drone/app/api/controller/space/purge.go

// Copyright 2023 Harness, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package space

import (
	"context"
	"fmt"
	"math"
	"time"

	apiauth "github.com/harness/gitness/app/api/auth"
	"github.com/harness/gitness/app/auth"
	"github.com/harness/gitness/contextutil"
	"github.com/harness/gitness/types"
	"github.com/harness/gitness/types/enum"

	"github.com/rs/zerolog/log"
)

// Purge deletes the space and all its subspaces and repositories permanently.
func (c *Controller) Purge(
	ctx context.Context,
	session *auth.Session,
	spaceRef string,
	deletedAt int64,
) error {
	space, err := c.spaceStore.FindByRefAndDeletedAt(ctx, spaceRef, deletedAt)
	if err != nil {
		return err
	}

	// authz will check the permission within the first existing parent since space was deleted.
	// purge top level space is limited to admin only.
	err = apiauth.CheckSpace(ctx, c.authorizer, session, space, enum.PermissionSpaceDelete, false)
	if err != nil {
		return fmt.Errorf("failed to authorize on space purge: %w", err)
	}

	return c.PurgeNoAuth(ctx, session, space.ID, deletedAt)
}

// PurgeNoAuth purges the space - no authorization is verified.
// WARNING For internal calls only.
func (c *Controller) PurgeNoAuth(
	ctx context.Context,
	session *auth.Session,
	spaceID int64,
	deletedAt int64,
) error {
	// the max time we give a purge space to succeed
	const timeout = 15 * time.Minute
	// create new, time-restricted context to guarantee space purge completion, even if request is canceled.
	ctx, cancel := context.WithTimeout(
		contextutil.WithNewValues(context.Background(), ctx),
		timeout,
	)
	defer cancel()

	var toBeDeletedRepos []*types.Repository
	var err error
	err = c.tx.WithTx(ctx, func(ctx context.Context) error {
		toBeDeletedRepos, err = c.purgeSpaceInnerInTx(ctx, spaceID, deletedAt)
		return err
	})
	if err != nil {
		return fmt.Errorf("failed to purge space %d in a tnx: %w", spaceID, err)
	}

	// permanently purge all repositories in the space and its subspaces after successful space purge tnx.
	// cleanup will handle failed repository deletions.
	for _, repo := range toBeDeletedRepos {
		err := c.repoCtrl.DeleteGitRepository(ctx, session, repo)
		if err != nil {
			log.Ctx(ctx).Warn().Err(err).
				Str("repo_identifier", repo.Identifier).
				Int64("repo_id", repo.ID).
				Int64("repo_parent_id", repo.ParentID).
				Msg("failed to delete repository")
		}
	}

	return nil
}

func (c *Controller) purgeSpaceInnerInTx(
	ctx context.Context,
	spaceID int64,
	deletedAt int64,
) ([]*types.Repository, error) {
	filter := &types.RepoFilter{
		Page:              1,
		Size:              int(math.MaxInt),
		Query:             "",
		Order:             enum.OrderAsc,
		Sort:              enum.RepoAttrDeleted,
		DeletedBeforeOrAt: &deletedAt,
		Recursive:         true,
	}
	repos, err := c.repoStore.List(ctx, spaceID, filter)
	if err != nil {
		return nil, fmt.Errorf("failed to list space repositories: %w", err)
	}

	// purge cascade deletes all the child spaces from DB.
	err = c.spaceStore.Purge(ctx, spaceID, &deletedAt)
	if err != nil {
		return nil, fmt.Errorf("spaceStore failed to delete space %d: %w", spaceID, err)
	}

	return repos, nil
}