Secure Admin Accounts: Remove password for code studio admins

[nkiruka]

Description

Remove password for code studio admins since admins can only sign in via google authentication.

Links

• jira

Testing story

Dry run was performed and script was tested manually.

No. of users that have admin privileges that will be impacted below:

mysql> SELECT COUNT(*) FROM `users` WHERE `users`.`deleted_at` IS NULL AND `users`.`admin` = 1 AND (`users`.`encrypted_password` IS NOT NULL);
+----------+
| COUNT(*) |
+----------+
|       48 |
+----------+
1 row in set

Reviewer Checklist:

• Tests provide adequate coverage
• Code is well-commented
• New features are translatable or updates will not break translations
• Relevant documentation has been added or updated
• User impact is well-understood and desirable
• Pull Request is labeled appropriately
• Follow-up work items (including potential tech debt) are tracked and linked

[Hamms]

will this query complete in time? Given that you had to use SQL to execute the count query, I would assume the same problem will present itself when you try to run this script.

It also seems unnecessary to batch a query that we expect to run on fewer than 50 rows.

[nkiruka]

I thought about this and went the route of using a transaction because it was considered a best practice. However, I do agree that it is not necessary in this case and that catching and logging the error will be more effective.

[Hamms]

note that transactions are used for a different concern; specifically, they ensure that you can group queries together such that if any one query fails, all others will be rolled back

[nkiruka]

@Hamms You mention concern with how long the query will take. Any ideas on how to tackle this?

[Hamms]

If the query is too expensive to fit in the 30 second timeout, it's recommended to write the script in such a way that it can accept a file containing a list of ids to update; you can then run the query against the reporting database to generate that list.

[nkiruka]

@Hamms like any of the examples below?

https://github.com/code-dot-org/code-dot-org/pull/31828/files
Or
https://github.com/code-dot-org/code-dot-org/blob/staging/bin/oneoff/wipe_data/remove_unused_production_users

[Hamms]

recommend we use

Suggested change

	user.update(encrypted_password: nil)
	user.update!(encrypted_password: nil)

and catch and log errors

[maddiedierker]

we can remove batch_number here and in its other usages now 🎉

[sureshc]

I believe that ActiveRecord where returns a Relation. I think we can simplify this logic with find

Suggested change

	User.where(id: admin_id).update!(encrypted_password: nil)
	User.find(admin_id).update!(encrypted_password: nil)

[nkiruka]

@sureshc I tested your update and it works great! Thanks