notification: Use user_id to find account if multiple on same realm

[chrisbobbe]

Along with making the property required on APNs and FCM payloads.

I noticed the opportunity to do this after reviewing #5100 and #5105.

Fixes: #4631

[gnprice]

Thanks! It'll be great to fix this bug.

Specific comments below. Then more broadly, we just talked through in the office the question of requiring this 2.1+ feature, and concluded we aren't ready to drop notifications entirely from pre-2.1 servers. But this can be revised to keep it as optional, just pass it through, and make use of it.

[gnprice]

This should turn into a case where we test that required fields are required. See 9620629 or other recent changes in git log --stat -p android/app/src/test/.

[gnprice]

In addition to the paragraphs just above, the other simplification I had in mind here is to delete the distinctions between "antiquity" and the earliest supported version on the various properties, and to simplify the paragraphs at the top.

[gnprice]

This should get a test case. See the existing mentions of archaic in the tests.

... Which raises the question why this "baseline" case didn't break:

      // baseline
      expect(make({ realm_uri, recipient_type: 'private', sender_email })).toBeTruthy();
      // missing recipient_type
      expect(make({ realm_uri, sender_email })).toThrow(/archaic/);

It looks like the answer is that it's passing because the make return value is just a closure, and so always truthy -- it needs to be called to actually test anything. Oops. So a prep commit should fix that.

[gnprice]

notif: Expose payload's realm_uri, present since server 2.1, to inner code

s/realm_uri/user_id/?

[gnprice]

The Identity type doesn't have the user ID, and it's not super
convenient to add it there. That's because the Identity type is
based on the Auth type (and we make Identity objects out of Auth
objects at runtime), and the Auth type doesn't have the user ID.
It's not super convenient to give it to the Auth type because there
are places where we make Auth objects but we don't have a user ID,
like `authFromCallbackUrl` in src/start/webAuth.js.

Oof. The Auth does of course have the email. So anywhere we have an Auth and can't readily make an Identity, because we lack the user ID, is an obstacle to converting from emails to IDs, #3764.

In authFromCallbackUrl, we're decoding one of those zulip:// URLs the server used to complete a web login and get us the API key. So we should get the server to start giving us user IDs there, even if we won't be able to count on their presence for a while. That should be a thread in #api design, then.

[gnprice]

Best to keep the name for this one commit. 🙂

• The commit is marked NFC, which it isn't if a name sent in logging changes.
• "Unique identities" is still an accurate description, and clearer what it means, because we're only counting up distinct emails (for this realm), not looking for other properties of an Account.

[gnprice]

nit: this TODO comment should go away in the later commit where we start using the user_id

[gnprice]

Let's do the search for a user_id match regardless of whether there are one or several realm-URL matches. That way we notice if the one account in the realm isn't actually for the right user.

[gnprice]

Let's leave on this a one-line comment saying it was new in 2.1. That'll be helpful to refer to when seeing Sentry warnings about dropping FCM messages where it's absent.

(I see I didn't do this in 9620629, but I realize now I should have.)

[gnprice]

The let here is redundant; can simplify it out.

(It's redundant on the previous line too. Looks like it got left behind in 9620629 when I made realmUri non-nullable; before that it was ?.let and was doing something useful.)

[chrisbobbe]

Thanks for the review! Revision pushed.

Then more broadly, we just talked through in the office the question of requiring this 2.1+ feature, and concluded we aren't ready to drop notifications entirely from pre-2.1 servers. But this can be revised to keep it as optional, just pass it through, and make use of it.

Indeed. Because of this, there are several of your comments (from before we decided that) that I haven't acted on—please let me know if I've dropped some that I shouldn't have. 🙂

[gnprice]

Thanks for the revision! This looks good, modulo a couple of things in the last commit. Comments below, and it looks like #5108 (comment) still applies.

[gnprice]

This isn't quite true yet -- this code will apply when there's just one element in urlMatches.

[gnprice]

Although at this point we have a user_id from the notification, it may be the case that the account it's meant for doesn't have userId non-null in the accounts state. That's because:

  /**
   * The user's numeric ID.
   *
   * We learn the user ID each time we complete an initial fetch.
   *
   * This is `null` briefly when we've logged in but not yet completed our
   * first initial fetch on the account.  It's also `null` when representing
   * an account which was last used on a version of the app which didn't
   * record this information.  It's never `null` for an account for which we
   * have server data.
   */

Probably if there's just one URL match, and its userId is null, then we should go for it.

[chrisbobbe]

Probably if there's just one URL match, and its userId is null, then we should go for it.

My current revision uses a slightly different algorithm. If there are two URL matches, and one of them has a userId that's wrong, but the other one has null, we still want to go for the null one. I think.

[chrisbobbe]

Thanks for the review! Revision pushed.

it looks like #5108 (comment) still applies.

Oh, actually that was one that I thought I'd fixed.

[gnprice]

Thanks! A couple of comments below.

[gnprice]

This userId !== null is always true if userId === user_id is, right? So it can be dropped, and this function simplifies back down to just returning an expression.

[gnprice]

This log message won't always be accurate -- there could have been two accounts that had the right realm_uri and null user_id.

(Well, it could be read as accurate depending on how one interprets "found with realm_uri and user_id". But a reading that makes it accurate would make the same message equally accurate in the case where there's a match we actually use, just above here.)

We've been pretty precise in the different error cases in this function so far, because it's been a fairly common set of errors and it's good to know exactly what conditions are driving that. So let's make the distinction here too between zero matches and multiple matches.

[gnprice]

Oh also: let's mark this as fixing #4631! This is an issue I run into regularly when using test accounts -- looking forward to getting it fixed. 🙂

[chrisbobbe]

Thanks! Revision pushed.

[gnprice]

Thanks! Looks good -- merging.