Merge pull request #7683 from freedomofpress/client-writes2

cfm · web-flow · commit e1c821ac422c · 2025-10-29T18:06:14.000Z
Add remaining write methods to APIv2
diff --git a/securedrop/journalist_app/api2/__init__.py b/securedrop/journalist_app/api2/__init__.py
@@ -1,15 +1,14 @@
-import hashlib
 from dataclasses import asdict
-from typing import Mapping, Optional
+from typing import Optional
 
-from flask import Blueprint, abort, json, jsonify, request
+from flask import Blueprint, abort, jsonify, request
 from journalist_app.api2.events import EventHandler
+from journalist_app.api2.shared import json_version
 from journalist_app.api2.types import (
     BatchRequest,
     BatchResponse,
     Event,
     Index,
-    Version,
 )
 from journalist_app.sessions import session
 from models import EagerQuery, Journalist, Reply, Source, Submission, eager_query
@@ -25,20 +24,6 @@
 PREFIX_MAX_LEN = inspect(Source).columns["uuid"].type.length
 
 
-def json_version(d: Mapping) -> Version:
-    """
-    Calculate the version (BLAKE2s digest) of the normalized JSON representation
-    of the dictionary ``d``.
-
-    We use BLAKE2s here because SHA-256 is too slow (we don't care about
-    cryptographic security) and CRC-32 is too collision-prone (we're not merely
-    checksumming for transmission integrity).
-    """
-    s = json.dumps(d, separators=[",", ":"], sort_keys=True)
-    b = s.encode("utf-8")
-    return Version(hashlib.blake2s(b).hexdigest())
-
-
 @blp.get("/index")
 @blp.get("/index/<string:source_prefix>")
 def index(source_prefix: Optional[str] = None) -> Response:
diff --git a/securedrop/journalist_app/api2/events.py b/securedrop/journalist_app/api2/events.py
@@ -1,13 +1,14 @@
 from db import db
 from journalist_app import utils
-from journalist_app.api2.shared import save_reply
+from journalist_app.api2.shared import json_version, save_reply
 from journalist_app.api2.types import (
     Event,
     EventResult,
     EventStatusCode,
     EventType,
+    ItemUUID,
 )
-from journalist_app.sessions import Session
+from journalist_app.sessions import Session, session
 from models import Reply, Source, Submission
 from redis import Redis
 from sqlalchemy.orm.exc import MultipleResultsFound, NoResultFound
@@ -53,7 +54,12 @@ def process(self, event: Event) -> EventResult:
 
             handler = {
                 EventType.ITEM_DELETED: self.handle_item_deleted,
+                EventType.ITEM_SEEN: self.handle_item_seen,
                 EventType.REPLY_SENT: self.handle_reply_sent,
+                EventType.SOURCE_DELETED: self.handle_source_deleted,
+                EventType.SOURCE_CONVERSATION_DELETED: self.handle_source_conversation_deleted,
+                EventType.SOURCE_STARRED: self.handle_source_starred,
+                EventType.SOURCE_UNSTARRED: self.handle_source_unstarred,
             }[event.type]
         except KeyError:
             return EventResult(
@@ -86,24 +92,11 @@ def mark_progress(
 
     @staticmethod
     def handle_item_deleted(event: Event) -> EventResult:
-        submission = Submission.query.filter(
-            Submission.uuid == event.target.item_uuid
-        ).one_or_none()
-        reply = Reply.query.filter(Reply.uuid == event.target.item_uuid).one_or_none()
-
-        if submission and reply:
-            # Fail if we get unlucky and hit a UUID collision between the
-            # `Submission` and `Reply` tables.  This is vanishingly unlikely,
-            # but SQLite can't enforce uniqueness between them.
-            raise MultipleResultsFound(
-                f"found {event.target.item_uuid} in both submissions and replies"
-            )
-
-        item = submission or reply
+        item = find_item(event.target.item_uuid)
         if item is None:
             return EventResult(
                 event_id=event.id,
-                status=(EventStatusCode.NotFound, f"could not find item: {event.target.item_uuid}"),
+                status=(EventStatusCode.Gone, None),
             )
 
