Adds /sources/<source_uuid>/conversation endpoint supporting DELETE

[zenmonkeykstop]

Status

Work in progress

Description of Changes

Adds an API endpoint /sources/<source_uuid>/conversation, which, when called via the DELETE method, deletes all submissions and replies while preserving the source account. All other methods just return a 405.

Testing

Dev container:

• run make dev on this branch
• log into the JI via http://localhost:8081 in a browser
• note the journalist designation of the second source
• copy the test script in https://gist.github.com/zenmonkeykstop/2bd2ae05e486729743497d0914a6d28e to your local workstation, install its dependencies with pip install pyotp requests, and run it with python3 wipe-convo.py
  • The response for the GET request includes the text method not allowed, and the application log in make dev output shows a 405 status code for the request
  • After the GET request, the second listed source and its associated data is still present
• Hit Enter when prompted by the script to run the DELETE request
  • The response for the DELETE request includes the text source data deleted, and the application log in make dev output shows a 200 status code for the request
  • After the get request, the source is still present but associated conversation data is deleted
• Sources other than the second listed source are unaffected, with their conversations intact.

Deployment

• This will be deployed with next server code update, no postint tasks or other fixup is required.

Checklist

If you made changes to the server application code:

• Linting (make lint) and tests (make test) pass in the development container

If you made non-trivial code changes:

• I have written a test plan and validated it for this PR

Choose one of the following:

• I have opened a PR in the docs repo for these changes, or will do so later
• I would appreciate help with the documentation
• These changes do not require documentation

[codecov-commenter]

Codecov Report

Merging #5963 (86884d3) into develop (bac4677) will decrease coverage by 0.02%.
The diff coverage is 75.00%.

@@             Coverage Diff             @@
##           develop    #5963      +/-   ##
===========================================
- Coverage    85.34%   85.32%   -0.03%     
===========================================
  Files           53       53              
  Lines         3875     3883       +8     
  Branches       480      481       +1     
===========================================
+ Hits          3307     3313       +6     
- Misses         456      457       +1     
- Partials       112      113       +1     

Impacted Files	Coverage Δ
securedrop/journalist_app/api.py	94.22% <75.00%> (-0.58%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update bac4677...86884d3. Read the comment docs.

[kushaldas]

The change is good, with proper test cases. We will also need a corresponding PR for the docs repo in the API section.

I will do a formal review after it is marked as "ready for review"

[zenmonkeykstop]

thanks @kushaldas, test plan etc in progress.

[rmol]

👍 Test plan passes, works with WIP client safe deletion changes.