Remove old way of creating users based on replies (only allow Deleted…

…User)
freedomofpress · Feb 8, 2022 · 9414760 · 9414760
1 parent 0357266
commit 9414760
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 32 deletions.
diff --git a/securedrop_client/storage.py b/securedrop_client/storage.py
@@ -37,6 +37,7 @@
 from sqlalchemy.orm.session import Session
 
 from securedrop_client.db import (
+    DeletedUser,
     DraftReply,
     File,
     Message,
@@ -409,38 +410,33 @@ def update_replies(
     * New replies have an entry created in the local database.
     * Local replies not returned in the remote replies are deleted from the
       local database unless they are pending or failed.
-
-    If a reply references a new journalist username, add them to the database
-    as a new user.
     """
     local_replies_by_uuid = {r.uuid: r for r in local_replies}
-    users: Dict[str, User] = {}
+    deleted_user = session.query(User).filter_by(username="deleted").one_or_none()
+    user_cache: Dict[str, User] = {}
     source_cache = SourceCache(session)
     for reply in remote_replies:
-        user = users.get(reply.journalist_uuid)
-
+        user = user_cache.get(reply.journalist_uuid)
         if not user:
-            user = create_or_update_user(
-                reply.journalist_uuid,
-                reply.journalist_username,
-                reply.journalist_first_name,
-                reply.journalist_last_name,
-                session,
-            )
-            users[reply.journalist_uuid] = user
-        elif (
-            user.username != reply.journalist_username
-            or user.firstname != reply.journalist_first_name
-            or user.lastname != reply.journalist_last_name
-        ):
-            user = create_or_update_user(
-                reply.journalist_uuid,
-                reply.journalist_username,
-                reply.journalist_first_name,
-                reply.journalist_last_name,
-                session,
-            )
-            users[reply.journalist_uuid] = user
+            user = session.query(User).filter_by(uuid=reply.journalist_uuid).one_or_none()
+
+            # If the account for the sender does not exist, then replies will need to be associated
+            # to a local "deleted" user account.
+            #
+            # Once support for the pre-2.2.0 server is deprecated, this code can be removed, and the
+            # client can rely entirely on the /users endpoint to manage user accounts. Until then,
+            # we must handle the case where the pre-2.2.0 server returns a `journalist_uuid` of
+            # "deleted" for a reply's sender when no actual account exists with that uuid.
+            if not user:
+                user = deleted_user
+                if not user:
+                    user = DeletedUser()
+                    session.add(user)
+                    session.commit()
+                    deleted_user = user
+
+            # Add the retrieved or newly created "deleted" user to the cache
+            user_cache[reply.journalist_uuid] = user
 
         local_reply = local_replies_by_uuid.get(reply.uuid)
         if local_reply:

diff --git a/tests/test_storage.py b/tests/test_storage.py
@@ -562,11 +562,6 @@ def test_update_replies_deletes_files_associated_with_the_reply(homedir, mocker)
     abs_local_filename = add_test_file_to_temp_dir(source_directory, local_filename_when_decrypted)
     local_replies = [local_reply]
 
-    # There needs to be a corresponding local_source.
-    local_source = mocker.MagicMock()
-    local_source.uuid = "test-source-uuid"
-    local_source.id = 666
-    mock_session.query().filter_by.return_value = [local_source]
     update_replies(remote_replies, local_replies, mock_session, homedir)
 
     # Ensure the file associated with the reply are deleted on disk.