deprecating Storage

Author: pcrespov

packages/postgres-database/src/simcore_postgres_database/utils_users.py

@@ -107,12 +107,13 @@ async def new_user(
         password_hash: str,
         status: UserStatus,
         expires_at: datetime | None,
+        role: UserRole = UserRole.USER,
     ) -> UserRow:
         user_data: dict[str, Any] = {
             "name": _generate_username_from_email(email),
             "email": email,
             "status": status,
-            "role": UserRole.USER,
+            "role": role,
             "expires_at": expires_at,
         }
 

services/web/server/src/simcore_service_webserver/garbage_collector/_core_guests.py

@@ -159,7 +159,7 @@ async def remove_guest_user_with_all_its_resources(
             "Deleting user %s because it is a GUEST",
             f"{user_id=}",
         )
-        await users_service.delete_user_without_projects(app, user_id)
+        await users_service.delete_user_without_projects(app, user_id=user_id)
 
     except (
         DatabaseError,

services/web/server/src/simcore_service_webserver/login/_invitations_service.py

@@ -40,6 +40,7 @@
     InvitationsServiceUnavailableError,
 )
 from ..products.models import Product
+from ..users import users_service
 from . import _auth_service, _confirmation_service
 from ._login_repository_legacy import (
     AsyncpgStorage,
@@ -144,7 +145,9 @@ async def check_other_registrations(
                 )
                 if drop_previous_registration:
                     if not _confirmation:
-                        await db.delete_user(user=dict(user))
+                        await users_service.delete_user_without_projects(
+                            app, user_id=user["id"], clean_cache=False
+                        )
                     else:
                         await db.delete_confirmation_and_user(
                             user_id=user["id"], confirmation=_confirmation

services/web/server/src/simcore_service_webserver/login/_login_repository_legacy.py

@@ -48,38 +48,6 @@ def __init__(
         self.user_tbl = user_table_name
         self.confirm_tbl = confirmation_table_name
 
-    #
-    # CRUD user
-    #
-
-    async def create_user(self, data: dict[str, Any]) -> dict[str, Any]:
-        async with self.pool.acquire() as conn:
-            user_id = await _login_repository_legacy_sql.insert(
-                conn, self.user_tbl, data
-            )
-            new_user = await _login_repository_legacy_sql.find_one(
-                conn, self.user_tbl, {"id": user_id}
-            )
-            assert new_user  # nosec
-            data.update(
-                id=new_user["id"],
-                created_at=new_user["created_at"],
-                primary_gid=new_user["primary_gid"],
-            )
-        return data
-
-    async def update_user(self, user: dict[str, Any], updates: dict[str, Any]) -> None:
-        async with self.pool.acquire() as conn:
-            await _login_repository_legacy_sql.update(
-                conn, self.user_tbl, {"id": user["id"]}, updates
-            )
-
-    async def delete_user(self, user: dict[str, Any]) -> None:
-        async with self.pool.acquire() as conn:
-            await _login_repository_legacy_sql.delete(
-                conn, self.user_tbl, {"id": user["id"]}
-            )
-
     #
     # CRUD confirmation
     #

services/web/server/src/simcore_service_webserver/studies_dispatcher/_users.py

@@ -17,17 +17,21 @@
 
 import redis.asyncio as aioredis
 from aiohttp import web
+from common_library.users_enums import UserRole, UserStatus
 from models_library.emails import LowerCaseEmailStr
+from models_library.users import UserID
 from pydantic import BaseModel, TypeAdapter
 from redis.exceptions import LockNotOwnedError
 from servicelib.aiohttp.application_keys import APP_FIRE_AND_FORGET_TASKS_KEY
 from servicelib.logging_utils import log_decorator
 from servicelib.utils import fire_and_forget_task
 from servicelib.utils_secrets import generate_password
+from simcore_postgres_database.utils_users import UsersRepo
 
+from ..db.plugin import get_asyncpg_engine
 from ..garbage_collector.settings import GUEST_USER_RC_LOCK_FORMAT
-from ..groups.api import auto_add_user_to_product_group
-from ..login._login_service import ACTIVE, GUEST
+from ..groups import api as groups_service
+from ..login._login_service import GUEST
 from ..login.login_repository_legacy import AsyncpgStorage, get_plugin_storage
 from ..products import products_web
 from ..redis import get_redis_lock_manager_client
@@ -109,31 +113,33 @@ async def create_temporary_guest_user(request: web.Request):
     password = generate_password(length=12)
     expires_at = datetime.utcnow() + settings.STUDIES_GUEST_ACCOUNT_LIFETIME
 
-    usr = None
+    user_id: UserID | None = None
+
+    repo = UsersRepo(get_asyncpg_engine(request.app))
+
     try:
         async with redis_locks_client.lock(
             GUEST_USER_RC_LOCK_FORMAT.format(user_id=random_user_name),
             timeout=MAX_DELAY_TO_CREATE_USER,
         ):
             # NOTE: usr Dict is incomplete, e.g. does not contain primary_gid
-            usr = await db.create_user(
-                {
-                    "name": random_user_name,
-                    "email": email,
-                    "password_hash": security_service.encrypt_password(password),
-                    "status": ACTIVE,
-                    "role": GUEST,
-                    "expires_at": expires_at,
-                }
+            user_row = await repo.new_user(
+                email=email,
+                password_hash=security_service.encrypt_password(password),
+                status=UserStatus.ACTIVE,
+                role=UserRole.GUEST,
+                expires_at=expires_at,
             )
-            user = await users_service.get_user(request.app, usr["id"])
-            await auto_add_user_to_product_group(
-                request.app, user_id=user["id"], product_name=product_name
+            user_id = user_row.id
+
+            user = await users_service.get_user(request.app, user_id)
+            await groups_service.auto_add_user_to_product_group(
+                request.app, user_id=user_id, product_name=product_name
             )
 
             # (2) read details above
             await redis_locks_client.lock(
-                GUEST_USER_RC_LOCK_FORMAT.format(user_id=user["id"]),
+                GUEST_USER_RC_LOCK_FORMAT.format(user_id=user_id),
                 timeout=MAX_DELAY_TO_GUEST_FIRST_CONNECTION,
             ).acquire()
 
@@ -146,14 +152,16 @@ async def create_temporary_guest_user(request: web.Request):
         # stop creating GUEST users.
 
         # NOTE: here we cleanup but if any trace is left it will be deleted by gc
-        if usr is not None and usr.get("id"):
+        if user_id:
 
-            async def _cleanup(draft_user):
+            async def _cleanup():
                 with suppress(Exception):
-                    await db.delete_user(draft_user)
+                    await users_service.delete_user_without_projects(
+                        request.app, user_id=user_id, clean_cache=False
+                    )
 
             fire_and_forget_task(
-                _cleanup(usr),
+                _cleanup(),
                 task_suffix_name="cleanup_temporary_guest_user",
                 fire_and_forget_tasks_collection=request.app[
                     APP_FIRE_AND_FORGET_TASKS_KEY

services/web/server/src/simcore_service_webserver/users/_users_service.py

@@ -213,7 +213,9 @@ async def get_user_invoice_address(
 #
 
 
-async def delete_user_without_projects(app: web.Application, user_id: UserID) -> None:
+async def delete_user_without_projects(
+    app: web.Application, *, user_id: UserID, clean_cache: bool = True
+) -> None:
     """Deletes a user from the database if the user exists"""
     # WARNING: user cannot be deleted without deleting first all ist project
     # otherwise this function will raise asyncpg.exceptions.ForeignKeyViolationError
@@ -228,9 +230,10 @@ async def delete_user_without_projects(app: web.Application, user_id: UserID) ->
         )
         return
 
-    # This user might be cached in the auth. If so, any request
-    # with this user-id will get thru producing unexpected side-effects
-    await security_service.clean_auth_policy_cache(app)
+    if clean_cache:
+        # This user might be cached in the auth. If so, any request
+        # with this user-id will get thru producing unexpected side-effects
+        await security_service.clean_auth_policy_cache(app)
 
 
 async def set_user_as_deleted(app: web.Application, *, user_id: UserID) -> None:

services/web/server/tests/unit/with_dbs/03/login/test_login_logout.py

@@ -15,8 +15,7 @@ async def test_logout(client: TestClient, db: AsyncpgStorage):
     logout_url = client.app.router["auth_logout"].url_for()
     protected_url = client.app.router["get_my_profile"].url_for()
 
-    async with LoggedUser(client) as user:
-
+    async with LoggedUser(client):
         # try to access protected page
         response = await client.get(f"{protected_url}")
         assert response.url.path == protected_url.path
@@ -31,5 +30,3 @@ async def test_logout(client: TestClient, db: AsyncpgStorage):
         response = await client.get(f"{protected_url}")
         assert response.url.path == protected_url.path
         await assert_status(response, status.HTTP_401_UNAUTHORIZED)
-
-    await db.delete_user(user)

services/web/server/tests/unit/with_dbs/04/studies_dispatcher/test_studies_dispatcher_studies_access.py

@@ -421,7 +421,7 @@ async def enforce_garbage_collect_guest(uid):
         )
         await delete_task
 
-        await delete_user_without_projects(app, uid)
+        await delete_user_without_projects(app, user_id=uid)
         return uid
 
     user_id = await enforce_garbage_collect_guest(uid=data["id"])