk]

Can you add for information that this method will not delete any related (subkey) compared to deleteGPGKey ? And you should loose the authorized_keys file part since it not related to GPG.
Something like :

Suggested change

	// deleteGPGKeys does the actual key deletion but does not update authorized_keys file.
	// deleteGPGKeys does the actual key deletion but does not delete any related key (subkey).

or add :
_, err := e.In("primary_key_id", keyIDs).Delete(new(GPGKey))
each solution is fine as the list passed should already contained any related keys in the original use case.

[JohnnyLeone]

But deleteGPGKeys does also delete all subkeys of a master key which are assigned to a user. More specifically: deleteGPGKeys deletes all keys of a specified user.

[sapk]

This is just in case for later use in other part in code. Currently when you call this method here you pass all keys (and subkeys) owned by user. But if this method is used somewhere else there could be orphaned subkeys if not all the key are passed as argument. This is just to add a warning for later use (or add the delete of any sub key).

[lafriks]

I think this also needs migration to delete gpg keys for already deleted users

[zeripath]

Hi @JohnnyLeone thanks for your PR and issue reporting. I think #5429 replaces this, does that solve your issue? If so I think we can close this pr.

[lafriks]

@JohnnyLeone can you fix requested changes or you need help with this?

[zeripath]

Isn't this fixed by #5429?

[lafriks]

@zeripath yes looks like it is, thanks, closing