-
-
Notifications
You must be signed in to change notification settings - Fork 5.8k
[#5356] Delete GPG keys with user deletion #5357
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
Codecov Report
@@ Coverage Diff @@
## master #5357 +/- ##
==========================================
+ Coverage 37.35% 37.36% +0.01%
==========================================
Files 312 312
Lines 46436 46453 +17
==========================================
+ Hits 17344 17355 +11
- Misses 26604 26608 +4
- Partials 2488 2490 +2
Continue to review full report at Codecov.
|
return nil | ||
} | ||
|
||
_, err := e.In("id", keyIDs).Delete(new(GPGKey)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not just e.Where("owner_id =?", userID).Delete(new(GPGKey))
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a nice solution and makes this code a lot smaller. Also this check can simplify the public key deletion.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A minor comment or change needed. Otherwise LGTM.
@@ -239,6 +239,16 @@ func parseGPGKey(ownerID int64, e *openpgp.Entity) (*GPGKey, error) { | |||
}, nil | |||
} | |||
|
|||
// deleteGPGKeys does the actual key deletion but does not update authorized_keys file. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you add for information that this method will not delete any related (subkey) compared to deleteGPGKey ? And you should loose the authorized_keys file part since it not related to GPG.
Something like :
// deleteGPGKeys does the actual key deletion but does not update authorized_keys file. | |
// deleteGPGKeys does the actual key deletion but does not delete any related key (subkey). |
or add :
_, err := e.In("primary_key_id", keyIDs).Delete(new(GPGKey))
each solution is fine as the list passed should already contained any related keys in the original use case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
But deleteGPGKeys does also delete all subkeys of a master key which are assigned to a user. More specifically: deleteGPGKeys deletes all keys of a specified user.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is just in case for later use in other part in code. Currently when you call this method here you pass all keys (and subkeys) owned by user. But if this method is used somewhere else there could be orphaned subkeys if not all the key are passed as argument. This is just to add a warning for later use (or add the delete of any sub key).
I think this also needs migration to delete gpg keys for already deleted users |
Hi @JohnnyLeone thanks for your PR and issue reporting. I think #5429 replaces this, does that solve your issue? If so I think we can close this pr. |
@JohnnyLeone can you fix requested changes or you need help with this? |
Isn't this fixed by #5429? |
@zeripath yes looks like it is, thanks, closing |
Had the same issue with my instance. The following code fixed it for me, it extends the actual behavior of the existing functions.