Fix edge cases around device lists (#1234)

* Fix New users appear in /keys/changes

* Create blank device keys when logging in on a new device

* Add PerformDeviceUpdate and fix a few bugs

- Correct device deletion query on sqlite
- Return no keys on /keys/query rather than an empty key

* Unbreak sqlite properly

* Use a real DB for currentstateserver integration tests

* Race fix

1 files changed, 21 insertions, 27 deletions

diff --git a/clientapi/routing/device.go b/clientapi/routing/device.go
index 11c6c782..d0b3bdbe 100644
--- a/clientapi/routing/device.go
+++ b/clientapi/routing/device.go
@@ -115,33 +115,9 @@ func GetDevicesByLocalpart(
 
 // UpdateDeviceByID handles PUT on /devices/{deviceID}
 func UpdateDeviceByID(
-	req *http.Request, deviceDB devices.Database, device *api.Device,
+	req *http.Request, userAPI api.UserInternalAPI, device *api.Device,
 	deviceID string,
 ) util.JSONResponse {
-	localpart, _, err := gomatrixserverlib.SplitID('@', device.UserID)
-	if err != nil {
-		util.GetLogger(req.Context()).WithError(err).Error("gomatrixserverlib.SplitID failed")
-		return jsonerror.InternalServerError()
-	}
-
-	ctx := req.Context()
-	dev, err := deviceDB.GetDeviceByID(ctx, localpart, deviceID)
-	if err == sql.ErrNoRows {
-		return util.JSONResponse{
-			Code: http.StatusNotFound,
-			JSON: jsonerror.NotFound("Unknown device"),
-		}
-	} else if err != nil {
-		util.GetLogger(req.Context()).WithError(err).Error("deviceDB.GetDeviceByID failed")
-		return jsonerror.InternalServerError()
-	}
-
-	if dev.UserID != device.UserID {
-		return util.JSONResponse{
-			Code: http.StatusForbidden,
-			JSON: jsonerror.Forbidden("device not owned by current user"),
-		}
-	}
 
 	defer req.Body.Close() // nolint: errcheck
 
@@ -152,10 +128,28 @@ func UpdateDeviceByID(
 		return jsonerror.InternalServerError()
 	}
 
-	if err := deviceDB.UpdateDevice(ctx, localpart, deviceID, payload.DisplayName); err != nil {
-		util.GetLogger(req.Context()).WithError(err).Error("deviceDB.UpdateDevice failed")
+	var performRes api.PerformDeviceUpdateResponse
+	err := userAPI.PerformDeviceUpdate(req.Context(), &api.PerformDeviceUpdateRequest{
+		RequestingUserID: device.UserID,
+		DeviceID:         deviceID,
+		DisplayName:      payload.DisplayName,
+	}, &performRes)
+	if err != nil {
+		util.GetLogger(req.Context()).WithError(err).Error("PerformDeviceUpdate failed")
 		return jsonerror.InternalServerError()
 	}
+	if !performRes.DeviceExists {
+		return util.JSONResponse{
+			Code: http.StatusNotFound,
+			JSON: jsonerror.Forbidden("device does not exist"),
+		}
+	}
+	if performRes.Forbidden {
+		return util.JSONResponse{
+			Code: http.StatusForbidden,
+			JSON: jsonerror.Forbidden("device not owned by current user"),
+		}
+	}
 
 	return util.JSONResponse{
 		Code: http.StatusOK,