Add latest changes from gitlab-org/security/gitlab@15-2-stable-ee

2 files changed, 24 insertions, 0 deletions

diff --git a/app/services/groups/destroy_service.rb b/app/services/groups/destroy_service.rb
index c88c139a22e..bcf3110ca21 100644
--- a/app/services/groups/destroy_service.rb
+++ b/app/services/groups/destroy_service.rb
@@ -35,6 +35,8 @@ module Groups
 
       user_ids_for_project_authorizations_refresh = obtain_user_ids_for_project_authorizations_refresh
 
+      destroy_group_bots
+
       group.destroy
 
       if user_ids_for_project_authorizations_refresh.present?
@@ -76,6 +78,19 @@ module Groups
 
       group.users_ids_of_direct_members
     end
+
+    # rubocop:disable CodeReuse/ActiveRecord
+    def destroy_group_bots
+      bot_ids = group.members_and_requesters.joins(:user).merge(User.project_bot).pluck(:user_id)
+      current_user_id = current_user.id
+
+      group.run_after_commit do
+        bot_ids.each do |user_id|
+          DeleteUserWorker.perform_async(current_user_id, user_id, skip_authorization: true)
+        end
+      end
+    end
+    # rubocop:enable CodeReuse/ActiveRecord
   end
 end
 
diff --git a/app/services/todos/destroy/entity_leave_service.rb b/app/services/todos/destroy/entity_leave_service.rb
index 1fe397d24e7..5b04d2fd3af 100644
--- a/app/services/todos/destroy/entity_leave_service.rb
+++ b/app/services/todos/destroy/entity_leave_service.rb
@@ -41,11 +41,20 @@ module Todos
       end
 
       def remove_confidential_resource_todos
+        # Deletes todos for confidential issues
         Todo
           .for_target(confidential_issues.select(:id))
           .for_type(Issue.name)
           .for_user(user)
           .delete_all
+
+        # Deletes todos for internal notes on unauthorized projects
+        Todo
+          .for_type(Issue.name)
+          .for_internal_notes
+          .for_project(non_authorized_reporter_projects) # Only Reporter+ can read internal notes
+          .for_user(user)
+          .delete_all
       end
 
       def remove_project_todos