Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP: Set creator while WI creation #7

Closed
wants to merge 8 commits into from

Conversation

pranavgore09
Copy link

@pranavgore09 pranavgore09 commented Oct 12, 2016

Fixes iss-244
Why:
We need to record who created what (in WI for now). Need to fill up the field 'Fields['system.creator']' by current logged in user's email.

What:
As of now there is no special type which can identify a user in fields. Make use of tokenManager to read/extract tokens.

How:
Add a new UserType, Unmarshall FieldDefinition for UserType.
Move Equaler, Lifecycle to new package to avaoid cyclic import.
Remove some tests on temperory purpose.

ToDo:

add email to the system.creator
add middleware to consume Locate method.
write/update tests which will use login context.

@@ -132,6 +134,22 @@ func (r *GormWorkItemRepository) Create(ctx context.Context, typeID string, fiel
Type: typeID,
Fields: Fields{},
}
publicKey, err := token.ParsePublicKey(token.RSAPublicKey)
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can't go here. Most of this logic needs to move to the /workitem.go REST endpoint.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aslakknutsen what is your objection here, concretely? (i.e why does it need to be moved?)

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Repository should deal with storage of the WI. Not creating a new TokenManager per Create and dealing with Public/Private keys. 'Someone' above this needs to locate the User and set the system.creator field. The Repository shouldn't be querying for the account.User either.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried to move it inside controller's create method but facing problem where to put UUID (inside context maybe) so that repositories can access or pass by param.

@@ -1,4 +1,4 @@
package models
package infra

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Golang common lore discourages use of generic words like "utils" or in this case "infra" for packages. What is this package about? If it's about gorm support, let's call it "gormsupport". Go packages are usually smaller than Java packages. Don't hesitate to make many of them instead of lumping too many things in the same package

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, Agreed. "infra" is very generic name. As of now it contains Equaler, DummyEqualer and Lifecycle interfaces. So it is not gorm only specific. Will try to rename more specifics (maybe need to split into 2).

if valueType.Kind() != reflect.String {
return nil, fmt.Errorf("value %v should be %s, but is %s", value, "string", valueType.Name())
}
// check with DB

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should check that it's a valid user id, right? Are we waiting for a user storage to be coded?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes waiting for that part (some validation will be done there), also I will add related comments around the code. Thanks.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't need to check the user id here. The user id is coming from a signed and verified token produced by us. If we can't trust ourselves, then...

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done in 6f7e

@@ -132,6 +134,22 @@ func (r *GormWorkItemRepository) Create(ctx context.Context, typeID string, fiel
Type: typeID,
Fields: Fields{},
}
publicKey, err := token.ParsePublicKey(token.RSAPublicKey)

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aslakknutsen what is your objection here, concretely? (i.e why does it need to be moved?)

Login entrypoint mounted on /api/login/authorize

Contributed-by Konrad Kleine <kwk@users.noreply.github.com>
Contributed-by Shoubhik Bose <sbose78@gmail.com>
Contributed-by Pranav Gore <pranavgore09@gmail.com>

Fixes fabric8-services#20, fabric8-services#219, fabric8-services#321, fabric8-services#325, fabric8-services#327, fabric8-services#328, fabric8-services#337
Related fabric8-services#304
@aslakknutsen aslakknutsen force-pushed the user_auth branch 4 times, most recently from 0feffbc to 52d7ec6 Compare October 17, 2016 13:40
aslakknutsen and others added 4 commits October 18, 2016 10:08
Why:
We need to record who created what (in WI for now). Need to fill up the field 'Fields['system.creator']' by current logged in user's email.

What:
As of now there is no special type which can identify a user in fields. Make use of tokenManager to read/extract tokens.

How:
Add a new UserType, Unmarshall FieldDefinition for UserType.
Remove some tests on temperory purpose.
Moved Lifecycle to new package gormsupport
Moved Equaler and DummyEqualer to groundwork package

ToDo:

add middleware to consume Locate method.
write/update tests which will use login context.
Decide about test modifications. Need a way for "login" in tests.
…en using tokenManager.

Few TODOs because of not having logged in user tests yet.
return func(ctx context.Context, rw http.ResponseWriter, req *http.Request) error {
// for now ignore the error becasue still test for logged in user is not done.
uuid, _ := manager.Locate(ctx)
ctxWithUser := context.WithValue(ctx, "uuid", uuid.String())

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. Won't this crash when there is not user?
  2. Why convert uuid to string?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. yes, you are right, error is ignored temporarily. And when there is no token found, "Locate" returns uuid.UUID{} which is "000-00...all zeros"
  2. As of now, it is simple to keep string because for remote-work-items creator/user is not created before actual importing. So anything can go in it for now :)

uuid := ctx.Value("uuid")
if uuid == nil {
// Doing this just for test cases to feel good. Actually error will be returned which is commented below
uuid = ""

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry to bring this up so late...but wouldn't it be much simpler to pass the creator in as a parameter to the "Create" repository call?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

that is very important and it makes a lot sense !! thanks, let me think a bit.
It will make straight forward to add a creator irrespective of calls to create() method via API or direct calls.

@aslakknutsen
Copy link
Owner

@pranavgore09 Could you rebase this of a almighty-core/master as user_auth is now upstream. Also change the target of the PR to almighty-core/master.

@pranavgore09
Copy link
Author

roger that !

@pranavgore09
Copy link
Author

I tried to align this branch of mine with upstream/master and failed several times after attempting pulling, rebasing, cherry-picking whatever needed in correct order.
Reasons were remote base branch was deleted, the same was squashed, May be I forgot to rebase yesterday. After all attempts either build and tests were failing or comparison in PR was showing 54 files modified :)

After spending good amount of time I decided to create new branch off upstream/master and redo needed changed but this time in neat and better way.

Lessons learnt -

  • Avoid working off other branches (other than upstream/master, may create issues if others are working, squashing, force pushing on same !)
  • Keep PR smaller.
  • Learn git 😅 (to not to create a mess for self)

So I will be creating 2 PRs, one for architectural package level changes and second for actual task related changes.

Happy coding 😃

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
3 participants