         utils.delete_file_object(item)
@@ -135,3 +128,156 @@ def handle_reply_sent(event: Event) -> EventResult:
             sources={source.uuid: source},
             items={reply.uuid: reply},
         )
+
+    @staticmethod
+    def handle_source_deleted(event: Event) -> EventResult:
+        try:
+            source = Source.query.filter(Source.uuid == event.target.source_uuid).one()
+        except NoResultFound:
+            return EventResult(
+                event_id=event.id,
+                status=(
+                    EventStatusCode.Gone,
+                    None,
+                ),
+            )
+
+        current_version = json_version(source.to_api_v2())
+        if event.target.version != current_version:
+            return EventResult(
+                event_id=event.id,
+                status=(
+                    EventStatusCode.Conflict,
+                    f"outdated source: expected {current_version}, got {event.target.version}",
+                ),
+            )
+
+        # Mark as deleted all the items in the source's collection
+        deleted_items = {item.uuid: None for item in source.collection}
+
+        utils.delete_collection(source.filesystem_id)
+        return EventResult(
+            event_id=event.id,
+            status=(EventStatusCode.OK, None),
+            sources={event.target.source_uuid: None},
+            items=deleted_items,
+        )
+
+    @staticmethod
+    def handle_source_conversation_deleted(event: Event) -> EventResult:
+        try:
+            source = Source.query.filter(Source.uuid == event.target.source_uuid).one()
+        except NoResultFound:
+            return EventResult(
+                event_id=event.id,
+                status=(
+                    EventStatusCode.Gone,
+                    None,
+                ),
+            )
+
+        current_version = json_version(source.to_api_v2())
+        if event.target.version != current_version:
+            return EventResult(
+                event_id=event.id,
+                status=(
+                    EventStatusCode.Conflict,
+                    f"outdated source: expected {current_version}, got {event.target.version}",
+                ),
+            )
+
+        # Mark as deleted all the items in the source's collection
+        deleted_items = {item.uuid: None for item in source.collection}
+
+        utils.delete_source_files(source.filesystem_id)
+        db.session.refresh(source)
+
+        return EventResult(
+            event_id=event.id,
+            status=(EventStatusCode.OK, None),
+            sources={source.uuid: source},
+            items=deleted_items,
+        )
+
+    @staticmethod
+    def handle_source_starred(event: Event) -> EventResult:
+        try:
+            source = Source.query.filter(Source.uuid == event.target.source_uuid).one()
+        except NoResultFound:
+            return EventResult(
+                event_id=event.id,
+                status=(
+                    EventStatusCode.NotFound,
+                    f"could not find source: {event.target.source_uuid}",
+                ),
+            )
+
+        utils.make_star_true(source.filesystem_id)
+        db.session.commit()
+        db.session.refresh(source)
+
+        return EventResult(
+            event_id=event.id,
+            status=(EventStatusCode.OK, None),
+            sources={source.uuid: source},
+        )
+
+    @staticmethod
+    def handle_source_unstarred(event: Event) -> EventResult:
+        try:
+            source = Source.query.filter(Source.uuid == event.target.source_uuid).one()
+        except NoResultFound:
+            return EventResult(
+                event_id=event.id,
+                status=(
+                    EventStatusCode.NotFound,
+                    f"could not find source: {event.target.source_uuid}",
+                ),
+            )
+
+        utils.make_star_false(source.filesystem_id)
+        db.session.commit()
+        db.session.refresh(source)
+
+        return EventResult(
+            event_id=event.id,
+            status=(EventStatusCode.OK, None),
+            sources={source.uuid: source},
+        )
+
+    @staticmethod
+    def handle_item_seen(event: Event) -> EventResult:
+        item = find_item(event.target.item_uuid)
+        if item is None:
+            return EventResult(
+                event_id=event.id,
+                status=(EventStatusCode.NotFound, f"could not find item: {event.target.item_uuid}"),
+            )
+
+        # Mark it as seen
+        utils.mark_seen([item], session.get_user())
+
+        # Refresh and return
+        source = item.source
+        db.session.refresh(source)
+        db.session.refresh(item)
+
+        return EventResult(
+            event_id=event.id,
+            status=(EventStatusCode.OK, None),
+            sources={source.uuid: source},
+            items={item.uuid: item},
+        )
+
+
+def find_item(item_uuid: ItemUUID) -> Submission | Reply | None:
+    submission = Submission.query.filter(Submission.uuid == item_uuid).one_or_none()
+    reply = Reply.query.filter(Reply.uuid == item_uuid).one_or_none()
+
+    if submission and reply:
+        # Fail if we get unlucky and hit a UUID collision between the
+        # `Submission` and `Reply` tables.  This is vanishingly unlikely,
+        # but SQLite can't enforce uniqueness between them.
+        raise MultipleResultsFound(f"found {item_uuid} in both submissions and replies")
+
+    return submission or reply
diff --git a/securedrop/journalist_app/api2/shared.py b/securedrop/journalist_app/api2/shared.py
@@ -3,10 +3,14 @@
 (journalist_app.api) and shared with the v2 Journalist API (journalist_app.api2)
 """
 
+import hashlib
 import os
+from typing import Mapping
 from uuid import UUID
 
 from db import db
+from flask import json
+from journalist_app.api2.types import Version
 from journalist_app.sessions import session
 from models import (
     InvalidUUID,
@@ -18,6 +22,20 @@
 from store import Storage
 
 
+def json_version(d: Mapping) -> Version:
+    """
+    Calculate the version (BLAKE2s digest) of the normalized JSON representation
+    of the dictionary ``d``.
+
+    We use BLAKE2s here because SHA-256 is too slow (we don't care about
+    cryptographic security) and CRC-32 is too collision-prone (we're not merely
+    checksumming for transmission integrity).
+    """
+    s = json.dumps(d, separators=[",", ":"], sort_keys=True)
+    b = s.encode("utf-8")
+    return Version(hashlib.blake2s(b).hexdigest())
+
+
 def save_reply(source: Source, data: dict) -> Reply:
     source.interaction_count += 1
     filename = Storage.get_default().save_pre_encrypted_reply(
diff --git a/securedrop/journalist_app/api2/types.py b/securedrop/journalist_app/api2/types.py
@@ -26,14 +26,25 @@
 class EventType(StrEnum):
     REPLY_SENT = auto()
     ITEM_DELETED = auto()
+    ITEM_SEEN = auto()
+    SOURCE_DELETED = auto()
+    SOURCE_CONVERSATION_DELETED = auto()
+    SOURCE_STARRED = auto()
+    SOURCE_UNSTARRED = auto()
 
 
 class EventStatusCode(IntEnum):
     Processing = 102
     OK = 200
+    # We already saw and processed this event
     AlreadyReported = 208
     BadRequest = 400
+    # The target UUID doesn't exist (non-deletion requests)
     NotFound = 404
+    # Provided version is out of date and it was a deletion request
+    Conflict = 409
+    # The target UUID doesn't exist and it was a deletion request
+    Gone = 410
     NotImplemented = 501
 
 
diff --git a/securedrop/tests/test_journalist_api2.py b/securedrop/tests/test_journalist_api2.py
