Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reap singleUse actors #996

Open
matthew-white opened this issue Sep 19, 2023 · 1 comment
Open

Reap singleUse actors #996

matthew-white opened this issue Sep 19, 2023 · 1 comment

Comments

@matthew-white
Copy link
Member

singleUse actors are for internal use:

  • When a password reset is initiated, a singleUse actor is created and assigned the pwreset role. A 24-hour session is created for the actor, and the session's token is sent over email as part of a password reset URL.
  • When a form is published, a singleUse actor is created and assigned the formview role in order to provide Enketo temporary access to the form. A 15-minute session is created for the actor.
  • Formerly, Google Drive backups created singleUse actors. Google Drive backups have been removed.

In some cases, singleUse actors are deleted:

  • If an actor with a pwreset assignment is used to change a password, the actor is then "consumed" (Actors.consume()).
  • All singleUse actors created for Google Drive backups should be deleted now that that functionality has been removed.

However, I think that in other cases, singleUse actors are not deleted:

  • 24 hours elapse before a password reset token is used. In that case, a new password reset must be requested. Yet the old singleUse actor is never deleted.
  • Actors with a formview assignment are never deleted.

Looking at the QA server, I see:

  • A smaller number of non-deleted actors with a pwreset assignment
  • A much larger number of non-deleted actors with a formview assignment. A larger number makes sense given that every form will be associated with at least one formview actor. (It could be more than one if a request to Enketo fails.)
  • I see a number of singleUse actors that are not deleted, yet do not have an assignment. In all cases, their displayName contains "Enketo sync token". I assume these correspond to deleted forms.
  • Some deleted singleUse actors correspond to Google Drive backups. That's expected.

Given that these singleUse actors are tightly coupled with a single session, I think we should consider deleting them when we reap sessions (lib/task/reap-sessions.js). Specifically, if a session is expired, and the session was for a singleUse actor, then delete both the session and the actor.

We could also consider writing a migration to delete existing singleUse actors that are unneeded. To me, that seems lower-priority but still worthwhile.
@matthew-white matthew-white mentioned this issue Sep 19, 2023
Open
@alxndrsn
Copy link
Contributor

alxndrsn commented Feb 6, 2024

Is there any other record that a single-use actor has been created? If not, could they be important for audit purposes?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alxndrsn @matthew-white