There is a race condition in DestroyGroupService now that projects are deleted asynchronously:
1. User attempts to delete group
2. DestroyGroupService iterates through all projects and schedules a Sidekiq job to delete each Project
3. DestroyGroupService destroys the Group, leaving all its projects without a namespace
4. Projects::DestroyService runs later but the can?(current_user,
:remove_project) is `false` because the user no longer has permission to
destroy projects with no namespace.
5. This leaves the project in pending_delete state with no namespace/group.
Projects without a namespace or group also adds another problem: it's not possible to destroy the container
registry tags, since container_registry_path_with_namespace is the wrong value.
The fix is to destroy the group asynchronously and to run execute directly on Projects::DestroyService.
Closes#17893
The route is supposed to redirect the Groups#index request based on
whether or not a user was logged in. If they are, we redirect them to
their groups dashboard; if they're not, we redirect them to the public
Explore page.
But due to overly aggressive `before_action`s that weren't excluding the
`index` action, the request always resulted in a 404, whether a user was
logged in or not.
Closes#12660
Kamil Trzcinski