support delete resources associated with site

server/lib/deleteResource.ts

@@ -0,0 +1,144 @@
+import { eq, inArray } from "drizzle-orm";
+import {
+    db,
+    newts,
+    resourcePolicies,
+    resources,
+    sites,
+    targetHealthCheck,
+    targets,
+    type Resource,
+    type Target,
+    type TargetHealthCheck,
+    type Transaction
+} from "@server/db";
+import logger from "@server/logger";
+import { removeTargets } from "@server/routers/newt/targets";
+import createHttpError from "http-errors";
+import HttpCode from "@server/types/HttpCode";
+
+export type DeleteResourceResult = {
+    deletedResource: Resource;
+    targetsToBeRemoved: Target[];
+    healthChecksToBeRemoved: TargetHealthCheck[];
+};
+
+export async function performDeleteResources(
+    resourceIds: number[],
+    trx: Transaction | typeof db = db
+): Promise<DeleteResourceResult[]> {
+    if (resourceIds.length === 0) {
+        return [];
+    }
+
+    const targetsToBeRemoved = await trx
+        .select()
+        .from(targets)
+        .where(inArray(targets.resourceId, resourceIds));
+
+    const targetIds = targetsToBeRemoved.map((t) => t.targetId);
+    const healthChecksToBeRemoved =
+        targetIds.length > 0
+            ? await trx
+                  .select()
+                  .from(targetHealthCheck)
+                  .where(inArray(targetHealthCheck.targetId, targetIds))
+            : [];
+
+    const deletedResources = await trx
+        .delete(resources)
+        .where(inArray(resources.resourceId, resourceIds))
+        .returning();
+
+    const policyIds = deletedResources
+        .map((resource) => resource.defaultResourcePolicyId)
+        .filter((id): id is number => id != null);
+
+    if (policyIds.length > 0) {
+        await trx
+            .delete(resourcePolicies)
+            .where(inArray(resourcePolicies.resourcePolicyId, policyIds));
+    }
+
+    if (deletedResources.length > 0) {
+        logger.debug(`Deleted ${deletedResources.length} resources`);
+    }
+
+    const targetsByResourceId = new Map<number, Target[]>();
+    for (const target of targetsToBeRemoved) {
+        const existing = targetsByResourceId.get(target.resourceId) ?? [];
+        existing.push(target);
+        targetsByResourceId.set(target.resourceId, existing);
+    }
+
+    const targetIdToResourceId = new Map(
+        targetsToBeRemoved.map((target) => [target.targetId, target.resourceId])
+    );
+
+    const healthChecksByResourceId = new Map<number, TargetHealthCheck[]>();
+    for (const healthCheck of healthChecksToBeRemoved) {
+        const resourceId = targetIdToResourceId.get(healthCheck.targetId!);
+        if (resourceId == null) {
+            continue;
+        }
+        const existing = healthChecksByResourceId.get(resourceId) ?? [];
+        existing.push(healthCheck);
+        healthChecksByResourceId.set(resourceId, existing);
+    }
+
+    return deletedResources.map((deletedResource) => ({
+        deletedResource,
+        targetsToBeRemoved:
+            targetsByResourceId.get(deletedResource.resourceId) ?? [],
+        healthChecksToBeRemoved:
+            healthChecksByResourceId.get(deletedResource.resourceId) ?? []
+    }));
+}
+
+export async function performDeleteResource(
+    resourceId: number,
+    trx: Transaction | typeof db = db
+): Promise<DeleteResourceResult | null> {
+    const [result] = await performDeleteResources([resourceId], trx);
+    return result ?? null;
+}
+
+export async function runResourceDeleteSideEffects(
+    result: DeleteResourceResult
+): Promise<void> {
+    const { deletedResource, targetsToBeRemoved, healthChecksToBeRemoved } =
+        result;
+
+    for (const target of targetsToBeRemoved) {
+        const [site] = await db
+            .select()
+            .from(sites)
+            .where(eq(sites.siteId, target.siteId))
+            .limit(1);
+
+        if (!site) {
+            throw createHttpError(
+                HttpCode.NOT_FOUND,
+                `Site with ID ${target.siteId} not found`
+            );
+        }
+
+        if (site.pubKey && site.type === "newt") {
+            const [newt] = await db
+                .select()
+                .from(newts)
+                .where(eq(newts.siteId, site.siteId))
+                .limit(1);
+
+            if (newt) {
+                await removeTargets(
+                    newt.newtId,
+                    [],
+                    healthChecksToBeRemoved,
+                    deletedResource.mode === "udp" ? "udp" : "tcp",
+                    newt.version
+                );
+            }
+        }
+    }
+}

