fix(api): linking user with contacts and duplicate risk labels

Author: hbriese

api/dbschema/default.esdl

@@ -95,7 +95,10 @@ module default {
     required proposal: Proposal {
       on target delete delete source;
     }
-    required user: User { default := (<User>(global current_user).id); }
+    required user: User { 
+      default := (<User>(global current_user).id);
+      on target delete delete source;
+    }
     required risk: ProposalRisk;
 
     constraint exclusive on ((.proposal, .user));

api/dbschema/edgeql-js/__spec__.ts

@@ -245,9 +245,9 @@ const $CloudShare = $.makeType<$CloudShare>(_.spec, "6060e7a5-9eb1-11ee-a81d-3de
 const CloudShare: $.$expr_PathNode<$.TypeSet<$CloudShare, $.Cardinality.Many>, null> = _.syntax.$PathNode($.$toSet($CloudShare, $.Cardinality.Many), null);
 
 export type $ContactλShape = $.typeutil.flatten<_std.$Object_8ce8c71ee4fa5f73840c22d7eaa58588λShape & {
-  "user": $.LinkDesc<$User, $.Cardinality.One, {}, false, false,  false, true>;
   "address": $.PropertyDesc<$UAddress, $.Cardinality.One, false, false, false, false>;
   "label": $.PropertyDesc<$Label, $.Cardinality.One, false, false, false, false>;
+  "user": $.LinkDesc<$User, $.Cardinality.One, {}, false, false,  false, true>;
   "<contact[is Approver]": $.LinkDesc<$Approver, $.Cardinality.Many, {}, false, false,  false, false>;
   "<contact[is current_approver]": $.LinkDesc<$current_approver, $.Cardinality.Many, {}, false, false,  false, false>;
   "<contacts[is User]": $.LinkDesc<$User, $.Cardinality.Many, {}, false, false,  false, false>;
@@ -442,8 +442,8 @@ const PolicyState: $.$expr_PathNode<$.TypeSet<$PolicyState, $.Cardinality.Many>,
 
 export type $ProposalRiskLabelλShape = $.typeutil.flatten<_std.$Object_8ce8c71ee4fa5f73840c22d7eaa58588λShape & {
   "proposal": $.LinkDesc<$Proposal, $.Cardinality.One, {}, false, false,  false, false>;
-  "user": $.LinkDesc<$User, $.Cardinality.One, {}, false, false,  false, true>;
   "risk": $.PropertyDesc<$ProposalRisk, $.Cardinality.One, false, false, false, false>;
+  "user": $.LinkDesc<$User, $.Cardinality.One, {}, false, false,  false, true>;
 }>;
 type $ProposalRiskLabel = $.ObjectType<"default::ProposalRiskLabel", $ProposalRiskLabelλShape, null, [
   ..._std.$Object_8ce8c71ee4fa5f73840c22d7eaa58588['__exclusives__'],
@@ -709,8 +709,8 @@ export type $UserλShape = $.typeutil.flatten<_std.$Object_8ce8c71ee4fa5f73840c2
   "<user[is Approver]": $.LinkDesc<$Approver, $.Cardinality.Many, {}, false, false,  false, false>;
   "<user[is current_approver]": $.LinkDesc<$current_approver, $.Cardinality.Many, {}, false, false,  false, false>;
   "<user[is Token]": $.LinkDesc<$Token, $.Cardinality.Many, {}, false, false,  false, false>;
-  "<user[is ProposalRiskLabel]": $.LinkDesc<$ProposalRiskLabel, $.Cardinality.Many, {}, false, false,  false, false>;
   "<user[is Contact]": $.LinkDesc<$Contact, $.Cardinality.Many, {}, false, false,  false, false>;
+  "<user[is ProposalRiskLabel]": $.LinkDesc<$ProposalRiskLabel, $.Cardinality.Many, {}, false, false,  false, false>;
   "<user": $.LinkDesc<$.ObjectType, $.Cardinality.Many, {}, false, false,  false, false>;
 }>;
 type $User = $.ObjectType<"default::User", $UserλShape, null, [

api/dbschema/edgeql-js/modules/default.ts

@@ -122,9 +122,9 @@ export interface CloudShare extends std.$Object {
   "share": string;
 }
 export interface Contact extends std.$Object {
-  "user": User;
   "address": string;
   "label": string;
+  "user": User;
 }
 export interface Contract extends std.$Object {
   "functions": Function[];
@@ -201,8 +201,8 @@ export interface PolicyState extends std.$Object {
 export type ProposalRisk = "Low" | "Medium" | "High";
 export interface ProposalRiskLabel extends std.$Object {
   "proposal": Proposal;
-  "user": User;
   "risk": ProposalRisk;
+  "user": User;
 }
 export interface Receipt extends std.$Object {
   "responses": string[];

