From b8132ef3933bdb351112abce1f1512c5360189cd Mon Sep 17 00:00:00 2001
From: Anthony LC <anthony.le-courric@mail.numerique.gouv.fr>
Date: Wed, 15 Jan 2025 11:57:22 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B(backend)=20creation=20race=20condi?=
 =?UTF-8?q?tion?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

3 requests we able to create a document:
- POST document request
- GET collaboration-auth
- GET media-auth

If the 2 last were faster than the first, a
document was created without the necessary
informations.
---
 CHANGELOG.md                     | 1 +
 src/backend/core/api/viewsets.py | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 43bff667..f96a3566 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -33,6 +33,7 @@ and this project adheres to
 
 - 🐛(backend) fix create document via s2s if sub unknown but email found #543
 - 🐛(frontend) hide search and create doc button if not authenticated #555
+- 🐛(backend) race condition creation issue #556
 
 ## [1.10.0] - 2024-12-17
 
diff --git a/src/backend/core/api/viewsets.py b/src/backend/core/api/viewsets.py
index b217194d..0f83e1e5 100644
--- a/src/backend/core/api/viewsets.py
+++ b/src/backend/core/api/viewsets.py
@@ -676,7 +676,7 @@ class DocumentViewSet(
 
         # Fetch the document and check if the user has access
         try:
-            document, _created = models.Document.objects.get_or_create(pk=pk)
+            document = models.Document.objects.get(pk=pk)
         except models.Document.DoesNotExist as exc:
             logger.debug("Document with ID '%s' does not exist", pk)
             raise drf.exceptions.PermissionDenied() from exc