Merge pull request #1429 from eclipse/revert-1415-feature/issue-1377

Revert "Allow admins to revoke a user's Personal Access Token"

Author: amvanbaren

server/build.gradle

@@ -86,8 +86,6 @@ dependencies {
     implementation "org.springframework.boot:spring-boot-starter-actuator"
     implementation "org.springframework.boot:spring-boot-starter-cache"
     implementation "org.springframework.boot:spring-boot-starter-aop"
-    implementation "org.springframework.boot:spring-boot-starter-mail"
-    implementation "org.springframework.boot:spring-boot-starter-thymeleaf"
     implementation "org.springframework.security:spring-security-oauth2-client"
     implementation "org.springframework.security:spring-security-oauth2-jose"
     implementation "org.springframework.session:spring-session-jdbc"

server/src/dev/resources/application.yml

@@ -162,8 +162,3 @@ ovsx:
   storage:
     local:
       directory: /tmp
-  mail:
-    from: [email protected]
-    revoked-access-tokens:
-      subject: 'Open VSX Access Tokens Revoked'
-      template: 'revoked-access-tokens.html'

server/src/main/java/org/eclipse/openvsx/admin/AdminAPI.java

@@ -483,18 +483,4 @@ public ResponseEntity<ResultJson> revokePublisherContributions(@PathVariable Str
             return exc.toResponseEntity();
         }
     }
-
-    @PostMapping(
-            path = "/admin/publisher/{provider}/{loginName}/tokens/revoke",
-            produces = MediaType.APPLICATION_JSON_VALUE
-    )
-    public ResponseEntity<ResultJson> revokePublisherTokens(@PathVariable String loginName, @PathVariable String provider) {
-        try {
-            var adminUser = admins.checkAdminUser();
-            var result = admins.revokePublisherTokens(provider, loginName, adminUser);
-            return ResponseEntity.ok(result);
-        } catch (ErrorResultException exc) {
-            return exc.toResponseEntity();
-        }
-    }
 }

server/src/main/java/org/eclipse/openvsx/admin/AdminService.java

@@ -19,7 +19,6 @@
 import org.eclipse.openvsx.eclipse.EclipseService;
 import org.eclipse.openvsx.entities.*;
 import org.eclipse.openvsx.json.*;
-import org.eclipse.openvsx.mail.MailService;
 import org.eclipse.openvsx.migration.HandlerJobRequest;
 import org.eclipse.openvsx.repositories.RepositoryService;
 import org.eclipse.openvsx.search.SearchUtilService;
@@ -53,7 +52,6 @@ public class AdminService {
     private final StorageUtilService storageUtil;
     private final CacheService cache;
     private final JobRequestScheduler scheduler;
-    private final MailService mail;
 
     public AdminService(
             RepositoryService repositories,
@@ -65,8 +63,7 @@ public AdminService(
             EclipseService eclipse,
             StorageUtilService storageUtil,
             CacheService cache,
-            JobRequestScheduler scheduler,
-            MailService mail
+            JobRequestScheduler scheduler
     ) {
         this.repositories = repositories;
         this.extensions = extensions;
@@ -78,7 +75,6 @@ public AdminService(
         this.storageUtil = storageUtil;
         this.cache = cache;
         this.scheduler = scheduler;
-        this.mail = mail;
     }
 
     @EventListener
@@ -392,20 +388,6 @@ public ResultJson revokePublisherContributions(String provider, String loginName
         return result;
     }
 
-    @Transactional(rollbackOn = ErrorResultException.class)
-    public ResultJson revokePublisherTokens(String provider, String loginName, UserData admin) {
-        var user = repositories.findUserByLoginName(provider, loginName);
-        if (user == null) {
-            throw new ErrorResultException(userNotFoundMessage(loginName), HttpStatus.NOT_FOUND);
-        }
-
-        var deactivatedTokenCount = repositories.deactivateAccessTokens(user);
-        var result = ResultJson.success("Deactivated " + deactivatedTokenCount + " tokens of user " + provider + "/" + loginName + ".");
-        logAdminAction(admin, result);
-        mail.scheduleRevokedAccessTokensMail(user);
-        return result;
-    }
-
     public UserData checkAdminUser() {
         return checkAdminUser(users.findLoggedInUser());
     }

server/src/main/java/org/eclipse/openvsx/mail/MailConfig.java

@@ -11,8 +11,6 @@
 
 import org.eclipse.openvsx.entities.PersonalAccessToken;
 import org.eclipse.openvsx.entities.UserData;
-import org.springframework.data.jpa.repository.Modifying;
-import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.Repository;
 import org.springframework.data.util.Streamable;
 
@@ -31,8 +29,4 @@ public interface PersonalAccessTokenRepository extends Repository<PersonalAccess
     PersonalAccessToken findByValue(String value);
 
     PersonalAccessToken findByUserAndDescriptionAndActiveTrue(UserData user, String description);
-
-    @Modifying
-    @Query("update PersonalAccessToken t set t.active = false where t.user = ?1 and t.active = true")
-    int updateActiveSetFalse(UserData user);
 }

server/src/main/java/org/eclipse/openvsx/mail/MailService.java

@@ -571,10 +571,6 @@ public void deactivateKeyPairs() {
         signatureKeyPairRepo.updateActiveSetFalse();
     }
 
-    public int deactivateAccessTokens(UserData user) {
-        return tokenRepo.updateActiveSetFalse(user);
-    }
-
     public List<String> findActiveExtensionNames(Namespace namespace) {
         return extensionJooqRepo.findActiveExtensionNames(namespace);
     }