api/dbschema/interfaces.ts

@@ -0,0 +1,14 @@
+CREATE MIGRATION m1snled4gso2wkpig4ozz776xv3xrfsozyuwqznukjvip2nlvoycpq
+    ONTO m1jyyy6uam4hnajxp6wy2oi2bhxxgier2ryh6jxlpfplk35qq4dmma
+{
+  ALTER TYPE default::Contact {
+      ALTER LINK user {
+          ON TARGET DELETE DELETE SOURCE;
+      };
+  };
+  ALTER TYPE default::ProposalRiskLabel {
+      ALTER LINK user {
+          ON TARGET DELETE DELETE SOURCE;
+      };
+  };
+};

api/dbschema/migrations/00003.edgeql

@@ -54,7 +54,10 @@ module default {
   }
 
   type Contact {
-    required user: User { default := (<User>(global current_user).id); }
+    required user: User { 
+      default := (<User>(global current_user).id);
+      on target delete delete source;
+    }
     required address: UAddress;
     required label: Label;
 

api/dbschema/user.esdl

@@ -66,53 +66,44 @@ export class UsersService {
   }
 
   async link(token: string) {
-    const [oldUser, secret] = token.split(':');
+    const [oldId, secret] = token.split(':');
 
-    const expectedSecret = await this.redis.get(this.getLinkingTokenKey(oldUser));
+    const expectedSecret = await this.redis.get(this.getLinkingTokenKey(oldId));
     if (secret !== expectedSecret)
       throw new UserInputError(`Invalid linking token; token may have expired (1h)`);
 
-    const newUser = await this.db.query(
-      e.assert_exists(e.select(e.global.current_user, () => ({ id: true }))).id,
-    );
-    if (oldUser === newUser) return;
+    const newId = await this.db.query(e.assert_exists(e.select(e.global.current_user.id)));
+    if (oldId === newId) return;
 
     const approvers = await this.db.DANGEROUS_superuserClient.transaction(async (db) => {
-      const selectNewUser = e.select(e.User, () => ({ filter_single: { id: newUser } }));
+      const oldUser = e.select(e.User, () => ({ filter_single: { id: oldId } }));
+      const newUser = e.select(e.User, () => ({ filter_single: { id: newId } }));
 
-      // Pair with the user - merging their approvers into the current user
-      const approvers = await e
+      // Merge old user into new user (avoiding exclusivity constraint violations)
+      const { approvers } = await e
         .select({
-          approvers: e.select(
-            e.update(e.Approver, (a) => ({
-              filter: e.op(a.user.id, '=', e.cast(e.uuid, oldUser)),
-              set: { user: selectNewUser },
-            })),
-            () => ({ address: true }),
-          ).address,
-          oldUserRiskLabels: e.update(e.ProposalRiskLabel, (l) => ({
-            filter: e.op(
-              l.user,
-              '=',
-              e.select(e.User, () => ({ filter_single: { id: oldUser } })),
-            ),
-            set: {
-              user: selectNewUser,
-            },
+          approvers: e.update(oldUser.approvers, () => ({ set: { user: newUser } })).address,
+          contacts: e.update(oldUser.contacts, (c) => ({
+            filter: e.op(c.label, 'not in', newUser.contacts.label),
+            set: { user: newUser },
+          })),
+          riskLabels: e.update(oldUser['<user[is ProposalRiskLabel]'], (l) => ({
+            filter: e.op(l.proposal, 'not in', newUser['<user[is ProposalRiskLabel]'].proposal),
+            set: { user: newUser },
           })),
         })
-        .approvers.run(db);
+        .run(db);
 
       // Delete old user
-      await e.delete(e.User, () => ({ filter_single: { id: oldUser } })).run(db);
+      await e.delete(oldUser).run(db);
 
       return approvers;
     });
 
     // Remove approver -> user cache
     await this.accountsCache.removeApproverUserCache(...(approvers as Address[]));
     await Promise.all([
-      this.pubsub.publish<UserSubscriptionPayload>(getUserTrigger(newUser), {}),
+      this.pubsub.publish<UserSubscriptionPayload>(getUserTrigger(newId), {}),
       ...approvers.map((approver) =>
         this.pubsub.publish<UserSubscriptionPayload>(
           getUserApproverTrigger(approver as Address),
@@ -122,10 +113,10 @@ export class UsersService {
     ]);
 
     // Remove user -> accounts cache for both old & new user
-    await this.accountsCache.removeUserAccountsCache(oldUser, newUser);
+    await this.accountsCache.removeUserAccountsCache(oldId, newId);
 
     // Remove token
-    await this.redis.del(this.getLinkingTokenKey(oldUser));
+    await this.redis.del(this.getLinkingTokenKey(oldId));
   }
 
   private getLinkingTokenKey(user: uuid) {