oss/miniflux-v2
oss/miniflux-v2
1
0
Fork 0
mirror of https://github.com/miniflux/v2.git synced 2025-08-01 17:38:37 +00:00
Code Wiki Activity

API: Delete users asynchronously

Browse source 
Deleting large users might lock the tables in the hosted offering
This commit is contained in:
Frédéric Guillot 2020-07-28 20:28:02 -07:00
parent 74c95ed34b
commit 8fb71366f8
3 changed files with 101 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

5
api/user.go
View file

@ -169,10 +169,11 @@ func (h *handler) removeUser(w http.ResponseWriter, r *http.Request) {
return return
} }
if err := h.store.RemoveUser(user.ID); err != nil { if user.ID == request.UserID(r) {
json.BadRequest(w, r, errors.New("Unable to remove this user from the database")) json.BadRequest(w, r, errors.New("You cannot remove yourself"))
return return
} }
h.store.RemoveUserAsync(user.ID)
json.NoContent(w, r) json.NoContent(w, r)
} }

88
storage/user.go
View file

@ -9,6 +9,7 @@ import (
"fmt" "fmt"
"strings" "strings"
"miniflux.app/logger"
"miniflux.app/model" "miniflux.app/model"
"github.com/lib/pq/hstore" "github.com/lib/pq/hstore"
@ -357,6 +358,15 @@ func (s *Storage) RemoveUser(userID int64) error {
return nil return nil
} }
// RemoveUserAsync deletes user data without locking the database.
func (s *Storage) RemoveUserAsync(userID int64) {
go func() {
deleteUserFeeds(s.db, userID)
s.db.Exec(`DELETE FROM users WHERE id=$1`, userID)
s.db.Exec(`DELETE FROM integrations WHERE user_id=$1`, userID)
}()
}
// Users returns all users. // Users returns all users.
func (s *Storage) Users() (model.Users, error) { func (s *Storage) Users() (model.Users, error) {
query := ` query := `
@ -459,3 +469,81 @@ func hashPassword(password string) (string, error) {
bytes, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) bytes, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
return string(bytes), err return string(bytes), err
} }
func deleteUserFeeds(db *sql.DB, userID int64) {
query := `SELECT id FROM feeds WHERE user_id=$1`
rows, err := db.Query(query, userID)
if err != nil {
logger.Error(`store: unable to get user feeds: %v`, err)
return
}
defer rows.Close()
var feedIDs []int64
for rows.Next() {
var feedID int64
rows.Scan(&feedID)
feedIDs = append(feedIDs, feedID)
}
worker := func(jobs <-chan int64, results chan<- bool) {
for feedID := range jobs {
deleteUserEntries(db, userID, feedID)
db.Exec(`DELETE FROM feeds WHERE id=$1`, feedID)
results <- true
}
}
const numWorkers = 3
numJobs := len(feedIDs)
jobs := make(chan int64, numJobs)
results := make(chan bool, numJobs)
for w := 0; w < numWorkers; w++ {
go worker(jobs, results)
}
for j := 0; j < numJobs; j++ {
jobs <- feedIDs[j]
}
close(jobs)
for a := 1; a <= numJobs; a++ {
<-results
}
}
func deleteUserEntries(db *sql.DB, userID int64, feedID int64) {
query := `SELECT id FROM entries WHERE user_id=$1 AND feed_id=$2`
rows, err := db.Query(query, userID, feedID)
if err != nil {
logger.Error(`store: unable to get user feed entries: %v`, err)
return
}
defer rows.Close()
for rows.Next() {
var entryID int64
rows.Scan(&entryID)
deleteUserEnclosures(db, userID, entryID)
db.Exec(`DELETE FROM entries WHERE id=$1`, entryID)
}
}
func deleteUserEnclosures(db *sql.DB, userID int64, entryID int64) {
query := `SELECT id FROM enclosures WHERE user_id=$1 AND entry_id=$2`
rows, err := db.Query(query, userID, entryID)
if err != nil {
logger.Error(`store: unable to get user entry enclosures: %v`, err)
return
}
defer rows.Close()
for rows.Next() {
var enclosureID int64
rows.Scan(&enclosureID)
go func() {
db.Exec(`DELETE FROM enclosures WHERE id=$1`, enclosureID)
}()
}
}

14
ui/user_remove.go
View file

@ -5,6 +5,7 @@
package ui // import "miniflux.app/ui" package ui // import "miniflux.app/ui"
import ( import (
"errors"
"net/http" "net/http"
"miniflux.app/http/request" "miniflux.app/http/request"
@ -13,19 +14,19 @@ import (
) )
func (h *handler) removeUser(w http.ResponseWriter, r *http.Request) { func (h *handler) removeUser(w http.ResponseWriter, r *http.Request) {
user, err := h.store.UserByID(request.UserID(r)) loggedUser, err := h.store.UserByID(request.UserID(r))
if err != nil { if err != nil {
html.ServerError(w, r, err) html.ServerError(w, r, err)
return return
} }
if !user.IsAdmin { if !loggedUser.IsAdmin {
html.Forbidden(w, r) html.Forbidden(w, r)
return return
} }
userID := request.RouteInt64Param(r, "userID") selectedUserID := request.RouteInt64Param(r, "userID")
selectedUser, err := h.store.UserByID(userID) selectedUser, err := h.store.UserByID(selectedUserID)
if err != nil { if err != nil {
html.ServerError(w, r, err) html.ServerError(w, r, err)
return return
@ -36,6 +37,11 @@ func (h *handler) removeUser(w http.ResponseWriter, r *http.Request) {
return return
} }
if selectedUser.ID == loggedUser.ID {
html.BadRequest(w, r, errors.New("You cannot remove yourself"))
return
}
if err := h.store.RemoveUser(selectedUser.ID); err != nil { if err := h.store.RemoveUser(selectedUser.ID); err != nil {
html.ServerError(w, r, err) html.ServerError(w, r, err)
return return