server/lib/deleteSiteAssociatedResources.ts

@@ -0,0 +1,126 @@
+import { and, eq, sql } from "drizzle-orm";
+import {
+    db,
+    siteNetworks,
+    siteResources,
+    targets,
+    type SiteResource,
+    type Transaction
+} from "@server/db";
+import {
+    performDeleteResources,
+    runResourceDeleteSideEffects,
+    type DeleteResourceResult
+} from "@server/lib/deleteResource";
+import {
+    performDeleteSiteResources,
+    runSiteResourceDeleteSideEffects
+} from "@server/lib/deleteSiteResource";
+import logger from "@server/logger";
+
+export const MAX_SITE_ASSOCIATED_RESOURCES_FOR_BULK_DELETE = 250;
+
+export type DeleteSiteAssociatedResourcesSideEffects = {
+    resources: DeleteResourceResult[];
+    siteResources: SiteResource[];
+};
+
+export async function getResourceIdsForSite(
+    siteId: number,
+    trx: Transaction | typeof db = db
+): Promise<number[]> {
+    const rows = await trx
+        .selectDistinct({ resourceId: targets.resourceId })
+        .from(targets)
+        .where(eq(targets.siteId, siteId));
+
+    return rows.map((row) => row.resourceId);
+}
+
+export async function getSiteResourceIdsForSite(
+    siteId: number,
+    orgId: string,
+    trx: Transaction | typeof db = db
+): Promise<number[]> {
+    const rows = await trx
+        .selectDistinct({ siteResourceId: siteResources.siteResourceId })
+        .from(siteNetworks)
+        .innerJoin(
+            siteResources,
+            eq(siteResources.networkId, siteNetworks.networkId)
+        )
+        .where(
+            and(eq(siteNetworks.siteId, siteId), eq(siteResources.orgId, orgId))
+        );
+
+    return rows.map((row) => row.siteResourceId);
+}
+
+export async function getAssociatedResourceCountForSite(
+    siteId: number,
+    orgId: string,
+    trx: Transaction | typeof db = db
+): Promise<number> {
+    const [publicCountResult, privateCountResult] = await Promise.all([
+        trx
+            .select({
+                count: sql<number>`count(distinct ${targets.resourceId})`
+            })
+            .from(targets)
+            .where(eq(targets.siteId, siteId)),
+        trx
+            .select({
+                count: sql<number>`count(distinct ${siteResources.siteResourceId})`
+            })
+            .from(siteNetworks)
+            .innerJoin(
+                siteResources,
+                eq(siteResources.networkId, siteNetworks.networkId)
+            )
+            .where(
+                and(
+                    eq(siteNetworks.siteId, siteId),
+                    eq(siteResources.orgId, orgId)
+                )
+            )
+    ]);
+
+    return (
+        Number(publicCountResult[0]?.count ?? 0) +
+        Number(privateCountResult[0]?.count ?? 0)
+    );
+}
+
+export function exceedsSiteAssociatedResourceDeleteLimit(
+    resourceCount: number
+): boolean {
+    return resourceCount > MAX_SITE_ASSOCIATED_RESOURCES_FOR_BULK_DELETE;
+}
+
+export async function deleteAssociatedResourcesForSite(
+    siteId: number,
+    orgId: string,
+    trx: Transaction | typeof db = db
+): Promise<DeleteSiteAssociatedResourcesSideEffects> {
+    const resourceIds = await getResourceIdsForSite(siteId, trx);
+    const siteResourceIds = await getSiteResourceIdsForSite(siteId, orgId, trx);
+
+    const [resources, siteResourcesDeleted] = await Promise.all([
+        performDeleteResources(resourceIds, trx),
+        performDeleteSiteResources(siteResourceIds, trx)
+    ]);
+
+    return { resources, siteResources: siteResourcesDeleted };
+}
+
+export async function runDeleteSiteAssociatedResourcesSideEffects(
+    sideEffects: DeleteSiteAssociatedResourcesSideEffects
+): Promise<void> {
+    for (const result of sideEffects.resources) {
+        await runResourceDeleteSideEffects(result);
+    }
+
+    for (const removed of sideEffects.siteResources) {
+        runSiteResourceDeleteSideEffects(removed);
+    }
+}

server/lib/deleteSiteResource.ts

@@ -0,0 +1,53 @@
+import { inArray } from "drizzle-orm";
+import {
+    db,
+    siteResources,
+    type SiteResource,
+    type Transaction
+} from "@server/db";
+import logger from "@server/logger";
+import { rebuildClientAssociationsFromSiteResource } from "@server/lib/rebuildClientAssociations";
+
+export async function performDeleteSiteResources(
+    siteResourceIds: number[],
+    trx: Transaction | typeof db = db
+): Promise<SiteResource[]> {
+    if (siteResourceIds.length === 0) {
+        return [];
+    }
+
+    const removedSiteResources = await trx
+        .delete(siteResources)
+        .where(inArray(siteResources.siteResourceId, siteResourceIds))
+        .returning();
+
+    if (removedSiteResources.length > 0) {
+        logger.debug(`Deleted ${removedSiteResources.length} site resources`);
+    }
+
+    return removedSiteResources;
+}
+
+export async function performDeleteSiteResource(
+    siteResourceId: number,
+    trx: Transaction | typeof db = db
+): Promise<SiteResource | null> {
+    const [removedSiteResource] = await performDeleteSiteResources(
+        [siteResourceId],
+        trx
+    );
+    return removedSiteResource ?? null;
+}
+
+export function runSiteResourceDeleteSideEffects(
+    removedSiteResource: SiteResource
+): void {
+    rebuildClientAssociationsFromSiteResource(removedSiteResource).catch(
+        (err) => {
+            logger.error(
+                `Error rebuilding client associations for site resource ${removedSiteResource.siteResourceId}:`,
+                err
+            );
+        }
+    );
+}