push: Fix exceptions when removing push notifications.

Now that we allow multiple users to have registered the same token, we need to configure calls to unregister tokens to only query the targeted user_id. We conveniently were already passing the `user_id` into the push notification bouncer for the remove API, so no migration for older Zulip servers is required.
2025-10-28 10:33:54 +00:00 · 2018-10-12 11:18:07 -07:00
parent 3545bc1893
commit 68ab71eb8b
3 changed files with 4 additions and 1 deletions
--- a/zerver/lib/push_notifications.py
+++ b/zerver/lib/push_notifications.py
@@ -396,7 +396,7 @@ def remove_push_device_token(user_profile: UserProfile, token_str: bytes, kind:
        return

    try:
-        token = PushDeviceToken.objects.get(token=token_str, kind=kind)
+        token = PushDeviceToken.objects.get(token=token_str, kind=kind, user=user_profile)
        token.delete()
    except PushDeviceToken.DoesNotExist:
        raise JsonableError(_("Token does not exist"))
--- a/zerver/tests/test_push_notifications.py
+++ b/zerver/tests/test_push_notifications.py
@@ -106,6 +106,7 @@ class PushBouncerNotificationTest(BouncerTestCase):
        realm.save()

        result = self.api_post(self.example_email("hamlet"), endpoint, {'token': token,
+                                                                        'user_id': 15,
                                                                        'token_kind': token_kind},
                               realm="")
        self.assert_json_error(result, "Must validate with valid Zulip server API key")
--- a/zilencer/views.py
+++ b/zilencer/views.py
@@ -102,11 +102,13 @@ def register_remote_push_device(request: HttpRequest, entity: Union[UserProfile,
 def unregister_remote_push_device(request: HttpRequest, entity: Union[UserProfile, RemoteZulipServer],
                                  token: bytes=REQ(),
                                  token_kind: int=REQ(validator=check_int),
+                                  user_id: int=REQ(),
                                  ios_app_id: Optional[str]=None) -> HttpResponse:
    validate_bouncer_token_request(entity, token, token_kind)
    server = cast(RemoteZulipServer, entity)
    deleted = RemotePushDeviceToken.objects.filter(token=token,
                                                   kind=token_kind,
+                                                   user_id=user_id,
                                                   server=server).delete()
    if deleted[0] == 0:
        return json_error(err_("Token does not exist"))