Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent exposing Django Admin features referencing media tables in prod #4349

Merged
merged 1 commit into from
May 17, 2024
Merged

Prevent exposing Django Admin features referencing media tables in prod #4349

merged 1 commit into from
May 17, 2024

Conversation

AetherUnbound
Copy link
Contributor

Fixes

Fixes #4344 by @AetherUnbound

Description

This PR modifies the Django Admin registrations for various media report related views in order to prevent exposing access to the primary media tables in production. Queries that are made to these tables are often naive and, for such a large table, cause significant issues. However, they're extremely useful to have when running the application locally in order to easily create/reference media while we build out the content safety reporting features.

This will necessarily reduce our available features in production, but because of the nature of the failure which caused this, we couldn't have used those features anyway!

Testing Instructions

Tests should pass. You can also verify this locally by:

  1. just api/init
  2. Visit http://localhost:50280/admin/ and observe that Image Decision shows up in the list of available models for site administration
  3. Add ENVIRONMENT=production and DJANGO_SECRET_KEY=blahblahblah to api/.env
  4. Run just down && just a to restart the API stack
  5. Visit http://localhost:50280/admin/ and observe that the decision views are no longer present

Checklist

  • My pull request has a descriptive title (not a vague title likeUpdate index.md).
  • My pull request targets the default branch of the repository (main) or a parent feature branch.
  • My commit messages follow best practices.
  • My code follows the established code style of the repository.
  • I added or updated tests for the changes I made (if applicable).
  • I added or updated documentation (if applicable).
  • I tried running the project locally and verified that there are no visible errors.
  • I ran the DAG documentation generator (just catalog/generate-docs for catalog
    PRs) or the media properties generator (just catalog/generate-docs media-props
    for the catalog or just api/generate-docs for the API) where applicable.

Developer Certificate of Origin

Developer Certificate of Origin 
Developer Certificate of Origin
Version 1.1

Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
1 Letterman Drive
Suite D4700
San Francisco, CA, 94129

Everyone is permitted to copy and distribute verbatim copies of this
license document, but changing it is not allowed.


Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I
    have the right to submit it under the open source license
    indicated in the file; or

(b) The contribution is based upon previous work that, to the best
    of my knowledge, is covered under an appropriate open source
    license and I have the right under that license to submit that
    work with modifications, whether created in whole or in part
    by me, under the same open source license (unless I am
    permitted to submit under a different license), as indicated
    in the file; or

(c) The contribution was provided directly to me by some other
    person who certified (a), (b) or (c) and I have not modified
    it.

(d) I understand and agree that this project and the contribution
    are public and that a record of the contribution (including all
    personal information I submit with it, including my sign-off) is
    maintained indefinitely and may be redistributed consistent with
    this project or the open source license(s) involved.

@AetherUnbound AetherUnbound requested a review from a team as a code owner May 16, 2024 21:46
@github-actions github-actions bot added the 🧱 stack: api Related to the Django API label May 16, 2024
@openverse-bot openverse-bot added 🟧 priority: high Stalls work on the project or its dependents 🧰 goal: internal improvement Improvement that benefits maintainers, not users 💻 aspect: code Concerns the software code in the repository labels May 16, 2024
zackkrida
zackkrida approved these changes May 17, 2024
View reviewed changes
Copy link
Member

@zackkrida zackkrida left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tests are passing and I've verified the correct behavior locally. LGTM!

dhruvkb
dhruvkb approved these changes May 17, 2024
View reviewed changes
Copy link
Member

@dhruvkb dhruvkb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's unfortunate that these models have to be removed from the admin but also understandable. Thanks for fixing this so quickly, LGTM!

@AetherUnbound
Copy link
Contributor Author

It's unfortunate that these models have to be removed from the admin but also understandable. Thanks for fixing this so quickly, LGTM!

Agreed, but only for prod! Hopefully we'll have the official features for actually handling this well available soon 😄

@AetherUnbound AetherUnbound merged commit 0dbe130 into main May 17, 2024
62 of 66 checks passed
@AetherUnbound AetherUnbound deleted the fix/django-admin-base-media-reference branch May 17, 2024 17:05
@sarayourfriend
Copy link
Contributor

I don't understand why this is the solution? Is the problem not the media object identifier auto-complete query on the Django admin page?

https://docs.djangoproject.com/en/5.0/ref/contrib/admin/#django.contrib.admin.ModelAdmin.autocomplete_fields

There's no way we need to entirely remove these pages from Django admin, that's just not how this kind of thing works. There is something about the admin configuration causing it to make the query, it isn't an inherent feature of those page, but something we can change.

Was this meant as a temporary solution? I'm confused about what the long-term intention is here. @AetherUnbound can you clarify on this? This seems a fine stop-gap if we don't know what is causing it, but it's under no circumstances an acceptable long-term solution.

@sarayourfriend sarayourfriend mentioned this pull request May 21, 2024
Open
@AetherUnbound
Copy link
Contributor Author

This is indeed a temporary solution. The <Media>Decision admin views were added in a very naive way by me in #4254 as a means of creating these records locally easily. The naivete of the implementation led to, I believe, some bad queries in production when trying to render the page. In my mind, it's fine to disable those views in production until we have the actual decision-creation mechanism appropriately set up, since the current exposure of those tables was for testing anyway. My assumption was that future tasks in the moderation basic functionality milestone would actually expose the necessary views there in a more appropriate way.

The problem is also the media object identifier auto-complete query, which is why those were production deferred on the other models. I also deferred the search fields because those are used by the auto-complete query and (again, my assumption) cause unoptimized queries as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zackkrida zackkrida zackkrida approved these changes

@dhruvkb dhruvkb dhruvkb approved these changes

@obulat obulat Awaiting requested review from obulat obulat is a code owner automatically assigned from WordPress/openverse-api

Assignees
No one assigned
Labels
💻 aspect: code Concerns the software code in the repository 🧰 goal: internal improvement Improvement that benefits maintainers, not users 🟧 priority: high Stalls work on the project or its dependents 🧱 stack: api Related to the Django API
Projects
Openverse PRs
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Prevent Django Admin default queries on primary media tables in production
5 participants
@AetherUnbound @sarayourfriend @zackkrida @dhruvkb @openverse-bot