Unconditionally reject crates published without a verified email

Remove all code and tests having to do with the warnings we issued and
the date checking around the cutover date.

Author: carols10cents

Cargo.toml

@@ -66,10 +66,6 @@ parking_lot = "0.7.1"
 jemallocator = { version = "0.1.8", features = ['unprefixed_malloc_on_supported_platforms'] }
 jemalloc-ctl = "0.2.0"
 
-# This can be moved back to a dev dependency after 2019-02-28, when the
-# VERIFIED_EMAIL_REQUIRED_DATE is removed from src/controllers/krate/publish.rs.
-lazy_static = "1.0"
-
 lettre = {git = "https://github.com/lettre/lettre", version = "0.9"}
 lettre_email = {git = "https://github.com/lettre/lettre", version = "0.9"}
 
@@ -88,6 +84,7 @@ conduit-test = "0.8"
 hyper = "0.12"
 hyper-tls = "0.3"
 futures = "0.1"
+lazy_static = "1.0"
 tokio-core = "0.1"
 tokio-service = "0.1"
 

src/bin/update-downloads.rs

@@ -149,9 +149,7 @@ mod test {
             user_id,
         )
         .unwrap();
-        let version = version
-            .save(conn, &[], Some("[email protected]".into()))
-            .unwrap();
+        let version = version.save(conn, &[], "[email protected]").unwrap();
         (krate, version)
     }
 

src/controllers/krate/publish.rs

@@ -3,8 +3,6 @@
 use std::collections::HashMap;
 use std::sync::Arc;
 
-use chrono::offset::TimeZone;
-use chrono::{DateTime, Utc};
 use hex::ToHex;
 
 use crate::git;
@@ -67,14 +65,13 @@ pub fn publish(req: &mut dyn Request) -> CargoResult<Response> {
 
     let conn = app.diesel_database.get()?;
 
-    let mut other_warnings = vec![];
     let verified_email_address = user.verified_email(&conn)?;
-
-    // This function can be inlined (with only the error-returning functionality) and its unit
-    // tests deleted after 2019-02-28; it was created to make injecting the date for tests easier.
-    // The integration tests in src/tests/krate.rs cover the current production behavior (and will
-    // need to be updated at that time)
-    verified_email_check(&mut other_warnings, &verified_email_address, Utc::now())?;
+    let verified_email_address = verified_email_address.ok_or_else(|| {
+        human(
+            "A verified email address is required to publish crates to crates.io. \
+             Visit https://crates.io/me to set and verify your email address.",
+        )
+    })?;
 
     // Create a transaction on the database, if there are no errors,
     // commit the transactions to record a new or updated crate.
@@ -150,7 +147,7 @@ pub fn publish(req: &mut dyn Request) -> CargoResult<Response> {
             file_length as i32,
             user.id,
         )?
-        .save(&conn, &new_crate.authors, verified_email_address)?;
+        .save(&conn, &new_crate.authors, &verified_email_address)?;
 
         // Link this new version to all dependencies
         let git_deps = dependency::add_dependencies(&conn, &new_crate.deps, version.id)?;
@@ -210,10 +207,13 @@ pub fn publish(req: &mut dyn Request) -> CargoResult<Response> {
         crate_bomb.path = None;
         readme_bomb.path = None;
 
+        // The `other` field on `PublishWarnings` was introduced to handle a temporary warning
+        // that is no longer needed. As such, crates.io currently does not return any `other`
+        // warnings at this time, but if we need to, the field is available.
         let warnings = PublishWarnings {
             invalid_categories: ignored_invalid_categories,
             invalid_badges: ignored_invalid_badges,
-            other: other_warnings,
+            other: vec![],
         };
 
