diff --git a/config/config-base.json b/config/config-base.json index 08b0aca..bdeea8d 100644 --- a/config/config-base.json +++ b/config/config-base.json @@ -1797,6 +1797,15 @@ "value": "disable_user", "description": "Whether to delete or disable users on expiry." }, + "delete_expired_after_days": { + "name": "Delete expired accounts after (days)", + "required": false, + "requires_restart": false, + "type": "number", + "value": 0, + "depends_true": "behaviour", + "description": "When set, user accounts will be deleted this many days after expiring (if \"Behaviour\" is \"Disable user\"). Set to 0 to disable." + }, "send_email": { "name": "Send email", "required": false, diff --git a/storage.go b/storage.go index dbe8cba..6acc6e0 100644 --- a/storage.go +++ b/storage.go @@ -63,8 +63,9 @@ type Activity struct { } type UserExpiry struct { - JellyfinID string `badgerhold:"key"` - Expiry time.Time + JellyfinID string `badgerhold:"key"` + Expiry time.Time + DeleteAfterPeriod bool // Whether or not to further disable the user later on } type DebugLogAction int diff --git a/user-d.go b/user-d.go index 11a4012..e0a76bb 100644 --- a/user-d.go +++ b/user-d.go @@ -22,6 +22,7 @@ func (app *appContext) checkUsers() { if len(app.storage.GetUserExpiries()) == 0 { return } + app.info.Println(lm.CheckUserExpiries) users, status, err := app.jf.GetUsers(false) if err != nil || status != 200 { @@ -29,87 +30,93 @@ func (app *appContext) checkUsers() { return } mode := "disable" - phrase := lm.DisableExpiredUser if app.config.Section("user_expiry").Key("behaviour").MustString("disable_user") == "delete_user" { mode = "delete" - phrase = lm.DeleteExpiredUser } + + deleteAfterPeriod := app.config.Section("user_expiry").Key("delete_expired_after_days").MustInt(0) + if mode == "delete" { + deleteAfterPeriod = 0 + } + contact := false if messagesEnabled && app.config.Section("user_expiry").Key("send_email").MustBool(true) { contact = true } // Use a map to speed up checking for deleted users later - userExists := map[string]bool{} + userExists := map[string]mediabrowser.User{} for _, user := range users { - userExists[user.ID] = true + userExists[user.ID] = user } for _, expiry := range app.storage.GetUserExpiries() { id := expiry.JellyfinID - if _, ok := userExists[id]; !ok { + user, ok := userExists[id] + if !ok { app.info.Printf(lm.DeleteExpiryForOldUser, id) app.storage.DeleteUserExpiryKey(expiry.JellyfinID) - } else if time.Now().After(expiry.Expiry) { - found := false - var user mediabrowser.User - for _, u := range users { - if u.ID == id { - found = true - user = u - break - } - } - if !found { - app.storage.DeleteUserExpiryKey(expiry.JellyfinID) - continue - } - app.info.Printf(phrase, user.Name) + continue + } + if !time.Now().After(expiry.Expiry) { + continue + } + deleteUserLater := deleteAfterPeriod != 0 && expiry.DeleteAfterPeriod - // Record activity - activity := Activity{ - UserID: id, - SourceType: ActivityDaemon, - Time: time.Now(), - } + // Record activity + activity := Activity{ + UserID: id, + SourceType: ActivityDaemon, + Time: time.Now(), + } - if mode == "delete" { - deleted := false - err, deleted = app.DeleteUser(user) - // Silence unimportant errors - if deleted { - err = nil - } - activity.Type = ActivityDeletion - // Store the user name, since there's no longer a user ID to reference back to - activity.Value = user.Name - } else if mode == "disable" { - // Admins can't be disabled - // so they're not an admin anymore, sorry - user.Policy.IsAdministrator = false - err, _, _ = app.SetUserDisabled(user, true) - activity.Type = ActivityDisabled - } - if !(status == 200 || status == 204) || err != nil { - app.err.Printf(lm.FailedDeleteOrDisableExpiredUser, user.ID, err) - continue + deleteUserNow := deleteUserLater && time.Now().After(expiry.Expiry.AddDate(0, 0, deleteAfterPeriod)) + + if mode == "delete" || deleteUserNow { + app.info.Printf(lm.DeleteExpiredUser, user.Name) + deleted := false + err, deleted = app.DeleteUser(user) + // Silence unimportant errors + if deleted { + err = nil } + activity.Type = ActivityDeletion + // Store the user name, since there's no longer a user ID to reference back to + activity.Value = user.Name + } else if mode == "disable" && !deleteUserLater { + app.info.Printf(lm.DisableExpiredUser, user.Name) + // Admins can't be disabled + // so they're not an admin anymore, sorry + user.Policy.IsAdministrator = false + err, _, _ = app.SetUserDisabled(user, true) + activity.Type = ActivityDisabled + } + if !(status == 200 || status == 204) || err != nil { + app.err.Printf(lm.FailedDeleteOrDisableExpiredUser, user.ID, err) + continue + } - app.storage.SetActivityKey(shortuuid.New(), activity, nil, false) + app.storage.SetActivityKey(shortuuid.New(), activity, nil, false) - app.storage.DeleteUserExpiryKey(expiry.JellyfinID) - app.jf.CacheExpiry = time.Now() - if contact { - if !ok { - continue - } - name := app.getAddressOrName(user.ID) - msg, err := app.email.constructUserExpired(app, false) - if err != nil { - app.err.Printf(lm.FailedConstructExpiryMessage, user.ID, err) - } else if err := app.sendByID(msg, user.ID); err != nil { - app.err.Printf(lm.FailedConstructExpiryMessage, user.ID, name, err) - } else { - app.err.Printf(lm.SentExpiryMessage, user.ID, name) - } + // If the we're not gonna be deleting the user later, we don't need this. + // also, if the admin re-enabled the user, we should get rid of the countdown. + if deleteAfterPeriod <= 0 || mode == "delete" || deleteUserNow || (deleteUserLater && !user.Policy.IsDisabled) { + app.storage.DeleteUserExpiryKey(user.ID) + } else if deleteAfterPeriod > 0 && !deleteUserLater { + expiry.DeleteAfterPeriod = true + app.storage.SetUserExpiryKey(user.ID, expiry) + } + app.jf.CacheExpiry = time.Now() + if contact { + if !ok { + continue + } + name := app.getAddressOrName(user.ID) + msg, err := app.email.constructUserExpired(app, false) + if err != nil { + app.err.Printf(lm.FailedConstructExpiryMessage, user.ID, err) + } else if err := app.sendByID(msg, user.ID); err != nil { + app.err.Printf(lm.FailedSendExpiryMessage, user.ID, name, err) + } else { + app.err.Printf(lm.SentExpiryMessage, user.ID, name) } } }