Merge branch...

Merge branch '213791-deprecate-personalaccesstokens-policyworker-in-favor-of-personalaccesstokens-instance' into 'master' Resolve "Deprecate `PersonalAccessTokens ::PolicyWorker` in favor of `PersonalAccessTokens::Instance::PolicyWorker`" Closes #213791 See merge request gitlab-org/gitlab!30142

Merge branch...
Merge branch '213791-deprecate-personalaccesstokens-policyworker-in-favor-of-personalaccesstokens-instance' into 'master' Resolve "Deprecate `PersonalAccessTokens ::PolicyWorker` in favor of `PersonalAccessTokens::Instance::PolicyWorker`" Closes #213791 See merge request gitlab-org/gitlab!30142
c2ae9900 · Ash McKenzie · dfe926ac · 76d3de23 · c2ae9900 · dfe926ac
Commit c2ae9900 authored Apr 24, 2020 by Ash McKenzie
3 changed files
--- a/ee/app/workers/all_queues.yml
+++ b/ee/app/workers/all_queues.yml
@@ -409,13 +409,6 @@
  :resource_boundary: :unknown
  :weight: 1
  :idempotent: 
- :name: personal_access_tokens:personal_access_tokens_policy
-  :feature_category: :authentication_and_authorization
-  :has_external_dependencies: 
-  :urgency: :low
-  :resource_boundary: :unknown
-  :weight: 1
-  :idempotent: 
 - :name: pipeline_default:ci_trigger_downstream_subscriptions
  :feature_category: :continuous_integration
  :has_external_dependencies: 

--- a/ee/app/workers/personal_access_tokens/policy_worker.rb
+++ b/ee/app/workers/personal_access_tokens/policy_worker.rb
-# frozen_string_literal: true
-
-# TODO: https://gitlab.com/gitlab-org/gitlab/-/issues/213791
-# Deprecate this worker in GitLab 13.0 in favor of PersonalAccessTokens::Instance::PolicyWorker
-
-module PersonalAccessTokens
-  class PolicyWorker # rubocop:disable Scalability/IdempotentWorker
-    include ApplicationWorker
-
-    queue_namespace :personal_access_tokens
-    feature_category :authentication_and_authorization
-
-    def perform
-      expiration_date = ::Gitlab::CurrentSettings.max_personal_access_token_lifetime_from_now
-
-      return unless expiration_date
-
-      User.with_invalid_expires_at_tokens(expiration_date).find_each do |user|
-        PersonalAccessTokens::RevokeInvalidTokens.new(user, expiration_date).execute
-      end
-    end
-  end
-end
--- a/ee/spec/workers/personal_access_tokens/policy_worker_spec.rb
+++ b/ee/spec/workers/personal_access_tokens/policy_worker_spec.rb
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-RSpec.describe PersonalAccessTokens::PolicyWorker, type: :worker do
-  describe '#perform' do
-    let(:limit) { 7 }
-    let!(:pat) { create(:personal_access_token, expires_at: expire_at) }
-
-    before do
-      stub_application_setting(max_personal_access_token_lifetime: limit)
-    end
-
-    context "when a token doesn't have an expiration time" do
-      let(:expire_at) { nil }
-
-      it 'enforces the policy on tokens' do
-        expect { subject.perform }.to change { pat.reload.revoked }.from(false).to(true)
-      end
-    end
-
-    context 'when a token expires after the given time' do
-      let(:expire_at) { 8.days.from_now.to_date }
-
-      it 'enforces the policy on tokens' do
-        expect { subject.perform }.to change { pat.reload.revoked }.from(false).to(true)
-      end
-    end
-
-    context 'when a token is valid' do
-      let(:expire_at) { 5.days.from_now.to_date }
-
-      it "doesn't revoked valid tokens" do
-        expect { subject.perform }.not_to change { pat.reload.revoked }
-      end
-    end
-
-    context 'when limit is nil' do
-      let(:limit) { nil }
-      let(:expire_at) { 1.day.from_now }
-
-      it "doesn't revoked valid tokens" do
-        expect { subject.perform }.not_to change { pat.reload.revoked }
-      end
-
-      it "doesn't call the revoke invalid service" do
-        expect(PersonalAccessTokens::RevokeInvalidTokens).not_to receive(:new)
-
-        subject.perform
-      end
-    end
-  end
-end