Batch disable users (#17254)

* batch disable users * batch revoke users tokens * split batch disable user and revoke token * fix tests for batch disable users * Chore: add BatchDisableUsers() to the bus
2025-02-25 18:55:37 -06:00 · 2019-05-31 13:22:22 +03:00
parent 1497f3d79a
commit 60ddad8fdb
5 changed files with 116 additions and 0 deletions
--- a/pkg/services/auth/auth_token.go
+++ b/pkg/services/auth/auth_token.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"crypto/sha256"
 	"encoding/hex"
+	"strings"
 	"time"

 	"github.com/grafana/grafana/pkg/infra/serverlock"
@@ -305,6 +306,36 @@ func (s *UserAuthTokenService) RevokeAllUserTokens(ctx context.Context, userId i
 	})
 }

+func (s *UserAuthTokenService) BatchRevokeAllUserTokens(ctx context.Context, userIds []int64) error {
+	return s.SQLStore.WithTransactionalDbSession(ctx, func(dbSession *sqlstore.DBSession) error {
+		if len(userIds) == 0 {
+			return nil
+		}
+
+		user_id_params := strings.Repeat(",?", len(userIds)-1)
+		sql := "DELETE from user_auth_token WHERE user_id IN (?" + user_id_params + ")"
+
+		params := []interface{}{sql}
+		for _, v := range userIds {
+			params = append(params, v)
+		}
+
+		res, err := dbSession.Exec(params...)
+		if err != nil {
+			return err
+		}
+
+		affected, err := res.RowsAffected()
+		if err != nil {
+			return err
+		}
+
+		s.log.Debug("all user tokens for given users revoked", "usersCount", len(userIds), "count", affected)
+
+		return err
+	})
+}
+
 func (s *UserAuthTokenService) GetUserToken(ctx context.Context, userId, userTokenId int64) (*models.UserToken, error) {

 	var result models.UserToken
--- a/pkg/services/auth/auth_token_test.go
+++ b/pkg/services/auth/auth_token_test.go
@@ -117,6 +117,26 @@ func TestUserAuthToken(t *testing.T) {
 					So(model2, ShouldBeNil)
 				})
 			})
+
+			Convey("When revoking users tokens in a batch", func() {
+				Convey("Can revoke all users tokens", func() {
+					userIds := []int64{}
+					for i := 0; i < 3; i++ {
+						userId := userID + int64(i+1)
+						userIds = append(userIds, userId)
+						userAuthTokenService.CreateToken(context.Background(), userId, "192.168.10.11:1234", "some user agent")
+					}
+
+					err := userAuthTokenService.BatchRevokeAllUserTokens(context.Background(), userIds)
+					So(err, ShouldBeNil)
+
+					for _, v := range userIds {
+						tokens, err := userAuthTokenService.GetUserTokens(context.Background(), v)
+						So(err, ShouldBeNil)
+						So(len(tokens), ShouldEqual, 0)
+					}
+				})
+			})
 		})

 		Convey("expires correctly", func() {