Delete stale tokens as admin

[cryptobot]

Even if a device owner has no access to a vault anymore, the corresponding device token can still exists in the database. As admin I want to have a cleanup task in the admin interface, to delete such tokens.

[infeo]

Note: By leaving the stale tokens in the db, as soon as the user is added again to the vault, the regarding device has access to the vault again.

[overheadhunter]

which is desirable behaviour: Imagine that a given vault is accessible to group G which user U is a member of. U has a device for which a token is stored. Now let's revoke access from G and grant access to U later. If a DB trigger or cascade would delete the token immediately, the user would temporarily loose access.

So what would you suggest?

[overheadhunter]

How about this: Let's make editing permissions a transaction which is started by entering the vault admin password and committed by confirming the permission change (or cancelled).

The frontend records all "deleted" and "added" authority ids. For each added authority, new access tokens will be generated. During commit, the whole batch is submitted to the backend, which will (in a single transaction) 1. perform all deletes (also cascading to access tokens), 2. perform all adds, 3. register new tokens.