New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create an endpoint to change the default port for new access keys #461
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some minor comments/suggestions. Loving the typed errors and repo builder 👍
Responded to review comments, PTAL |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few initial comments. I didn't have a chance to look at the tests yet.
…ohenjon-port-hostname
…ne-server into cohenjon-port-hostname
Ping on this ^_^ waiting for some answers before doing another round of review response. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems the JSON parser will actually give you a number for port. I'm sorry for the confusion!
Let's test manually with curl and add a test to the integration test to make sure this is working properly.
Friendly ping |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice to see the integration test!
} catch (error) { | ||
logging.error(error); | ||
if (error instanceof errors.InvalidPortNumber) { | ||
return next(invalidPortArgument(error.message)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you use resitfy.BadRequestError
here instead? It makes it easier to see what HTTP error is being returned.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's what invalidPortArgument does, I just moved it into a function since there are a few different places dealing with invalid port numbers. Made the function local to setPortForNewAccessKeys so it's closer to the use
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd still like to be able to easily see what the HTTP error we are returning, since that's part of the API.
Changing the calls to BadRequestError would make that clearer, I don't think the duplication is a big deal.
Maybe you want a IsValidPort method that validates the port and raises InvalidPortNumber. That would remove the duplication and improve readability.
logging.debug(`setPort[ForNewAccessKeys request ${JSON.stringify(req.params)}`); | ||
if (!req.params.port) { | ||
return next( | ||
invalidPortArgument(`Expected a port argument but found none. Request: ${req}`)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove the request from the reason message. No need to send it back to the user.
Maybe also use more direct text: Parameter port is missing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
|
||
const port = req.params.port; | ||
if (typeof port !== 'number') { | ||
return next(invalidPortArgument(`Expected an numeric port, instead got ${port}`)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
got ${port} of type ${typeof port}
, since the type is the sticking point.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
} catch (error) { | ||
logging.error(error); | ||
if (error instanceof errors.InvalidPortNumber) { | ||
return next(invalidPortArgument(error.message)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I feel a little nervous about forwarding error messages like that. It's a good way to leak potentially sensitive information. It's ok to log, but it's risky to send arbitrary messages back to the client.
Maybe rename the message
field to reason
or explanation
, so it's more restricted in its semantics.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This isn't an arbitrary message, it's from InvalidPortNumber which is only ever made by us and has the stringified port number as the message. I can't rename the message field since it's part of the Error interface.
Are you worried that somehow this response could expose the manager server to a probing attacker?
Can you give an example of the output in case of API error? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's discuss offline
Adds endpoints and implementations
Adds tests for new api
Adds tests for newly public functions from get_port
Cleans up some deprecated code from before multiplexing was enabled.
Cleans up some unused imports in tests.
Creates and uses a builder class for the ServerAccessRepository unit tests