         Ok(req.json(&GoodCrate {
@@ -268,102 +268,3 @@ fn parse_new_headers(req: &mut dyn Request) -> CargoResult<(EncodableCrateUpload
     let user = req.user()?;
     Ok((new, user.clone()))
 }
-
-lazy_static! {
-    static ref VERIFIED_EMAIL_REQUIRED_DATE: DateTime<Utc> =
-        { Utc.ymd(2019, 3, 1).and_hms(0, 0, 0) };
-}
-
-fn verified_email_check(
-    other_warnings: &mut Vec<String>,
-    verified_email_address: &Option<String>,
-    now: DateTime<Utc>,
-) -> CargoResult<()> {
-    match verified_email_address {
-        Some(_) => Ok(()),
-        None => {
-            if now < *VERIFIED_EMAIL_REQUIRED_DATE {
-                other_warnings.push(String::from(
-                    "You do not currently have a verified email address associated with your \
-                     crates.io account. Starting 2019-02-28, a verified email will be required to \
-                     publish crates. Visit https://crates.io/me to set and verify your email \
-                     address.",
-                ));
-                Ok(())
-            } else {
-                Err(human(
-                    "A verified email address is required to publish crates to crates.io. \
-                     Visit https://crates.io/me to set and verify your email address.",
-                ))
-            }
-        }
-    }
-}
-
-// These tests should be deleted after 2018-02-28; this functionality will then be covered by
-// integration tests in src/tests/krate.rs.
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use chrono::offset::TimeZone;
-
-    #[test]
-    fn allow_publish_with_verified_email_without_warning_before_2018_02_28() {
-        let mut warnings = vec![];
-
-        let fake_current_date = Utc.ymd(2019, 2, 27).and_hms(0, 0, 0);
-        let result = verified_email_check(
-            &mut warnings,
-            &Some("[email protected]".into()),
-            fake_current_date,
-        );
-
-        assert!(result.is_ok());
-        assert_eq!(warnings.len(), 0);
-    }
-
-    #[test]
-    fn allow_publish_with_verified_email_without_error_after_2018_02_28() {
-        let mut warnings = vec![];
-
-        let fake_current_date = Utc.ymd(2019, 3, 1).and_hms(0, 0, 0);
-        let result = verified_email_check(
-            &mut warnings,
-            &Some("[email protected]".into()),
-            fake_current_date,
-        );
-
-        assert!(result.is_ok());
-        assert_eq!(warnings.len(), 0);
-    }
-
-    #[test]
-    fn warn_without_verified_email_before_2018_02_28() {
-        let mut warnings = vec![];
-
-        let fake_current_date = Utc.ymd(2019, 2, 27).and_hms(0, 0, 0);
-        let result = verified_email_check(&mut warnings, &None, fake_current_date);
-
-        assert!(result.is_ok());
-        assert_eq!(warnings.len(), 1);
-        assert_eq!(warnings[0], "You do not currently have a verified email address associated \
-            with your crates.io account. Starting 2019-02-28, a verified email will be required to \
-            publish crates. Visit https://crates.io/me to set and verify your email address.");
-    }
-
-    #[test]
-    fn error_without_verified_email_after_2018_02_28() {
-        let mut warnings = vec![];
-
-        let fake_current_date = Utc.ymd(2019, 3, 1).and_hms(0, 0, 0);
-        let result = verified_email_check(&mut warnings, &None, fake_current_date);
-
-        assert!(result.is_err());
-        assert_eq!(
-            result.err().unwrap().description(),
-            "A verified email address is required to \
-             publish crates to crates.io. Visit https://crates.io/me to set and verify your email \
-             address."
-        );
-    }
-}

src/lib.rs

@@ -18,8 +18,6 @@ extern crate log;
 extern crate serde_derive;
 #[macro_use]
 extern crate serde_json;
-#[macro_use]
-extern crate lazy_static;
 
 pub use crate::{app::App, config::Config, uploaders::Uploader};
 use std::sync::Arc;

src/models/version.rs

@@ -148,12 +148,11 @@ impl NewVersion {
         Ok(new_version)
     }
 
-    // TODO: change `published_by_email` to be `String` after 2019-02-28
     pub fn save(
         &self,
         conn: &PgConnection,
         authors: &[String],
-        published_by_email: Option<String>,
+        published_by_email: &str,
     ) -> CargoResult<Version> {
         use crate::schema::version_authors::{name, version_id};
         use crate::schema::versions::dsl::*;
@@ -176,15 +175,12 @@ impl NewVersion {
                 .values(self)
                 .get_result::<Version>(conn)?;
 
-            // TODO: Remove the `if` around this insert after 2019-02-28
-            if let Some(published_by_email) = published_by_email {
-                insert_into(versions_published_by::table)
-                    .values((
-                        versions_published_by::version_id.eq(version.id),
-                        versions_published_by::email.eq(published_by_email),
-                    ))
-                    .execute(conn)?;
-            }
+            insert_into(versions_published_by::table)
+                .values((
+                    versions_published_by::version_id.eq(version.id),
+                    versions_published_by::email.eq(published_by_email),
+                ))
+                .execute(conn)?;
 
             let new_authors = authors
                 .iter()

src/tests/builders.rs

@@ -90,7 +90,7 @@ impl<'a> VersionBuilder<'a> {
             self.size,
             published_by,
         )?
-        .save(connection, &[], Some("[email protected]".into()))?;
+        .save(connection, &[], "[email protected]")?;
 
         if self.yanked {
             vers = update(&vers)