ensure we delete individual submissions on disk

[redshiftzero]

Description

Fixes #892.

Test Plan

Given the importance of the deletion functionality, I recommend testing the following cases:

Precondition for each case: Via the source interface, create a source with at least one file. Log into the client and download the file.

1. Source is deleted by the local user. The entire source directory ~/.securedrop_client/data/intrusive_smattering should be deleted.
2. Source is deleted by another user (you can simulate this by deleting an entire source in the JI). The entire source directory ~/.securedrop_client/data/intrusive_smattering should be deleted.
3. An individual submission is deleted by another user (you can do this by deleting an individual submission in the JI). The file and its enclosing folder should be deleted: ~/.securedrop_client/data/intrusive_smattering/1-intrusive_smattering-doc.

Checklist

If these changes modify code paths involving cryptography, the opening of files in VMs or network (via the RPC service) traffic, Qubes testing in the staging environment is required. For fine tuning of the graphical user interface, testing in any environment in Qubes is required. Please check as applicable:

• I have tested these changes in the appropriate Qubes environment
• I do not have an appropriate Qubes OS workstation set up (the reviewer will need to test these changes)
• These changes should not need testing in Qubes

If these changes add or remove files other than client code, packaging logic (e.g., the AppArmor profile) may need to be updated. Please check as applicable:

• I have submitted a separate PR to the packaging repo
• No update to the packaging logic (e.g., AppArmor profile) is required for these changes - I ran through the test plan above using the existing AppArmor profile
• I don't know and would appreciate guidance

[rmol]

1. Source is deleted by the local user. The entire source directory ~/.securedrop_client/data/intrusive_smattering should be deleted.
2. Source is deleted by another user (you can simulate this by deleting an entire source in the JI). The entire source directory ~/.securedrop_client/data/intrusive_smattering should be deleted.
3. An individual submission is deleted by another user (you can do this by deleting an individual submission in the JI). The file and its enclosing folder should be deleted: ~/.securedrop_client/data/intrusive_smattering/1-intrusive_smattering-doc.

In the third test, the file and its directory were indeed deleted, but the file was still shown in the conversation view, with export and print buttons. Selecting another source and returning cleared the conversation view, but the filename was still visible in the source's snippet.

[redshiftzero]

thanks for the comments! addressed and repushed. With respect to the two other findings, I believe they are covered by two other bugs: the conversation refresh not updating as part of #891, and the snippets not updating in #922

[rmol]

Changes look good, can be merged after a rebase.

[redshiftzero]

thanks for review! rebased

[rmol]

Oh, bad news. I think some of the changes on master have broken things.

1. Source is deleted by the local user. The entire source directory ~/.securedrop_client/data/intrusive_smattering should be deleted.

This worked, but the new "pending deletion" state wrote "Deleting..." over the empty conversation view text. It eventually corrected of course, but it was ugly in the meantime.

2. Source is deleted by another user (you can simulate this by deleting an entire source in the JI). The entire source directory ~/.securedrop_client/data/intrusive_smattering should be deleted.

This crashed the client with:

Traceback (most recent call last):
  File "/home/user/src/fpf/securedrop-client/securedrop_client/logic.py", line 459, in on_sync_success
    self.update_sources()
  File "/home/user/src/fpf/securedrop-client/securedrop_client/logic.py", line 498, in update_sources
    self.gui.show_sources(sources)
  File "/home/user/src/fpf/securedrop-client/securedrop_client/gui/main.py", line 150, in show_sources
    self.main_view.show_sources(sources)
  File "/home/user/src/fpf/securedrop-client/securedrop_client/gui/widgets.py", line 695, in show_sources
    deleted_sources = self.source_list.update(sources)
  File "/home/user/src/fpf/securedrop-client/securedrop_client/gui/widgets.py", line 926, in update
    del self.source_widgets[list_widget.source_uuid]
KeyError: 'da31ba2b-020e-4339-82d3-7ffa7858e47a'

3. An individual submission is deleted by another user (you can do this by deleting an individual submission in the JI). The file and its enclosing folder should be deleted: ~/.securedrop_client/data/intrusive_smattering/1-intrusive_smattering-doc.

This went fine, except for the previously noted bugs (#891, #922).

[redshiftzero]

Ahh ok, thanks for flagging. OK I'll need to take another look at this on Monday to see what happened and fix.

[redshiftzero]

the new "pending deletion" state wrote "Deleting..." over the empty conversation view text

I believe this one is #929 (recent bug on master)

Otherwise for the traceback you found, I was not able to reproduce, however I added a guard to ensure that we gracefully handle if the uuid of the source widget is missing from the source_widgets dict (what's happening in your traceback afaict).

Rebased/retested/pushed on latest master (8ab6101)

[redshiftzero]

Rebased/retested on latest master (a4a69af)

[rmol]

👍