Commit Graph

29 Commits

Author SHA1 Message Date
kolaente 1eafd31a2a
refactor(projects): use getAllProjectsForUser in getProjectsToDelete (#2616) 2026-04-13 12:32:32 +02:00
kolaente 79a612aa5d fix: send account deletion notification before deleting user row
When deleting a user via CLI (`vikunja user delete <id> -n`), the user
row was deleted first, then `notifications.Notify` was called. But
`Notify` calls `User.ShouldNotify()` which queries the database to check
the user's status — and since the row was already deleted within the same
transaction, it returned `ErrUserDoesNotExist`.

Move the notification call before the `DELETE` so the user row still
exists when `ShouldNotify` checks it.

Closes go-vikunja/vikunja#2335
2026-03-10 23:44:53 +01:00
kolaente 2f680d041c fix: address review comments on session lifecycle
- user_export.go: Remove defer s.Close() from checkExportRequest since
  it returns the session to callers. Callers now own the session
  lifecycle with their own defer s.Close(). Close session on all error
  paths within checkExportRequest.

- user_delete.go: Close the read session immediately after Find() before
  the per-user deletion loop, avoiding a long-lived transaction holding
  locks unnecessarily.

- user/delete.go: Remove double s.Close() in notifyUsersScheduledForDeletion
  by closing immediately after Find() instead of using both defer and
  explicit close.

- caldav_token.go: Return nil token on Commit() error to prevent callers
  from using an unpersisted token.
2026-02-25 11:03:02 +01:00
kolaente 49bba7f830 fix: eliminate nested database sessions to prevent table locks
Refactor functions that created their own sessions when called from
within existing transactions, which caused "database table is locked"
errors in SQLite's shared-cache mode.

Changes:
- Add files.CreateWithSession() to reuse caller's session
- Refactor DeleteBackgroundFileIfExists() to accept session parameter
- Add variadic session parameter to notifications.Notify() and
  Notifiable.ShouldNotify() interface
- Update all Notify callers (~17 sites) to pass their session through
- Use files.CreateWithSession in SaveBackgroundFile and NewAttachment
- Fix test code to commit sessions before assertions
2026-02-25 11:03:02 +01:00
kolaente a6e6f252db refactor: remove redundant Begin() calls after NewSession auto-begins
Since NewSession() now auto-begins a transaction, explicit Begin()
calls are redundant (xorm's Begin() is a no-op when already in a
transaction). Removing them reduces confusion.

Special case: user_delete.go's loop previously called Begin/Commit
per user on a shared session. Restructured to create a new session
per user deletion so each gets its own transaction.
2026-02-25 11:03:02 +01:00
kolaente 764d3569ce fix: close leaked database sessions
Add defer s.Close() to sessions that were never closed:
- auth.GetAuthFromClaims inline session
- models.deleteUsers cron function
- notifications.notify database insert
2026-02-25 11:03:02 +01:00
kolaente 9358954c90 fix: cleanup team memberships, assignments and subscriptions when users lose access to a project 2025-10-09 13:33:27 +02:00
kolaente a81a3ee0e5
feat!: rename right to permission (#1277) 2025-08-13 11:05:05 +02:00
Dominik Pschenitschni 296577a875
fix: correct license header references (#882)
See originals:
- https://www.gnu.org/licenses/agpl-3.0.txt
- https://www.gnu.org/licenses/gpl-3.0.txt
2025-06-10 12:18:38 +02:00
kolaente 4858f7c82f
fix(project): transfer ownership after deleting a user
This fixes a bug where the ownership of a project was not transferred when the user was deleted, leading to errors when viewing the project, as the owner user could not be found.

Resolves https://kolaente.dev/vikunja/vikunja/issues/2827
2025-01-20 12:25:38 +01:00
Sterad 1f76a8bb64 feat: preferably award admin access to project users with write access on user deletion (#2772)
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2772
Co-authored-by: Sterad <hgasuser@gmail.com>
Co-committed-by: Sterad <hgasuser@gmail.com>
2024-10-24 20:42:38 +00:00
kolaente 66b44da85b
fix(projects): delete child projects when deleting a project 2023-12-01 17:27:40 +01:00
kolaente e518fb1191
chore: remove year from copyright headers
Resolves https://kolaente.dev/vikunja/api/pulls/1483
2023-09-01 08:32:28 +02:00
kolaente 693a77ae51
fix(user): don't prevent deleting a user if their default project was shared
Resolves https://kolaente.dev/vikunja/api/issues/1595
2023-08-25 15:14:25 +02:00
kolaente 7755b9cd49
fix(projects): delete project in the correct order 2023-06-07 20:28:36 +02:00
kolaente 386e218b95
feat(migration): use new structure for migration 2023-05-24 15:51:54 +02:00
kolaente 16de7cd591
feat(projects): remove namespaces 2023-05-24 15:51:54 +02:00
kolaente 349e6a5905
feat: rename lists to projects 2023-03-13 14:28:06 +01:00
kolaente 5c88dfe88e
fix: user deletion schedule 2021-12-12 12:29:05 +01:00
kolaente 70e005e7ce
fix: user not actually deleted 2021-12-12 12:28:18 +01:00
kolaente 72d3c54efd
fix: user deletion never happens
Resolves #1024
2021-12-12 12:04:17 +01:00
kolaente f8a0a7e953
fix: deleting users with no namespaces
resolves #984
2021-11-22 22:34:20 +01:00
kolaente 8f55af07c9
feat: add more debug logging when deleting users
related to #1021
2021-10-27 22:08:31 +02:00
kolaente 50b65a517d
fix: correctly load and pass the user when deleting it
Fixes #984
2021-10-16 17:00:48 +02:00
konrad 27119ad6d4 User account deletion (#937)
Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/937
Co-authored-by: konrad <konrad@kola-entertainments.de>
Co-committed-by: konrad <konrad@kola-entertainments.de>
2021-08-11 19:08:10 +00:00
konrad b63928850a Simplify structure by having less files (#86) 2019-07-16 14:15:40 +00:00
konrad e047673c6b Add prometheus endpoint for getting metrics (#33) 2018-12-12 22:50:35 +00:00
konrad 3f44e3b83e Change License to GPLv3 (#26) 2018-11-26 20:17:33 +00:00
konrad 301a4eedda New structure (#7) 2018-10-31 12:42:38 +00:00
Renamed from models/user_delete.go (Browse further)