From 4736d5a3be8ccc387aa7448d740d6c593af2c292 Mon Sep 17 00:00:00 2001
From: Julian Rother <julian@cccv.de>
Date: Sat, 24 Feb 2024 00:56:14 +0100
Subject: [PATCH] Fix ORM relationship conflict warnings

SQLAlchemy v1.4 (Debian Bookworm) annoyingly warns about overlapping
user/mfa_method relationships.

Fixes #146
---
 tests/models/test_role.py | 1 +
 uffd/models/mfa.py        | 6 +++---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/tests/models/test_role.py b/tests/models/test_role.py
index 8c786a75..21c8a264 100644
--- a/tests/models/test_role.py
+++ b/tests/models/test_role.py
@@ -57,6 +57,7 @@ class TestUserRoleAttributes(UffdTestCase):
 		role2.groups[group2].requires_mfa = True
 		self.assertSetEqual(user.compute_groups(), {group1})
 		db.session.add(TOTPMethod(user=user))
+		db.session.commit()
 		self.assertSetEqual(user.compute_groups(), {group1, group2})
 
 	def test_update_groups(self):
diff --git a/uffd/models/mfa.py b/uffd/models/mfa.py
index 16bd83bd..6a646c84 100644
--- a/uffd/models/mfa.py
+++ b/uffd/models/mfa.py
@@ -18,6 +18,9 @@ from uffd.utils import nopad_b32decode, nopad_b32encode
 from uffd.database import db
 from .user import User
 
+User.mfa_recovery_codes = relationship('RecoveryCodeMethod', viewonly=True)
+User.mfa_totp_methods = relationship('TOTPMethod', viewonly=True)
+User.mfa_webauthn_methods = relationship('WebauthnMethod', viewonly=True)
 User.mfa_enabled = property(lambda user: bool(user.mfa_totp_methods or user.mfa_webauthn_methods))
 
 class MFAType(enum.Enum):
@@ -46,7 +49,6 @@ class MFAMethod(db.Model):
 class RecoveryCodeMethod(MFAMethod):
 	code_salt = Column('recovery_salt', String(64))
 	code_hash = Column('recovery_hash', String(256))
-	user = relationship('User', backref='mfa_recovery_codes')
 
 	__mapper_args__ = {
 		'polymorphic_identity': MFAType.RECOVERY_CODE
@@ -80,7 +82,6 @@ def _hotp(counter, key, digits=6):
 class TOTPMethod(MFAMethod):
 	key = Column('totp_key', String(64))
 	last_counter = Column('totp_last_counter', Integer())
-	user = relationship('User', backref='mfa_totp_methods')
 
 	__mapper_args__ = {
 		'polymorphic_identity': MFAType.TOTP
@@ -132,7 +133,6 @@ class TOTPMethod(MFAMethod):
 
 class WebauthnMethod(MFAMethod):
 	_cred = Column('webauthn_cred', Text())
-	user = relationship('User', backref='mfa_webauthn_methods')
 
 	__mapper_args__ = {
 		'polymorphic_identity': MFAType.WEBAUTHN
-- 
GitLab