invites: Add defensive assert in do_get_invites_controlled_by_user.

This is a follow-up to d201229df8. do_get_invites_controlled_by_user queries for Confirmations when finding multiuse invites controlled by a user. This means that a revoked multiuse invite cannot really be fetched here, because do_revoke_multi_use_invite deletes the Confirmation object when revoking the invitations. However, having a defensive assert here should be useful to make this doesn't secretly break in the future if the query used changes or if there are unexpected revoked multiuse invites with an existing Confirmations for any (buggy) reason.
2022-11-15 13:32:20 +01:00 · 2022-11-15 13:32:20 +01:00 · f80a999828
parent c0255d4fe4
commit f80a999828
1 changed files with 4 additions and 0 deletions
--- a/zerver/actions/invites.py
+++ b/zerver/actions/invites.py
@ -298,6 +298,10 @@ def do_get_invites_controlled_by_user(user_profile: UserProfile) -> List[Dict[st
    for confirmation_obj in multiuse_confirmation_objs:
        invite = confirmation_obj.content_object
        assert invite is not None
+
+        # This should be impossible, because revoking a multiuse invite
+        # deletes the Confirmation object, so it couldn't have been fetched above.
+        assert invite.status != confirmation_settings.STATUS_REVOKED
        invites.append(
            dict(
                invited_by_user_id=invite.referred_by.id,