fix: delete all files from object store when user is deleted

[DeepDiver1975]

Description

As soon as a user is deleted files will also be removed from object storage (s3).

Motivation and Context

How Has This Been Tested?

• test environment:
• test case 1:
• test case 2:
• ...

Screenshots (if appropriate):

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Database schema changes (next release will require increase of minor version instead of patch)
• Breaking change (fix or feature that would cause existing functionality to change)
• Technical debt
• Tests only (no source changes)

Checklist:

• Code changes
• Unit tests added
• Acceptance tests added
• Documentation ticket raised:
• Changelog item, see TEMPLATE

[update-docs]

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

[DeepDiver1975]

@phil-davis because the full user deletion is moved to cron/command bus acceptance tests are having issues. https://drone.owncloud.com/owncloud/core/39034/37/14

I suggest to run cron after deleting a user via API or use the occ command user:delete because this will not delete via cron.

THX

[phil-davis]

For end-of-scenario cleanup, I can sort out the code so that it does a proper real delete of the user. For example, change the test code so that it does occ user:delete

But there are also scenarios that test the provisioning API DELETE behavior.
When /^the administrator deletes user "Alice" using the provisioning API

That Provisioning API endpoint now has different behavior - do I understand correctly?
It will return an HTTP status indicating success. But then if I do an API GET to try and get data about the user, I will not get a 404 (not found).
So tests will have to do more for steps like that, they will also have to run whatever "background" cron is needed to really delete the user.

[DeepDiver1975]

That Provisioning API endpoint now has different behavior - do I understand correctly?

That is a good point. Depending on the cron setup it can take minutes until a user is deleted.
Add a flag?
Skip the cron approach?

[phil-davis]

Add a flag? Skip the cron approach?

After the Provisioning API DELETE request is processed, what is the external status of the user:

1. can they still login and see their data?
2. can sharees still see shares received from the user?
3. can sharers still see the username in the list of users that they can share with, and "accidentally" share with a user that is about to be really cleaned up?

There will be situations when an admin is deleting a user for "immediate" security reasons. I suppose for that case, the admin can first disable the user, preventing access. Then the user delete can be more async.

Maybe a delete can be done by doing a disable synchronously, and leaving the actual user deletion/file-deletion to later. That should preserve security, and still allow the "bigger" file deletion to be done later in the background.

[DeepDiver1975]

I decided to skip the command bus. All user delete operations are now done synchronous.
In case the operations failed/times out it can still be re-run as the user is deleted last.

[pako81]

Small remark about a variable's name. Apart from this, code looks ok and manual testing confirms the correct behaviour: files are removed from the object store as soon as the user gets deleted.

[pako81]

CI fail is not related.

[jnweiger]

CI fail is not related.

CI can now access the WND server again!

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

60.0% Coverage
0.0% Duplication

[pako81]

@DeepDiver1975 merge this or additional review needed?