From 64d7734d884ea7e69a1ebdeff39aced397c8b3e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bart=C5=82omiej=20Klocek?= Date: Fri, 17 Jan 2025 09:37:21 +0100 Subject: [PATCH] [identity] Allow migration for non-primary device Summary: Fixes [[ https://linear.app/comm/issue/ENG-10101/non-primary-device-is-unable-to-migrate-to-v2 | ENG-10101 ]]. Moved the primary device condition to a new-flow-only block Test Plan: - Made sure RPC is still callable only from primary device for v2 users - Verified that migration is now possible from non primary device Reviewers: kamil, tomek Reviewed By: kamil, tomek Subscribers: ashoat Differential Revision: https://phab.comm.dev/D14219 --- .../identity/src/grpc_services/authenticated.rs | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/services/identity/src/grpc_services/authenticated.rs b/services/identity/src/grpc_services/authenticated.rs index 3becad05b8..d74589b5b9 100644 --- a/services/identity/src/grpc_services/authenticated.rs +++ b/services/identity/src/grpc_services/authenticated.rs @@ -935,13 +935,6 @@ impl IdentityClientService for AuthenticatedService { request: tonic::Request, ) -> Result, tonic::Status> { let (user_id, device_id) = get_user_and_device_id(&request)?; - self - .verify_device_on_device_list( - &user_id, - &device_id, - DeviceListItemKind::Primary, - ) - .await?; let is_new_flow_user = self .db_client @@ -953,7 +946,14 @@ impl IdentityClientService for AuthenticatedService { let update = DeviceListUpdate::try_from(new_list)?; let validator = if is_new_flow_user { - // regular device list update + // Regular device list update. Issuer must be the primary device. + self + .verify_device_on_device_list( + &user_id, + &device_id, + DeviceListItemKind::Primary, + ) + .await?; Some(crate::device_list::validation::update_device_list_rpc_validator) } else { // new flow migration