Page MenuHomePhabricator

D14087.id46243.diff
No OneTemporary

D14087.id46243.diff

diff --git a/services/identity/src/database/device_list.rs b/services/identity/src/database/device_list.rs
--- a/services/identity/src/database/device_list.rs
+++ b/services/identity/src/database/device_list.rs
@@ -1470,6 +1470,33 @@
Ok(())
}
+ /// Reset device list to empty array and remove devices data.
+ /// Ran during privileged password reset
+ #[tracing::instrument(skip_all)]
+ pub async fn reset_device_list(
+ &self,
+ user_id: &str,
+ ) -> Result<DeviceListRow, Error> {
+ let mut devices_being_removed: Vec<String> = Vec::new();
+ let update_result = self
+ .transact_update_devicelist(user_id, |current_list, _| {
+ devices_being_removed.extend(current_list.clone());
+
+ debug!("Resetting device list");
+ *current_list = Vec::new();
+
+ Ok(UpdateOperationInfo::identity_generated())
+ })
+ .await?;
+
+ // delete device data and invalidate CSAT for removed devices
+ self
+ .clean_up_devices_data(user_id, devices_being_removed)
+ .await?;
+
+ Ok(update_result)
+ }
+
/// applies updated device list received from primary device
pub async fn apply_devicelist_update<V>(
&self,
@@ -1523,10 +1550,21 @@
})
.await?;
- if !remove_device_data {
- return Ok(update_result);
+ if remove_device_data {
+ self
+ .clean_up_devices_data(user_id, devices_being_removed)
+ .await?;
}
+ Ok(update_result)
+ }
+
+ /// called internally when removing devices from device list
+ async fn clean_up_devices_data(
+ &self,
+ user_id: &str,
+ devices_being_removed: Vec<String>,
+ ) -> Result<(), Error> {
// delete device data and invalidate CSAT for removed devices
debug!(
"{} devices have been removed from device list. Clearing data...",
@@ -1552,8 +1590,7 @@
consume_error(result);
});
}
-
- Ok(update_result)
+ Ok(())
}
/// Performs a transactional update of the device list for the user. Afterwards
diff --git a/services/identity/src/grpc_services/authenticated.rs b/services/identity/src/grpc_services/authenticated.rs
--- a/services/identity/src/grpc_services/authenticated.rs
+++ b/services/identity/src/grpc_services/authenticated.rs
@@ -787,9 +787,14 @@
self
.db_client
- .update_user_password(state.user_id, password_file)
+ .update_user_password(state.user_id.clone(), password_file)
.await?;
+ // Delete backups, blob holders and tunnelbroker device tokens.
+ // This has to be done before resetting device list.
+ self.delete_services_data_for_user(&state.user_id).await?;
+ self.db_client.reset_device_list(&state.user_id).await?;
+
let response = Empty {};
Ok(Response::new(response))
}

File Metadata

Mime Type
text/plain
Expires
Thu, Dec 12, 10:17 AM (5 h, 40 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2647806
Default Alt Text
D14087.id46243.diff (2 KB)

Event Timeline