Device deletion returns ok for non-existing devices

[davidebriani]

It seems that Realm Management accepts to start a deletion procedure on non-existent device IDs.

Steps to reproduce:

1. Follow the Astarte in 5 minutes guide to setup a local Astarte instance via docker compose, with a test realm in it.
2. Register a new device on the Astarte realm, let's say its device ID is fVjW5ZscQI6u1P-eoDO1jg
3. Attempt to delete the device via an HTTP DELETE on Realm Management, as described in #816
4. Realm Management accepts the request, which is expected.
5. Attempt to delete a device by passing a slightly modified device ID, adding some characters at the end of the ID: fVjW5ZscQI6u1P-eoDO1jgw, fVjW5ZscQI6u1P-eoDO1jga, fVjW5ZscQI6u1P-eoDO1jg11.
6. Realm Management accepts the requests, while one would expect to have the request denied because it's using non-existent device IDs.

Here are some relevant logs from Realm Management:

astarte-astarte-realm-management-1  | level=info ts=2023-12-12T15:18:20.973+00:00 msg="Added device fVjW5ZscQI6u1P-eoDO1jg to deletion in progress" realm=test module=Astarte.RealmManagement.Engine function=delete_device/2
astarte-astarte-realm-management-1  | level=info ts=2023-12-12T15:18:22.997+00:00 msg="Added device fVjW5ZscQI6u1P-eoDO1jgw to deletion in progress" realm=test module=Astarte.RealmManagement.Engine function=delete_device/2
astarte-astarte-realm-management-1  | level=info ts=2023-12-12T15:18:27.827+00:00 msg="Added device fVjW5ZscQI6u1P-eoDO1jga to deletion in progress" realm=test module=Astarte.RealmManagement.Engine function=delete_device/2
astarte-astarte-realm-management-1  | level=info ts=2023-12-12T15:18:30.425+00:00 msg="Added device fVjW5ZscQI6u1P-eoDO1jg to deletion in progress" realm=test module=Astarte.RealmManagement.Engine function=delete_device/2
astarte-astarte-realm-management-1  | level=info ts=2023-12-12T15:18:33.243+00:00 msg="Added device fVjW5ZscQI6u1P-eoDO1jgk to deletion in progress" realm=test module=Astarte.RealmManagement.Engine function=delete_device/2
astarte-astarte-realm-management-1  | level=info ts=2023-12-12T15:18:34.980+00:00 msg="Added device fVjW5ZscQI6u1P-eoDO1jg2 to deletion in progress" realm=test module=Astarte.RealmManagement.Engine function=delete_device/2
astarte-astarte-realm-management-1  | level=info ts=2023-12-12T15:18:36.880+00:00 msg="Added device fVjW5ZscQI6u1P-eoDO1jg21 to deletion in progress" realm=test module=Astarte.RealmManagement.Engine function=delete_device/2
astarte-astarte-realm-management-1  | level=info ts=2023-12-12T15:18:45.431+00:00 msg="Added device fVjW5ZscQI6u1P-eoDO1jg11 to deletion in progress" realm=test module=Astarte.RealmManagement.Engine function=delete_device/2
astarte-astarte-realm-management-1  | level=info ts=2023-12-12T15:18:47.532+00:00 msg="Added device fVjW5ZscQI6u1P-eoDO1jg to deletion in progress" realm=test module=Astarte.RealmManagement.Engine function=delete_device/2

[Annopaolo]

The device IDs you used in step 3 are somewhat outside of Astarte specification: they are "Extended device IDs" and, as stated in the Astarte Documentation:

Astarte accepts Device IDs longer than 128 bit, which are then truncated to 128 bit internally. This behaviour exists for compatibility reasons but it's not supported and will likely change in future releases - hence, refrain from using anything which is not a 128-bit Device ID.

This means that fVjW5ZscQI6u1P-eoDO1jgw, fVjW5ZscQI6u1P-eoDO1jga etc... do collide internally on the original fVjW5ZscQI6u1P-eoDO1jg, i.e. all their data is stored on fVjW5ZscQI6u1P-eoDO1jg, and similarly they are deleted as fVjW5ZscQI6u1P-eoDO1jg. This is an intended behaviour to maintain compatibility, but in future releases they will not be allowed anymore.

Notice also that if you run astartectl utils device-id validate, you will already get that extended IDs are not valid as an answer:

$ astartectl utils device-id validate fVjW5ZscQI6u1P-eoDO1jgw
fVjW5ZscQI6u1P-eoDO1jgw is not a valid Astarte Device ID

$ astartectl utils device-id validate fVjW5ZscQI6u1P-eoDO1jg
Valid