Merge branch 'release/2.025.47' into release/2.026.03

kobo-bot[bot] · kobo-bot[bot] · commit 38f4d1ddff84 · 2026-02-05T16:07:38.000Z
diff --git a/kobo/apps/long_running_migrations/jobs/0015_fix_duplicate_organizations.py b/kobo/apps/long_running_migrations/jobs/0015_fix_duplicate_organizations.py
@@ -84,7 +84,7 @@ def run():
         for org_user in org_user_rows:
             user_to_orgs[org_user.user_id].append(org_user.organization)
 
-        for uid, orgs in user_to_orgs.items():
+        for user_id, orgs in user_to_orgs.items():
             mmos = [org for org in orgs if is_effective_mmo(org)]
             if mmos:
                 keep = get_newest_org(mmos)
@@ -98,14 +98,16 @@ def run():
             to_remove = [org for org in orgs if org.id != keep.id]
 
             # Transfer asset if the user is not the owner of the kept org
-            if keep.owner_user_object.pk != uid:
-                transfer_member_data_ownership_to_org(uid)
+            if keep.owner_user_object.pk != user_id:
+                transfer_member_data_ownership_to_org(user_id)
 
             for org in to_remove:
                 with transaction.atomic():
-                    revoke_org_asset_perms(org, [uid])
+                    if org.owner_user_object.pk != user_id:
+                        revoke_org_asset_perms(org, [user_id])
+
                     OrganizationUser.objects.filter(
-                        organization_id=org.id, user_id=uid
+                        organization_id=org.id, user_id=user_id
                     ).delete()
 
                     # If no members remain, delete the organization
@@ -114,7 +116,9 @@ def run():
                             organization_id=org.id
                         ).delete()
                         org.delete()
-                        logging.info(f'Deleted organization {org.id} for user {uid}')
+                        logging.info(
+                            f'Deleted organization {org.id} for user {user_id}'
+                        )
 
             # Ensure MMO status is consistent for multi-member orgs
             if keep.mmo_override is False and keep.organization_users.count() > 1:
diff --git a/kobo/apps/long_running_migrations/tasks.py b/kobo/apps/long_running_migrations/tasks.py
@@ -25,7 +25,7 @@ def async_execute(migration_id: int):
             cache.delete(lock_key)
 
 
-@celery_app.task(queue='kpi_low_priority_queue')
+@celery_app.task(queue='kpi_long_running_tasks_queue')
 def execute_long_running_migrations():
     # Adding an offset to account for potential delays in task execution and
     # clock drift between the Celery workers and the database, ensuring tasks
diff --git a/kobo/apps/organizations/tests/test_fix_duplicate_organizations.py b/kobo/apps/organizations/tests/test_fix_duplicate_organizations.py
@@ -9,7 +9,7 @@
     OrganizationOwner,
     OrganizationUser,
 )
-from kpi.models import Asset
+from kpi.models import Asset, ObjectPermission
 
 job = import_module('kobo.apps.long_running_migrations.jobs.0015_fix_duplicate_organizations')  # noqa
 
@@ -149,6 +149,57 @@ def test_asset_transfer_to_kept_organization(self):
         self.assertEqual(asset2.owner, self.anotheruser)
         self.assertEqual(asset3.owner, self.anotheruser)
 
+    def test_owner_does_not_lose_permissions_on_removal(self):
+        """
+        Verify that when a duplicate organization is removed, if the user being
+        processed is the owner of that org, they DO NOT lose their own permissions
+        """
+        # Give someuser a second organization where they are also the owner
+        self._create_organization_for_user(user=self.someuser)
+
+        # Create an asset owned by someuser and assign them a permission
+        asset = Asset.objects.create(name='Owner Project', owner=self.someuser)
+
+        # Get all permissions for the asset
+        initial_perms = ObjectPermission.objects.filter(
+            user=self.someuser,
+            asset=asset,
+            deny=False,
+        ).values('permission_id', 'permission__codename')
+
+        expected_permissions = [
+            'add_submissions',
+            'change_asset',
+            'change_submissions',
+            'delete_submissions',
+            'manage_asset',
+            'validate_submissions',
+            'view_asset',
+            'view_submissions',
+        ]
+        initial_codenames = sorted([
+            obj_perm['permission__codename'] for obj_perm in initial_perms
+        ])
+        assert expected_permissions == initial_codenames
+
+        job.run()
+
+        # Verify that only one organization remains for someuser
+        self.assertEqual(
+            OrganizationUser.objects.filter(user=self.someuser).count(), 1
+        )
+
+        # Verify that someuser still has all their initial permissions on the asset
+        final_perms = set(ObjectPermission.objects.filter(
+            user=self.someuser,
+            asset=asset,
+            deny=False,
+        ).values_list('permission_id', flat=True))
+
+        assert set([
+            obj_perm['permission_id'] for obj_perm in initial_perms
+        ]) == final_perms
+
     def _create_organization_for_user(self, user, mmo_override=False):
         org = Organization.objects.create(name='Org', mmo_override=mmo_override)
         org_user = OrganizationUser.objects.create(organization=org, user=user)
diff --git a/kobo/apps/organizations/utils.py b/kobo/apps/organizations/utils.py
@@ -45,9 +45,23 @@ def revoke_org_asset_perms(organization: Organization, user_ids: list[int]):
     the organization.
     """
     Asset = apps.get_model('kpi', 'Asset')  # noqa
+    owner_id = organization.owner_user_object.pk
+
+    # Filter out the owner from user_ids to prevent them from
+    # revoking their own access
+    safe_user_ids = [user_id for user_id in user_ids if user_id != owner_id]
+
+    if not safe_user_ids:
+        return
+
     subquery = Asset.objects.values_list('pk', flat=True).filter(
-        owner=organization.owner_user_object
+        owner_id=owner_id
     )
-    ObjectPermission.objects.filter(
-        asset_id__in=subquery, user_id__in=user_ids
-    ).delete()
+    perms_to_delete = ObjectPermission.objects.filter(
+        asset_id__in=subquery, user_id__in=safe_user_ids
+    )
+
+    batch_size = settings.DEFAULT_BATCH_SIZE
+    while perms_to_delete.exists():
+        pks_to_delete = list(perms_to_delete.values_list('pk', flat=True)[:batch_size])
+        ObjectPermission.objects.filter(pk__in=pks_to_delete).delete()
diff --git a/kobo/settings/base.py b/kobo/settings/base.py
@@ -2181,6 +2181,7 @@ def dj_stripe_request_callback_method():
 ORG_INVITATION_RESENT_RESET_AFTER = 15 * 60  # in seconds
 
 # Batch sizes
+DEFAULT_BATCH_SIZE = 1000
 LOG_DELETION_BATCH_SIZE = 1000
 USER_ASSET_ORG_TRANSFER_BATCH_SIZE = 1000
 SUBMISSION_DELETION_BATCH_SIZE = 1000
diff --git a/kpi/utils/mongo_helper.py b/kpi/utils/mongo_helper.py
@@ -73,7 +73,6 @@ class MongoHelper:
     # Match KoBoCAT's variables of ParsedInstance class
     USERFORM_ID = '_userform_id'
     SUBMISSION_UUID = '_uuid'
-    DEFAULT_BATCHSIZE = 1000
     COLLECTION = 'instances'
 
     @classmethod
@@ -158,7 +157,7 @@ def get_instances(
             cursor.sort(sort_key, sort_dir)
 
         # set batch size
-        cursor.batch_size = cls.DEFAULT_BATCHSIZE
+        cursor.batch_size = settings.DEFAULT_BATCH_SIZE
 
         return cursor, total_count
 
