Commit b6e6d0b3 authored by Stan Hu's avatar Stan Hu

Add missing cascading deletes on foreign keys for group_id

It was possible to grant access to a group to do things to protected
branches or tags, but if the group were deleted, the deletion
might fail due to a message such as the following:

```
ActiveRecord::InvalidForeignKey: PG::ForeignKeyViolation: ERROR:  update or delete on table "namespaces" violates foreign key constraint "fk_rails_7111b68cdb" on table "protected_branch_push_access_levels"
DETAIL:  Key (id)=(1827859) is still referenced from table "protected_branch_push_access_levels".
: DELETE FROM "namespaces" WHERE "namespaces"."type" IN ('Group') AND "namespaces"."id" = 1827859
```

This MR fixes this by adding missing cascading deletions to the
group_id foreign keys in the following tables:

* protected_branch_merge_access_levels
* protected_branch_push_access_levels
* protected_tag_create_access_levels

Closes #3343, #3344, gitlab-org/gitlab-ce#37311
parent d9f96cbc
class CorrectProtectedAccessLevelsForeignKeys < ActiveRecord::Migration
include Gitlab::Database::MigrationHelpers
# Set this constant to true if this migration requires downtime.
DOWNTIME = false
SOURCE_TABLES = %w(protected_branch_merge_access_levels
protected_branch_push_access_levels
protected_tag_create_access_levels).freeze
disable_ddl_transaction!
def up
SOURCE_TABLES.each { |source_table| correct_foreign_key_for_group_id(source_table) }
end
def down
# Previously there was a foreign key without a CASCADING DELETE, so we'll
# just leave the foreign key in place.
end
private
def correct_foreign_key_for_group_id(source_table)
remove_foreign_key_without_error(source_table,
column: :group_id)
execute <<-EOF
DELETE FROM #{source_table}
WHERE NOT EXISTS (
SELECT true
FROM namespaces
WHERE #{source_table}.group_id = namespaces.id
AND namespaces.type = 'Group'
)
AND group_id IS NOT NULL
EOF
add_concurrent_foreign_key(source_table,
:namespaces,
column: :group_id)
end
end
......@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20170906160132) do
ActiveRecord::Schema.define(version: 20170910051507) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
......@@ -2128,14 +2128,14 @@ ActiveRecord::Schema.define(version: 20170906160132) do
add_foreign_key "project_import_data", "projects", name: "fk_ffb9ee3a10", on_delete: :cascade
add_foreign_key "project_mirror_data", "projects", name: "fk_d1aad367d7", on_delete: :cascade
add_foreign_key "project_statistics", "projects", on_delete: :cascade
add_foreign_key "protected_branch_merge_access_levels", "namespaces", column: "group_id"
add_foreign_key "protected_branch_merge_access_levels", "namespaces", column: "group_id", name: "fk_98f3d044fe", on_delete: :cascade
add_foreign_key "protected_branch_merge_access_levels", "protected_branches", name: "fk_8a3072ccb3", on_delete: :cascade
add_foreign_key "protected_branch_merge_access_levels", "users"
add_foreign_key "protected_branch_push_access_levels", "namespaces", column: "group_id"
add_foreign_key "protected_branch_push_access_levels", "namespaces", column: "group_id", name: "fk_7111b68cdb", on_delete: :cascade
add_foreign_key "protected_branch_push_access_levels", "protected_branches", name: "fk_9ffc86a3d9", on_delete: :cascade
add_foreign_key "protected_branch_push_access_levels", "users"
add_foreign_key "protected_branches", "projects", name: "fk_7a9c6d93e7", on_delete: :cascade
add_foreign_key "protected_tag_create_access_levels", "namespaces", column: "group_id"
add_foreign_key "protected_tag_create_access_levels", "namespaces", column: "group_id", name: "fk_b4eb82fe3c", on_delete: :cascade
add_foreign_key "protected_tag_create_access_levels", "protected_tags", name: "fk_f7dfda8c51", on_delete: :cascade
add_foreign_key "protected_tag_create_access_levels", "users"
add_foreign_key "protected_tags", "projects", name: "fk_8e4af87648", on_delete: :cascade
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment