Merge pull request #3280 from akatsoulas/account-deracheting

Simplify login for account deracheting.

mozillians/common/authbackend.py

@@ -3,7 +3,6 @@ import hashlib
 import json
 import re
 
-from django.db import transaction
 from django.conf import settings
 from django.contrib.auth.models import User
 
@@ -158,18 +157,19 @@ class MozilliansAuthBackend(OIDCAuthenticationBackend):
             email=email,
             auth0_user_id=auth0_user_id)
 
+        # With account deracheting we will always get the same Auth0 user id. Mark it as primary
+        if not obj.primary:
+            obj.primary = True
+            IdpProfile.objects.filter(profile=profile).exclude(id=obj.id).update(primary=False)
+
         # Update/Save the Github username
         if 'github|' in auth0_user_id:
             obj.username = self.claims.get('nickname', '')
-            obj.save()
+        # Save once
+        obj.save()
 
-        idp_q = IdpProfile.objects.filter(profile=profile)
-        # This is happening only the first time a user logs into mozillians.org
-        if not idp_q.filter(primary=True).exists():
-            with transaction.atomic():
-                idp_q.filter(auth0_user_id=auth0_user_id, email=email).update(primary=True)
-                # Update CIS
-                send_userprofile_to_cis.delay(profile.pk)
+        # Update CIS
+        send_userprofile_to_cis.delay(profile.pk)
         return user
 
     def authenticate(self, **kwargs):

mozillians/common/tests/test_authbackend.py

@@ -100,9 +100,9 @@ class MozilliansAuthBackendTests(TestCase):
 
         eq_(IdpProfile.objects.filter(
             profile=user.userprofile, primary=True,
-            username='foo', email='foo@example.com').count(), 0)
+            username='foo', email='foo@example.com').count(), 1)
         eq_(IdpProfile.objects.filter(
-            profile=user.userprofile, primary=True,
+            profile=user.userprofile, primary=False,
             email='foo@bar.com').count(), 1)
 
     def test_filter_users_with_email_belonging_to_non_primary_identity(self):
@@ -113,7 +113,7 @@ class MozilliansAuthBackendTests(TestCase):
             profile=user.userprofile,
             auth0_user_id='email|1',
             email='bar@example.com',
-            primary=False
+            primary=True
         )
         claims = {
             'email': 'bar@example.com',

mozillians/users/signals.py

@@ -1,9 +1,13 @@
+import json
+import logging
 from django.db import transaction
 from django.db.models import signals
 from django.dispatch import receiver
 from django.conf import settings
 from django.contrib.auth.models import User
 
+from raven.contrib.django.raven_compat.models import client as sentry_client
+
 from mozillians.common.utils import bundle_profile_data
 from mozillians.groups.models import Group
 from mozillians.users.models import UserProfile, Vouch
@@ -71,8 +75,20 @@ def push_empty_groups_to_cis(sender, instance, **kwargs):
     Remove all the access groups and tags from the profile.
     """
     from mozillians.users.tasks import send_userprofile_to_cis
-
     data = bundle_profile_data(instance.id, delete=True)
+
+    for d in data:
+        log_name = 'CIS group deletion - {}'.format(d['user_id'])
+        log_data = {
+            'level': logging.DEBUG,
+            'logger': 'mozillians.cis_transaction'
+        }
+        log_extra = {
+            'cis_transaction_data': json.dumps(d)
+        }
+
+        sentry_client.captureMessage(log_name, data=log_data, stack=True, extra=log_extra)
+
     send_userprofile_to_cis.delay(profile_results=data)