Merge lp:~sinzui/launchpad/unique-openid-identifiers-0 into lp:launchpad
Status: | Merged | ||||
---|---|---|---|---|---|
Approved by: | Aaron Bentley | ||||
Approved revision: | no longer in the source branch. | ||||
Merged at revision: | 11043 | ||||
Proposed branch: | lp:~sinzui/launchpad/unique-openid-identifiers-0 | ||||
Merge into: | lp:launchpad | ||||
Diff against target: |
140 lines (+71/-7) 3 files modified
lib/lp/registry/doc/person-merge.txt (+1/-1) lib/lp/registry/model/person.py (+10/-5) lib/lp/registry/tests/test_person.py (+60/-1) |
||||
To merge this branch: | bzr merge lp:~sinzui/launchpad/unique-openid-identifiers-0 | ||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Aaron Bentley (community) | Approve | ||
Review via email: mp+28081@code.launchpad.net |
Description of the change
This is my branch to ensure openid identifiers are unique after a merge.
lp:~sinzui/launchpad/unique-openid-identifiers-0
Diff size: 48
Launchpad bug:
https:/
Test command: ./bin/test -vv \
-t person-merge.txt
Pre-
Target release: 10.06
Ensure openid identifiers are unique after a merge
-------
As seen on OOPS-1626B636 an IntegrityError: duplicate key value violates
unique constraint "account_
was trying to merge accounts
...
It is possible that the account identifier was once used, someone merge the
account, This user got the same identifier, then tried a merge. This is a
legitimate scenario, though I would have expected such an event to be unlikely
to happen in 10 years--it happened in 2 weeks.
...
I have looked at the data synced on staging and I can confirm that the openid
identifier was indeed reused after it was freed and renamed to 'merged-*'. The
code needs a mechanism to create a unique merged openid identifier. I propose
we use the datetime to ensure no collision.
Rules
-----
* Update Person.merge() to add a sequence to the renamed identifier
to guarantee that if a reused identifier is merged, it will not
collide with a previously merged identifier:
merge_
* Use seconds from the epoch for the sequence because we do not need
to guess a sequence number...we know the identifier was unique when
the account was created.
QA
--
* Ask Oleg Trifonov to join the beta team to gain access to edge.
* Ask Oleg to merge his two accounts.
Lint
----
Linting changed files:
lib/lp/
lib/lp/
Test
----
* lib/lp/
* Updated the test to verify the epoch seconds are in the merged
openid identifier string.
Implementation
--------------
* lib/lp/
* Created epoch seconds from the accounts date_created.
This looks good so far, but it needs a unit test.
Also, I think "dash which does not occur in SSO identifier." should be "dash, which does not occur in SSO identifiers."