New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make sources.filesystem_id non-nullable #6350
Conversation
* Upgrade mypy to 0.941 and sqlalchemy-stubs to 0.4. Type stubs are no longer bundled with mypy, so we need to explicitly install various types-{name} packages. * The main issue spotted by the SQLAlchemy plugin, that sources.filesystem_id is nullable, is being fixed in a separate PR: #6350. * Use `--explicit-package-bases` when running mypy, so it treats the securedrop/admin directories as modules regardless of whether `__init__.py` files exist. This is needed so the two tests/ directories don't conflict with each other. * Add missing return types to all schema changes and the templates that generate them. * In the `create_source_uuid_column` migration, drop the use of `quoted_name()`. For some reason mypy doesn't like it, but more importantly we don't need it in SQLite and we don't use it in any other schema change. * Make SecureTemporaryFile.write()'s return type match its parent by returning the number of bytes that were written. Fixes #6346.
870ebcc
to
fc72191
Compare
Codecov Report
@@ Coverage Diff @@
## develop #6350 +/- ##
===========================================
- Coverage 84.00% 83.95% -0.05%
===========================================
Files 61 62 +1
Lines 4295 4307 +12
Branches 522 522
===========================================
+ Hits 3608 3616 +8
- Misses 564 568 +4
Partials 123 123
📣 Codecov can now indicate which changes are the most critical in Pull Requests. Learn more |
* Upgrade mypy to 0.941 and sqlalchemy-stubs to 0.4. Type stubs are no longer bundled with mypy, so we need to explicitly install various types-{name} packages. * The main issue spotted by the SQLAlchemy plugin, that sources.filesystem_id is nullable, is being fixed in a separate PR: #6350. * Use `--explicit-package-bases` when running mypy, so it treats the securedrop/admin directories as modules regardless of whether `__init__.py` files exist. This is needed so the two tests/ directories don't conflict with each other. * Add missing return types to all schema changes and the templates that generate them. * In the `create_source_uuid_column` migration, drop the use of `quoted_name()`. For some reason mypy doesn't like it, but more importantly we don't need it in SQLite and we don't use it in any other schema change. * Make SecureTemporaryFile.write()'s return type match its parent by returning the number of bytes that were written. Fixes #6346.
* Upgrade mypy to 0.941 and sqlalchemy-stubs to 0.4. Type stubs are no longer bundled with mypy, so we need to explicitly install various types-{name} packages. * The main issue spotted by the SQLAlchemy plugin, that sources.filesystem_id is nullable, is being fixed in a separate PR: #6350. * Drop the explicit type comments now that mypy can infer them. * Use `--explicit-package-bases` when running mypy, so it treats the securedrop/admin directories as modules regardless of whether `__init__.py` files exist. This is needed so the two tests/ directories don't conflict with each other. * Add missing return types to all schema changes and the templates that generate them. * In the `create_source_uuid_column` migration, drop the use of `quoted_name()`. For some reason mypy doesn't like it, but more importantly we don't need it in SQLite and we don't use it in any other schema change. * Make SecureTemporaryFile.write()'s return type match its parent by returning the number of bytes that were written. Fixes #6346.
* Upgrade mypy to 0.941 and sqlalchemy-stubs to 0.4. Type stubs are no longer bundled with mypy, so we need to explicitly install various types-{name} packages. * The main issue spotted by the SQLAlchemy plugin, that sources.filesystem_id is nullable, is being fixed in a separate PR: #6350. * Drop the explicit type comments now that mypy can infer them. * Use `--explicit-package-bases` when running mypy, so it treats the securedrop/admin directories as modules regardless of whether `__init__.py` files exist. This is needed so the two tests/ directories don't conflict with each other. * Add missing return types to all schema changes and the templates that generate them. * In the `create_source_uuid_column` migration, drop the use of `quoted_name()`. For some reason mypy doesn't like it, but more importantly we don't need it in SQLite and we don't use it in any other schema change. * Make SecureTemporaryFile.write()'s return type match its parent by returning the number of bytes that were written. Fixes #6346.
I tried to git blame on whether we were ever intentionally writing NULLs to filesystem_id and didn't really find anything (but also the filesystem_id column dates back to the initial SQLAlchemy commit, so it's super old!). I am relatively confident that there aren't NULLs lying around because SD would blow up pretty quickly in the app code if filesystem_id was NULL, so moving this to ready for review. |
* Upgrade mypy to 0.942 and sqlalchemy-stubs to 0.4. Type stubs are no longer bundled with mypy, so we need to explicitly install various types-{name} packages. * Since we need to install extra packages and need other dependencies like Flask, move mypy into test-requirements.txt and run it via the dev container. * The main issue spotted by the SQLAlchemy plugin, that sources.filesystem_id is nullable, is being fixed in a separate PR: #6350. * Drop the explicit type comments now that mypy can infer them. * Use `--explicit-package-bases` when running mypy, so it treats the securedrop/admin directories as modules regardless of whether `__init__.py` files exist. This is needed so the two tests/ directories don't conflict with each other. * Add missing return types to all schema changes and the templates that generate them. * In the `create_source_uuid_column` migration, drop the use of `quoted_name()`. For some reason mypy doesn't like it, but more importantly we don't need it in SQLite and we don't use it in any other schema change. * Make SecureTemporaryFile.write()'s return type match its parent by returning the number of bytes that were written. Fixes #6346. Fixes #6358.
