|
| 1 | +#!/bin/bash |
| 2 | +# The script uses Cronjob to run once a day to check for expired users |
| 3 | +# It is vital to have RUN env > /etc/environment in Dockerfile so that |
| 4 | +# cronjob can have access to env variables from docker |
| 5 | +. /home/hackmd/cron.env |
| 6 | +UPLOADS_DIR="/home/hackmd/app/public/uploads" |
| 7 | +TRASH_DIR="/home/hackmd/trash" |
| 8 | + |
| 9 | +isActive() { |
| 10 | + if ! ldapres=$(ldapsearch -x -H $CMD_LDAP_URL -D "$CMD_LDAP_BINDDN" -w $CMD_LDAP_BINDCREDENTIALS -b $CMD_LDAP_SEARCHBASE $query 2>/dev/null); then |
| 11 | + echo "Ldap is DOWN. Exiting..." |
| 12 | + exit 1 |
| 13 | + fi |
| 14 | + if echo "$ldapres" | grep -q -e "^uid:"; then |
| 15 | + return 0 |
| 16 | + else |
| 17 | + return 1 |
| 18 | + fi |
| 19 | +} |
| 20 | + |
| 21 | +deleteUser(){ |
| 22 | + # Deleting users from postgres database |
| 23 | + local profileid="$1" |
| 24 | +psql $CMD_DB_URL <<-SQL |
| 25 | +DELETE FROM "Users" WHERE profileid = '${profileid}'; |
| 26 | +SQL |
| 27 | +} |
| 28 | + |
| 29 | +deleteNotes(){ |
| 30 | + # Deleting all user's notes from postgres database and moving them to |
| 31 | + # trash can |
| 32 | +shortids=$(psql $CMD_DB_URL -At<<-SQL |
| 33 | +SELECT shortid FROM "Notes" where "ownerId" = '${id}'; |
| 34 | +SQL |
| 35 | +) |
| 36 | +while IFS=' ' read shortid; do |
| 37 | +title=$(psql $CMD_DB_URL -At<<-SQL |
| 38 | +SELECT title FROM "Notes" where shortid = '${shortid}'; |
| 39 | +SQL |
| 40 | +) |
| 41 | +safe_title=$(echo "$title" | tr -cd '[:alnum:]._-') |
| 42 | +filename="${USER_TRASH_DIR}/${safe_title}.md" |
| 43 | + |
| 44 | +content=$(psql $CMD_DB_URL -At<<-SQL |
| 45 | +SELECT content FROM "Notes" WHERE shortid = '${shortid}'; |
| 46 | +SQL |
| 47 | +) |
| 48 | + |
| 49 | +echo "$content" > "$filename" |
| 50 | +done<<<"$shortids" |
| 51 | + |
| 52 | +psql $CMD_DB_URL <<-SQL |
| 53 | +DELETE FROM "Notes" where "ownerId" = '${id}'; |
| 54 | +SQL |
| 55 | +} |
| 56 | + |
| 57 | +deleteFiles(){ |
| 58 | + # Deleting all user's uploads from location /home/hackmd/app/public/uploads |
| 59 | + # The files are saved as upload_{user.id}_{random letters}.{jpg,png,...} |
| 60 | + find $UPLOADS_DIR -type f -name "upload_${id}_*" -exec mv {} "$USER_TRASH_DIR" \; 2>&1 |
| 61 | +} |
| 62 | + |
| 63 | +actuallyDeleteFiles(){ |
| 64 | + # Deleting all user's uploads from location /home/hackmd/app/public/uploads |
| 65 | + # The files are saved as upload_{user.id}_{random letters}.{jpg,png,...} |
| 66 | + |
| 67 | + echo "Removing old trash files" |
| 68 | + find $TRASH_DIR -mindepth 1 -maxdepth 1 -type d -mtime +90 -exec rm -rf {} \; 2>&1 |
| 69 | +} |
| 70 | + |
| 71 | +# Write down the date-time |
| 72 | +date |
| 73 | +# Removing old trash files |
| 74 | +actuallyDeleteFiles |
| 75 | +allusers=$(psql $CMD_DB_URL -t -c 'SELECT profileid FROM "Users";') |
| 76 | +if [ -z "$allusers" ]; then |
| 77 | + echo "Ha Ha nothing to delete" |
| 78 | + exit |
| 79 | +fi |
| 80 | +while IFS=' ' read -r username; do |
| 81 | + # Extracting the username (removing LDAP- prefix) |
| 82 | + uid=$(echo $username | cut -d '-' -f2) |
| 83 | + # Creating the ldap search query |
| 84 | + query=$(echo $CMD_LDAP_SEARCHFILTER | sed "s#{{username}}#${uid}#") |
| 85 | +id=$(psql $CMD_DB_URL -t -A <<-SQL |
| 86 | +SELECT id FROM "Users" WHERE profileid = '${username}'; |
| 87 | +SQL |
| 88 | +) |
| 89 | + # Check if the user exists in the ldap as active user |
| 90 | + if isActive; then |
| 91 | + echo "The account $uid is active" |
| 92 | + else |
| 93 | + echo "The account $uid must be destroyed" |
| 94 | + # This will be the user specific trash can |
| 95 | + USER_TRASH_DIR=${TRASH_DIR}/${uid} |
| 96 | + echo "Moving to Trash ${USER_TRASH_DIR}..." |
| 97 | + mkdir -p $USER_TRASH_DIR |
| 98 | + # These functions move uploads and notes to trash can |
| 99 | + # and delete them permanently after 90 days |
| 100 | + deleteUser $username |
| 101 | + deleteNotes |
| 102 | + deleteFiles |
| 103 | + |
| 104 | + fi |
| 105 | +done <<< "$allusers" |
0 commit comments