Fix: remove unused AnonymousUser

src/documents/management/commands/document_exporter.py

@@ -266,7 +266,7 @@ class Command(BaseCommand):
             manifest += json.loads(
                 serializers.serialize(
                     "json",
-                    User.objects.exclude(username__in=["consumer", "AnonymousUser"]),
+                    User.objects.exclude(username__in=["consumer"]),
                 ),
             )
 

src/documents/management/commands/document_importer.py

@@ -94,7 +94,7 @@ class Command(BaseCommand):
                     )
                     break
         if (
-            User.objects.exclude(username__in=["consumer", "AnonymousUser"]).count()
+            User.objects.exclude(username__in=["consumer"]).count()
             != 0
         ):
             self.stdout.write(

src/documents/migrations/1047_remove_anonymous_user.py

@@ -0,0 +1,29 @@
+# Generated by Django 4.2.11 on 2024-04-13 21:19
+
+import secrets
+from django.conf import settings
+from django.contrib.auth.models import User
+from django.db import migrations
+
+
+def delete_anonymous_user(apps, schema_editor):
+    User.objects.get(username="AnonymousUser").delete()
+
+
+def create_anonymous_user(apps, schema_editor):
+    randomPassword = ''.join(secrets.choice('abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789') for i in range(10))
+    User.objects.create(
+        username="AnonymousUser",
+        password=randomPassword,
+    )
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.RunPython(forwards_func, reverse_func),
+    ]

src/documents/tests/test_management_exporter.py

@@ -181,10 +181,10 @@ class TestExportImport(DirectoriesMixin, FileSystemAssertsMixin, TestCase):
 
         manifest = self._do_export(use_filename_format=use_filename_format)
 
-        # dont include consumer or AnonymousUser users
+        # dont include consumer user
         self.assertEqual(
             len(list(filter(lambda e: e["model"] == "auth.user", manifest))),
-            2,
+            1,
         )
 
         self.assertEqual(

src/documents/tests/test_management_superuser.py

@@ -31,9 +31,8 @@ class TestManageSuperUser(DirectoriesMixin, TestCase):
 
         out = self.call_command(environ={})
 
-        # just the consumer user which is created
+        # just the consumer user which is created during migration
-        # during migration, and AnonymousUser
+        self.assertEqual(User.objects.count(), 1)
-        self.assertEqual(User.objects.count(), 2)
         self.assertTrue(User.objects.filter(username="consumer").exists())
         self.assertEqual(User.objects.filter(is_superuser=True).count(), 0)
         self.assertEqual(
@@ -51,10 +50,10 @@ class TestManageSuperUser(DirectoriesMixin, TestCase):
 
         out = self.call_command(environ={"PAPERLESS_ADMIN_PASSWORD": "123456"})
 
-        # count is 3 as there's the consumer
+        # count is 2 as there's the consumer
-        # user already created during migration, and AnonymousUser
+        # user already created during migration
         user: User = User.objects.get_by_natural_key("admin")
-        self.assertEqual(User.objects.count(), 3)
+        self.assertEqual(User.objects.count(), 2)
         self.assertTrue(user.is_superuser)
         self.assertEqual(user.email, "root@localhost")
         self.assertEqual(out, 'Created superuser "admin" with provided password.\n')
@@ -71,7 +70,7 @@ class TestManageSuperUser(DirectoriesMixin, TestCase):
 
         out = self.call_command(environ={"PAPERLESS_ADMIN_PASSWORD": "123456"})
 
-        self.assertEqual(User.objects.count(), 3)
+        self.assertEqual(User.objects.count(), 2)
         with self.assertRaises(User.DoesNotExist):
             User.objects.get_by_natural_key("admin")
         self.assertEqual(
@@ -92,7 +91,7 @@ class TestManageSuperUser(DirectoriesMixin, TestCase):
 
         out = self.call_command(environ={"PAPERLESS_ADMIN_PASSWORD": "123456"})
 
-        self.assertEqual(User.objects.count(), 3)
+        self.assertEqual(User.objects.count(), 2)
         user: User = User.objects.get_by_natural_key("admin")
         self.assertTrue(user.check_password("password"))
         self.assertEqual(out, "Did not create superuser, a user admin already exists\n")
@@ -111,7 +110,7 @@ class TestManageSuperUser(DirectoriesMixin, TestCase):
 
         out = self.call_command(environ={"PAPERLESS_ADMIN_PASSWORD": "123456"})
 
-        self.assertEqual(User.objects.count(), 3)
+        self.assertEqual(User.objects.count(), 2)
         user: User = User.objects.get_by_natural_key("admin")
         self.assertTrue(user.check_password("password"))
         self.assertFalse(user.is_superuser)
@@ -150,7 +149,7 @@ class TestManageSuperUser(DirectoriesMixin, TestCase):
         )
 
         user: User = User.objects.get_by_natural_key("admin")
-        self.assertEqual(User.objects.count(), 3)
+        self.assertEqual(User.objects.count(), 2)
         self.assertTrue(user.is_superuser)
         self.assertEqual(user.email, "hello@world.com")
         self.assertEqual(user.username, "admin")
@@ -174,7 +173,7 @@ class TestManageSuperUser(DirectoriesMixin, TestCase):
         )
 
         user: User = User.objects.get_by_natural_key("super")
-        self.assertEqual(User.objects.count(), 3)
+        self.assertEqual(User.objects.count(), 2)
         self.assertTrue(user.is_superuser)
         self.assertEqual(user.email, "hello@world.com")
         self.assertEqual(user.username, "super")

src/paperless/views.py

@@ -90,7 +90,7 @@ class UserViewSet(ModelViewSet):
     model = User
 
     queryset = User.objects.exclude(
-        username__in=["consumer", "AnonymousUser"],
+        username__in=["consumer"],
     ).order_by(Lower("username"))
 
     serializer_class = UserSerializer