refactor(handle_source_conversation_deleted): utils.delete_file_object() is non-atomic

Author: cfm

API2.md

@@ -176,12 +176,9 @@ state "handle_<event.type>()" as Handler {
 Handler --> OK
 state "Cache and report success" as SuccessBranch {
     OK : 200 OK
-    MultiStatus : 207 MultiStatus
-
     OK --> UpdateCache
-    MultiStatus --> UpdateCache
 
-    UpdateCache : redis.set(event.id, status, ttl)
+    UpdateCache : redis.set(event.id, OK, ttl)
     UpdateCache --> [*] : return (status, delta)
 }
 

securedrop/journalist_app/api2/events.py

@@ -260,19 +260,20 @@ def handle_source_conversation_truncated(event: Event, minor: int) -> EventResul
             if item.interaction_count <= event.data.upper_bound:
                 try:
                     utils.delete_file_object(item)
-                    deleted[item.uuid] = None
                 except ValueError:
-                    deleted[item.uuid] = item
-
-        if any(deleted.values()):
-            status = EventStatusCode.MultiStatus
-        else:
-            status = EventStatusCode.OK
+                    # `utils.delete_file_object()` is non-atomic: it guarantees
+                    # database deletion but not filesystem deletion.  The former
+                    # is all we need for consistency with the client, and the
+                    # latter will be caught by monitoring for "disconnected"
+                    # submissions.
+                    pass
+                finally:
+                    deleted[item.uuid] = None
 
         db.session.refresh(source)
         return EventResult(
             event_id=event.id,
-            status=(status, None),
+            status=(EventStatusCode.OK, None),
             sources={source.uuid: source},
             items=deleted,
         )

securedrop/journalist_app/api2/types.py

@@ -44,9 +44,6 @@ class EventType(StrEnum):
 class EventStatusCode(IntEnum):
     Processing = 102
     OK = 200
-    # This event decomposes into multiple actions, some of which succeeded and
-    # some of which failed.  Retries for failures must be submitted in a new event.
-    MultiStatus = 207
     # We already saw and processed this event
     AlreadyReported = 208
     BadRequest = 400