Description

I've been troubleshooting the deployment and configuration of a PyGrid domain in AWS. Here report all the bugs and unexpected behaviours I could identify.

1. Right after deploying the domain I hit POST /users to create an Owner (owner@openmined.org). I could login with that user and make requests. Worked fine from the UI.
2. Then, I hit GET /setup and got a 400 saying there was no existing initial setup.
3. I called POST /setup and send by the fields user, password and node_name. Got 200.
4. I then realised that the POST /setup had also created another user (owner@openmined.com) , which was also set with role Owner. This means that I had two distinct user accounts with Owner roles.
5. I went ahead and call again POST /setup with the same arguments to see what happens when I try to run the initial setup when already exists. It created another user with the same email and Owner. I then had two accounts under the same email address and all of them Owner.
6. I called again POST /users and try to create another Owner account. I got 403

How to Reproduce

1. Deploy to AWS
2. Follow the notes by order and hit the endpoints

Expected Behaviour

Notes on what I understand is a bug on the above:

1. I should get 403 when trying to create a User ( whatever role is ) before the initial setup has been undergo
2. The Initial Setup created an Owner user ( this is fine ) even though there already existed an Owner user because of step 1. This bug is caused because of the first bug where we created a user without undergoing the Initial Setup
3. Subsequent calls to POST /setup shouldn't go through since it already exists. This endpoint might be changed to PUT /setup to update parameters only.
4. Two accounts with the same email address shouldn't exist.

Screenshots

Closing this Issue now. Resolved in #829