Cannot delete a user who owns releases. #29
Comments
|
From @bacongobbler on February 14, 2017 22:24 Which version was this on? I believe this should be fixed in v2.11.0 with deis apps:transfer but I could be wrong. |
|
From @mattk42 on February 14, 2017 22:48 Oops, sorry for not including that. I am on v2.11.0. I did |
|
From @mattk42 on February 14, 2017 22:54 As a workaround, I was able to to transfer those specific apps over to the user I want to delete and then back. This updated the release objects to now be owned by the correct user and I was able to delete the user in question. I am not sure how better to handle the case where a user owns releases for an application but not the application itself, but it does seem like it may need some thought. |
|
So, I've had this issue also, I'll write some notes here about what I had to do. My main workaround has been to just remove all access from the user accounts and change their password to some random long string. Starting to get quite a few users that are no longer with the company so I started in to get them removed. Changing user password with: What I want to do is completely remove the user:
This fails because the user is the owner of a few apps still. I found the apps they're the owner of with the following quick shell for loop:
After transferring ownership on those apps, I get try to remove the account again.
To get past this, I run a SQL query against the Database of:
Where user_id 6 is a CI user account that won't be going anywhere, and user_id 11 was the user i'm trying to remove. Running the cancel user again from above, and I get a new error:
Then Fixing that table with the following SQL:
New Error:
Fixing that one up with SQL:
Rerunning the cancel user again, and it was successful this time. |
|
I'm willing to take a look into fixing this, just would need some direction on what to do with the foreign keys, or if adding an additional option to transfer ownership to a specific user essentially like I did above is the correct approach |
|
Looks like there is another table that will be affected... when I'm removing another user:
|
|
Thank you very much @undeadops for posting the follow-up, this is definitely something we will want to address as part of User/App lifecycle. When an app is transferred through the "transfer" API verb, we should probably not be leaving builds, app settings, configs, or releases associated with the old owner. The database is doing the right thing by refusing to orphan them. ... actually I'm reading the history on this bug, and it sounds like the problem is not the apps that user owned, which can be transferred, but the other apps they had access to and collaborated on! The builds/releases/other artifacts are apparently transferred properly when that user has ownership of the app, but for example any config that I pushed to an app which someone else has configured to allow my access on, is labeled as belonging to me (not as belonging to the owner of the app.) So, the solution which was used back in 2017 when this issue was last discussed, was to transfer the apps in question to the user-to-delete, and then transfer them away, which cleans up all those foreign key references (since any references associated with the app to transfer are transferred with, apparently.) That's obviously not an optimal solution, transferring to the user to delete. At least the current situation guarantees that we will not leave any orphan references. We should maintain that guarantee. What you did with the database tables is maybe a little less wrong, but obviously still much less than optimal from UX perspective. When I worked with users provisioning in a previous role, we came up with a solution to prevent orphaned artifacts (talking about Google Docs specifically) where a Docs Czar was appointed, and any time someone's Gapps account was going to be deleted, we would transfer all of their owned docs to the Docs Czar through a portal that Google provided. This is a regular part of the account lifecycle... we should support a Transferring to the CI user seems like the right thing to do, if you have one, since any other change (reassigning to another real user) could be misinterpreted as attribution. If you don't want to transfer your stuff anywhere, I don't think Other alternative possible ways of handling this I'm open to suggestions? |
|
I usually just do a |
|
I would vote for a |
I agree that I would not discount that @undeadops would you like to take a look at an initial PR for this? It would require changes in https://github.com/teamhephy/controller and in https://github.com/teamhephy/workflow-cli. Thank you for taking a look into this. |
If we are going to support (Like maybe this is strong enough confirmation: Well, there is already |
|
Yeah, I agree. It should be behind several flags and confirmations if possible. |
|
Probably both (With the other confirmations already mentioned. That's probably less important than the |
From @mattk42 on February 14, 2017 22:17
I have a user who was an admin on our cluster and had pushed to multiple apps that he was not the owner for.
After transferring ownership of the apps that he owns to another user, I get the following when trying to delete him.
$ deis auth:cancel --username=someuser cancel account someuser at https://deis.mycluster.com? (y/N): y Error: Unknown Error (409): {"detail":"(\"Cannot delete some instances of model 'User' because they are referenced through a protected foreign key: 'Release.owner'\", <QuerySet [<Release: some-app-v7>, <Release: another-app-v10>]Copied from original issue: deis/controller#1244
The text was updated successfully, but these errors were encountered: