Add a command for removing accounts that do not support SPQR
This commit is contained in:
Jon Chambers
Jon Chambers
parent
a741edd80f
commit
132611f159
@ -294,6 +294,7 @@ import org.whispersystems.textsecuregcm.workers.RemoveExpiredAccountsCommand;
|
||||
import org.whispersystems.textsecuregcm.workers.RemoveExpiredBackupsCommand;
|
||||
import org.whispersystems.textsecuregcm.workers.RemoveExpiredLinkedDevicesCommand;
|
||||
import org.whispersystems.textsecuregcm.workers.RemoveExpiredUsernameHoldsCommand;
|
||||
import org.whispersystems.textsecuregcm.workers.RemoveNonSpqrAccountsCommand;
|
||||
import org.whispersystems.textsecuregcm.workers.RemoveNonSpqrLinkedDevicesCommand;
|
||||
import org.whispersystems.textsecuregcm.workers.RemoveOrphanedPreKeyPagesCommand;
|
||||
import org.whispersystems.textsecuregcm.workers.ScheduledApnPushNotificationSenderServiceCommand;
|
||||
@ -358,6 +359,7 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
|
||||
bootstrap.addCommand(new NotifyIdleDevicesCommand());
|
||||
bootstrap.addCommand(new ClearIssuedReceiptRedemptionsCommand());
|
||||
bootstrap.addCommand(new RemoveNonSpqrLinkedDevicesCommand());
|
||||
bootstrap.addCommand(new RemoveNonSpqrAccountsCommand());
|
||||
|
||||
bootstrap.addCommand(new ProcessScheduledJobsServiceCommand("process-idle-device-notification-jobs",
|
||||
"Processes scheduled jobs to send notifications to idle devices",
|
||||
|
||||
@ -0,0 +1,97 @@
|
||||
/*
|
||||
* Copyright 2026 Signal Messenger, LLC
|
||||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
package org.whispersystems.textsecuregcm.workers;
|
||||
|
||||
import io.micrometer.core.instrument.Counter;
|
||||
import io.micrometer.core.instrument.Metrics;
|
||||
import net.sourceforge.argparse4j.inf.Subparser;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.whispersystems.textsecuregcm.identity.IdentityType;
|
||||
import org.whispersystems.textsecuregcm.metrics.MetricsUtil;
|
||||
import org.whispersystems.textsecuregcm.storage.Account;
|
||||
import org.whispersystems.textsecuregcm.storage.AccountsManager;
|
||||
import org.whispersystems.textsecuregcm.storage.DeviceCapability;
|
||||
import reactor.core.publisher.Flux;
|
||||
import reactor.core.publisher.Mono;
|
||||
import reactor.util.retry.Retry;
|
||||
import java.time.Duration;
|
||||
|
||||
public class RemoveNonSpqrAccountsCommand extends AbstractSinglePassCrawlAccountsCommand {
|
||||
|
||||
static final String MAX_ACCOUNTS_ARGUMENT = "maxAccounts";
|
||||
static final String MAX_CONCURRENCY_ARGUMENT = "maxConcurrency";
|
||||
static final String DRY_RUN_ARGUMENT = "dryRun";
|
||||
|
||||
private static final String REMOVE_ACCOUNT_COUNTER_NAME =
|
||||
MetricsUtil.name(RemoveNonSpqrAccountsCommand.class, "removeAccount");
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(RemoveNonSpqrAccountsCommand.class);
|
||||
|
||||
public RemoveNonSpqrAccountsCommand() {
|
||||
super("remove-non-spqr-accounts", "Removes accounts whose primary devices do not support SPQR");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void configure(final Subparser subparser) {
|
||||
super.configure(subparser);
|
||||
|
||||
subparser.addArgument("--max-accounts")
|
||||
.type(Integer.class)
|
||||
.dest(MAX_ACCOUNTS_ARGUMENT)
|
||||
.required(true)
|
||||
.help("Max accounts to remove in a single run of this command");
|
||||
|
||||
subparser.addArgument("--max-concurrency")
|
||||
.type(Integer.class)
|
||||
.dest(MAX_CONCURRENCY_ARGUMENT)
|
||||
.required(false)
|
||||
.setDefault(32)
|
||||
.help("Max concurrency for DynamoDB operations");
|
||||
|
||||
subparser.addArgument("--dry-run")
|
||||
.type(Boolean.class)
|
||||
.dest(DRY_RUN_ARGUMENT)
|
||||
.required(false)
|
||||
.setDefault(true)
|
||||
.help("If true, don't actually remove accounts");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void crawlAccounts(final Flux<Account> accounts) {
|
||||
final int maxAccounts = getNamespace().getInt(MAX_ACCOUNTS_ARGUMENT);
|
||||
final int maxConcurrency = getNamespace().getInt(MAX_CONCURRENCY_ARGUMENT);
|
||||
final boolean dryRun = getNamespace().getBoolean(DRY_RUN_ARGUMENT);
|
||||
|
||||
final AccountsManager accountsManager = getCommandDependencies().accountsManager();
|
||||
|
||||
final Counter removeAccountCounterName =
|
||||
Metrics.counter(REMOVE_ACCOUNT_COUNTER_NAME, "dryRun", String.valueOf(dryRun));
|
||||
|
||||
accounts
|
||||
.filter(account -> !account.getPrimaryDevice().hasCapability(DeviceCapability.SPARSE_POST_QUANTUM_RATCHET))
|
||||
.take(maxAccounts)
|
||||
.flatMap(account -> {
|
||||
final Mono<Void> removeAccountMono = dryRun
|
||||
? Mono.empty()
|
||||
: Mono.fromRunnable(() -> accountsManager.delete(account, AccountsManager.DeletionReason.ADMIN_DELETED))
|
||||
.retryWhen(Retry.backoff(3, Duration.ofSeconds(1)))
|
||||
.onErrorResume(throwable -> {
|
||||
logger.warn("Failed to remove account: {}",
|
||||
account.getIdentifier(IdentityType.ACI),
|
||||
throwable);
|
||||
|
||||
return Mono.empty();
|
||||
})
|
||||
.then();
|
||||
|
||||
return removeAccountMono
|
||||
.doOnSuccess(_ -> removeAccountCounterName.increment());
|
||||
}, maxConcurrency)
|
||||
.then()
|
||||
.block();
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,107 @@
|
||||
/*
|
||||
* Copyright 2026 Signal Messenger, LLC
|
||||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
package org.whispersystems.textsecuregcm.workers;
|
||||
|
||||
import net.sourceforge.argparse4j.inf.Namespace;
|
||||
import org.junit.jupiter.api.RepeatedTest;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.params.ParameterizedTest;
|
||||
import org.junit.jupiter.params.provider.ValueSource;
|
||||
import org.whispersystems.textsecuregcm.storage.Account;
|
||||
import org.whispersystems.textsecuregcm.storage.AccountsManager;
|
||||
import org.whispersystems.textsecuregcm.storage.Device;
|
||||
import org.whispersystems.textsecuregcm.storage.DeviceCapability;
|
||||
import reactor.core.publisher.Flux;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.*;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.argThat;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.never;
|
||||
import static org.mockito.Mockito.times;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.verifyNoMoreInteractions;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
class RemoveNonSpqrAccountsCommandTest {
|
||||
|
||||
private static class TestRemoveNonSpqrAccountsCommand extends RemoveNonSpqrAccountsCommand {
|
||||
|
||||
private final CommandDependencies commandDependencies;
|
||||
private final Namespace namespace;
|
||||
|
||||
public TestRemoveNonSpqrAccountsCommand(final int maxAccounts, final boolean isDryRun) {
|
||||
|
||||
commandDependencies = mock(CommandDependencies.class);
|
||||
when(commandDependencies.accountsManager()).thenReturn(mock(AccountsManager.class));
|
||||
|
||||
namespace = new Namespace(Map.of(
|
||||
RemoveNonSpqrAccountsCommand.MAX_ACCOUNTS_ARGUMENT, maxAccounts,
|
||||
RemoveNonSpqrAccountsCommand.DRY_RUN_ARGUMENT, isDryRun,
|
||||
RemoveNonSpqrAccountsCommand.MAX_CONCURRENCY_ARGUMENT, 16));
|
||||
}
|
||||
|
||||
@Override
|
||||
protected CommandDependencies getCommandDependencies() {
|
||||
return commandDependencies;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected Namespace getNamespace() {
|
||||
return namespace;
|
||||
}
|
||||
}
|
||||
|
||||
@ParameterizedTest
|
||||
@ValueSource(booleans = {true, false})
|
||||
void crawlAccounts(final boolean dryRun) {
|
||||
final int maxAccountsToRemove = 4;
|
||||
|
||||
final List<Account> accounts = new ArrayList<>();
|
||||
|
||||
for (int i = 0; i < maxAccountsToRemove * 2; i++) {
|
||||
accounts.add(buildMockAccount(true));
|
||||
}
|
||||
|
||||
for (int i = 0; i < maxAccountsToRemove * 2; i++) {
|
||||
accounts.add(buildMockAccount(false));
|
||||
}
|
||||
|
||||
Collections.shuffle(accounts);
|
||||
|
||||
final RemoveNonSpqrAccountsCommand removeNonSpqrAccountsCommand =
|
||||
new TestRemoveNonSpqrAccountsCommand(maxAccountsToRemove, dryRun);
|
||||
|
||||
removeNonSpqrAccountsCommand.crawlAccounts(Flux.fromIterable(accounts));
|
||||
|
||||
final AccountsManager accountsManager = removeNonSpqrAccountsCommand.getCommandDependencies().accountsManager();
|
||||
|
||||
if (dryRun) {
|
||||
verify(accountsManager, never()).delete(any(), any());
|
||||
} else {
|
||||
verify(accountsManager, times(maxAccountsToRemove)).delete(
|
||||
argThat(account -> !account.getPrimaryDevice().hasCapability(DeviceCapability.SPARSE_POST_QUANTUM_RATCHET)),
|
||||
eq(AccountsManager.DeletionReason.ADMIN_DELETED));
|
||||
|
||||
verifyNoMoreInteractions(accountsManager);
|
||||
}
|
||||
}
|
||||
|
||||
private static Account buildMockAccount(final boolean supportsSpqr) {
|
||||
final Device primaryDevice = mock(Device.class);
|
||||
when(primaryDevice.hasCapability(DeviceCapability.SPARSE_POST_QUANTUM_RATCHET)).thenReturn(supportsSpqr);
|
||||
|
||||
final Account account = mock(Account.class);
|
||||
when(account.getPrimaryDevice()).thenReturn(primaryDevice);
|
||||
|
||||
return account;
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user