Don't attempt to update user tracked fields if database is in read-only

With Geo, attempting to view an endpoint with a user could result in an Error 500 since Devise attempts to update the last sign-in IP and other details. Closes gitlab-org/gitlab-ee#4972
2018-02-17 21:29:22 -08:00 · 2018-02-17 21:29:22 -08:00 · 46e6a9f8a0
parent 557db7e635
commit 46e6a9f8a0
3 changed files with 15 additions and 0 deletions
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -59,6 +59,8 @@ class User < ActiveRecord::Base
  # Override Devise::Models::Trackable#update_tracked_fields!
  # to limit database writes to at most once every hour
  def update_tracked_fields!(request)
+    return if Gitlab::Database.read_only?
+
    update_tracked_fields(request)

    lease = Gitlab::ExclusiveLease.new("user_update_tracked_fields:#{id}", timeout: 1.hour.to_i)
--- a/changelogs/unreleased/sh-guard-read-only-user-updates.yml
+++ b/changelogs/unreleased/sh-guard-read-only-user-updates.yml
@ -0,0 +1,5 @@
+---
+title: Don't attempt to update user tracked fields if database is in read-only
+merge_request:
+author:
+type: fixed
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@ -496,6 +496,14 @@ describe User do
        user2.update_tracked_fields!(request)
      end.to change { user2.reload.current_sign_in_at }
    end
+
+    it 'does not write if the DB is in read-only mode' do
+      expect(Gitlab::Database).to receive(:read_only?).and_return(true)
+
+      expect do
+        user.update_tracked_fields!(request)
+      end.not_to change { user.reload.current_sign_in_at }
+    end
  end

  shared_context 'user keys' do