* Upgrade mypy to 0.942 and sqlalchemy-stubs to 0.4. Type stubs are no longer bundled with mypy, so we need to explicitly install various types-{name} packages. * Since we need to install extra packages and need other dependencies like Flask, move mypy into test-requirements.txt and run it via the dev container. * The main issue spotted by the SQLAlchemy plugin, that sources.filesystem_id is nullable, is being fixed in a separate PR: #6350. * Drop the explicit type comments now that mypy can infer them. * Use `--explicit-package-bases` when running mypy, so it treats the securedrop/admin directories as modules regardless of whether `__init__.py` files exist. This is needed so the two tests/ directories don't conflict with each other. * Add missing return types to all schema changes and the templates that generate them. * In the `create_source_uuid_column` migration, drop the use of `quoted_name()`. For some reason mypy doesn't like it, but more importantly we don't need it in SQLite and we don't use it in any other schema change. * Make SecureTemporaryFile.write()'s return type match its parent by returning the number of bytes that were written. Fixes #6346. Fixes #6358.
Poked around a bit as well (including manually setting a source's filesystem_id to null and seeing what happens) - returning users are authenticated by generating the expected filesystem_id and querying the database for it. So, if a source's filesystem_id field is ever set to null, they can't log back in. Probably what this means for this PR is that just deleting sources with a null filesystem_id value is a valid migration strategy, as their submissions are already effectively orphaned and will get swept up in the nightly jobs to detect disconnected files/entries. |
Deleting a source is not the easiest thing in alembic because we need to clean up referential tables, but it seems doable. |
fc72191
to
9725557
Compare
Moving back to draft state, I pushed my work from today but there's still a bit more to do in the migration, we delete stuff out of sources, replies, submissions, but aren't then deleting stuff that refer to those replies and submissions... |
f5d52e6
to
27515a2
Compare
a160a6b
to
0fb2dd9
Compare
* Upgrade mypy to 0.942 and sqlalchemy-stubs to 0.4. Type stubs are no longer bundled with mypy, so we need to explicitly install various types-{name} packages. * Since we need to install extra packages and need other dependencies like Flask, move mypy into test-requirements.txt and run it via the dev container. * The main issue spotted by the SQLAlchemy plugin, that sources.filesystem_id is nullable, is being fixed in a separate PR: #6350. * Drop the explicit type comments now that mypy can infer them. * Use `--explicit-package-bases` when running mypy, so it treats the securedrop/admin directories as modules regardless of whether `__init__.py` files exist. This is needed so the two tests/ directories don't conflict with each other. * Add missing return types to all schema changes and the templates that generate them. * In the `create_source_uuid_column` migration, drop the use of `quoted_name()`. For some reason mypy doesn't like it, but more importantly we don't need it in SQLite and we don't use it in any other schema change. * Make SecureTemporaryFile.write()'s return type match its parent by returning the number of bytes that were written. Fixes #6346. Fixes #6358.
0fb2dd9
to
9d1efc8
Compare
* Upgrade mypy to 0.942 and sqlalchemy-stubs to 0.4. Type stubs are no longer bundled with mypy, so we need to explicitly install various types-{name} packages. * Since we need to install extra packages and need other dependencies like Flask, move mypy into test-requirements.txt and run it via the dev container. * The main issue spotted by the SQLAlchemy plugin, that sources.filesystem_id is nullable, is being fixed in a separate PR: #6350. * Drop the explicit type comments now that mypy can infer them. * Use `--explicit-package-bases` when running mypy, so it treats the securedrop/admin directories as modules regardless of whether `__init__.py` files exist. This is needed so the two tests/ directories don't conflict with each other. * Add missing return types to all schema changes and the templates that generate them. * In the `create_source_uuid_column` migration, drop the use of `quoted_name()`. For some reason mypy doesn't like it, but more importantly we don't need it in SQLite and we don't use it in any other schema change. * Make SecureTemporaryFile.write()'s return type match its parent by returning the number of bytes that were written. Fixes #6346. Fixes #6358.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested as follows:
- set up 2.3.1 prod VM environment, created multiple sources, nulled out the filesystem ID for one of them.
- Confirmed that a 500 error is thrown on the All Sources page due to the missing filesystem_id (so this unlikely scenario would have been immediately noticeable)
- used the upgrade scenario procedure to update the prod instance with debs built from this branch
- confirmed that the All Sources page no longer 500s out and displays only the non-nulled sources.
- confirmed that replies and message from those sources are still available for download
- confirmed that the nulled source was deleted from the database
- confirmed that the filesystem_id field has nullable=false applied.
LGTM!
* Upgrade mypy to 0.942 and sqlalchemy-stubs to 0.4. Type stubs are no longer bundled with mypy, so we need to explicitly install various types-{name} packages. * Since we need to install extra packages and need other dependencies like Flask, move mypy into test-requirements.txt and run it via the dev container. * The main issue spotted by the SQLAlchemy plugin, that sources.filesystem_id is nullable, is being fixed in a separate PR: #6350. * Drop the explicit type comments now that mypy can infer them. * Use `--explicit-package-bases` when running mypy, so it treats the securedrop/admin directories as modules regardless of whether `__init__.py` files exist. This is needed so the two tests/ directories don't conflict with each other. * Add missing return types to all schema changes and the templates that generate them. * In the `create_source_uuid_column` migration, drop the use of `quoted_name()`. For some reason mypy doesn't like it, but more importantly we don't need it in SQLite and we don't use it in any other schema change. * Make SecureTemporaryFile.write()'s return type match its parent by returning the number of bytes that were written. Fixes #6346. Fixes #6358.
Status
Ready for review
Description of Changes
We already set this field all the time and in all places expect it to be
a string, not checking if its None first.
Discovered by the mypy work I'm doing in #6346.
Refs #6226.
Testing
alembic upgrade head
to apply this schema change, and try to log in with the source. Verify you can log in properly.Deployment
Any special considerations for deployment? No, just a normal schema change.
Checklist
make lint
) and tests (make test
) pass in the development container