unsetup should remove all sharing permissions for the deactivated user
- if the user is re-setup, they will have access to the previously shared items, which the admin might not expect/desire
- the deactivated user may appear in "currently shared with..." lists, which seems confusing
There is a slight wrinkle here that "manage" permission links are deleted by unsetup. This appears to be an accident: the comment suggests only (Arvados-hosted) repository permissions are deleted, but the db query is not restricted to repos.
# delete repo_perms for this user Link.where(tail_uuid: self.uuid, link_class: 'permission', name: 'can_manage').destroy_all