Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F3369895
D12973.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
4 KB
Referenced Files
None
Subscribers
None
D12973.diff
View Options
diff --git a/services/identity/src/backup.rs b/services/identity/src/backup.rs
new file mode 100644
--- /dev/null
+++ b/services/identity/src/backup.rs
@@ -0,0 +1,41 @@
+use comm_lib::auth::AuthService;
+
+use crate::{
+ config::CONFIG,
+ constants::{error_types, tonic_status_messages},
+};
+
+pub async fn delete_backup_user_data(
+ user_id: &str,
+ auth_service: &AuthService,
+) -> Result<(), crate::error::Error> {
+ let path = format!("/user_data/{}", user_id);
+ let url = CONFIG
+ .backup_service_url
+ .join(&path)
+ .expect("failed to construct backup service URL");
+ let services_token =
+ auth_service.get_services_token().await.map_err(|err| {
+ tracing::error!(
+ errorType = error_types::HTTP_LOG,
+ "Failed to retrieve service-to-service token: {err:?}",
+ );
+ tonic::Status::aborted(tonic_status_messages::UNEXPECTED_ERROR)
+ })?;
+
+ let client = reqwest::Client::builder().build()?;
+ let response = client
+ .delete(url)
+ .bearer_auth(services_token.as_authorization_token()?)
+ .send()
+ .await?;
+ if !response.status().is_success() {
+ let response_body = response.text().await?;
+ tracing::error!(
+ errorType = error_types::HTTP_LOG,
+ "Backup service failed to delete user data: {}",
+ response_body
+ )
+ }
+ Ok(())
+}
diff --git a/services/identity/src/error.rs b/services/identity/src/error.rs
--- a/services/identity/src/error.rs
+++ b/services/identity/src/error.rs
@@ -23,6 +23,8 @@
#[display(...)]
Serde(serde_json::Error),
#[display(...)]
+ Reqwest(reqwest::Error),
+ #[display(...)]
CannotOverwrite,
#[display(...)]
OneTimeKeyUploadLimitExceeded,
diff --git a/services/identity/src/grpc_services/authenticated.rs b/services/identity/src/grpc_services/authenticated.rs
--- a/services/identity/src/grpc_services/authenticated.rs
+++ b/services/identity/src/grpc_services/authenticated.rs
@@ -13,6 +13,7 @@
grpc_services::shared::{get_platform_metadata, get_value},
};
use chrono::DateTime;
+use comm_lib::auth::AuthService;
use comm_opaque2::grpc::protocol_error_to_grpc_status;
use tonic::{Request, Response, Status};
use tracing::{debug, error, trace, warn};
@@ -36,6 +37,7 @@
#[derive(derive_more::Constructor)]
pub struct AuthenticatedService {
db_client: DatabaseClient,
+ comm_auth_service: AuthService,
}
fn get_auth_info(req: &Request<()>) -> Option<(String, String, String)> {
@@ -107,6 +109,15 @@
});
}
+fn spawn_delete_backup_data_task(user_id: String, auth_service: AuthService) {
+ tokio::spawn(async move {
+ debug!("Attempting to delete Backup data for user: {}", &user_id);
+ let result =
+ crate::backup::delete_backup_user_data(&user_id, &auth_service).await;
+ consume_error(result);
+ });
+}
+
#[tonic::async_trait]
impl IdentityClientService for AuthenticatedService {
#[tracing::instrument(skip_all)]
@@ -570,10 +581,11 @@
let device_ids = self
.db_client
- .delete_user(user_id)
+ .delete_user(user_id.clone())
.await
.map_err(handle_db_error)?;
spawn_delete_tunnelbroker_data_task(device_ids);
+ spawn_delete_backup_data_task(user_id, self.comm_auth_service.clone());
let response = Empty {};
Ok(Response::new(response))
@@ -657,10 +669,11 @@
let device_ids = self
.db_client
- .delete_user(user_id)
+ .delete_user(user_id.clone())
.await
.map_err(handle_db_error)?;
spawn_delete_tunnelbroker_data_task(device_ids);
+ spawn_delete_backup_data_task(user_id, self.comm_auth_service.clone());
let response = Empty {};
Ok(Response::new(response))
diff --git a/services/identity/src/main.rs b/services/identity/src/main.rs
--- a/services/identity/src/main.rs
+++ b/services/identity/src/main.rs
@@ -1,3 +1,4 @@
+use comm_lib::auth::AuthService;
use comm_lib::aws;
use comm_lib::aws::config::timeout::TimeoutConfig;
use comm_lib::aws::config::BehaviorVersion;
@@ -6,6 +7,7 @@
use tonic::transport::Server;
use tonic_web::GrpcWebLayer;
+mod backup;
mod client_service;
mod config;
pub mod constants;
@@ -83,6 +85,8 @@
.region("us-east-2")
.load()
.await;
+ let comm_auth_service =
+ AuthService::new(&aws_config, "http://localhost:50054".to_string());
let database_client = DatabaseClient::new(&aws_config);
let inner_client_service = ClientService::new(database_client.clone());
let client_service = IdentityClientServiceServer::with_interceptor(
@@ -90,7 +94,7 @@
grpc_services::shared::version_interceptor,
);
let inner_auth_service =
- AuthenticatedService::new(database_client.clone());
+ AuthenticatedService::new(database_client.clone(), comm_auth_service);
let db_client = database_client.clone();
let auth_service =
AuthServer::with_interceptor(inner_auth_service, move |req| {
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Tue, Nov 26, 11:57 PM (21 h, 3 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2586974
Default Alt Text
D12973.diff (4 KB)
Attached To
Mode
D12973: [identity] Delete Backup user data on account deletion
Attached
Detach File
Event Timeline
Log In to Comment