New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feat/hive 901/remove datatrust model from authserver #35
Feat/hive 901/remove datatrust model from authserver #35
Conversation
Update Python version to 3.8 in Pipfile.
Add migration to remove the data trust model and associated dependencies between users.
Removes the need for having a "DataTrust" model as a dependency for organization and users, since we now know that this information will be stored elsewhere. #closes [HIVE-901].
Unpinning dependencies in Pipfile because it breaks library updates. Please DO NOT pin versions, instead let the Pipfile handle that.
Refactor db model tests that were causing issues when being run out of order.
Associate a user with a role.
Add an abstraction of the OAuth2 scope stored in the OAuth2Client class that provides for the abstraction of scope information.
Fix test_users_backref by creating a new user if a user happens to not be found matching the organization id.
Rename cmd.sh to entrypoint.sh in order to better follow Docker conventions. Also adjust Dockerfile to refer to new name in build and upgrade image version to 3.8.5-slim.
Add a table to lik a role to multiple OAuth2 scopes.
Implement endpoint and database tables for linking a user's role to one or more scopes.
… [HIVE-994], [HIVE-996]
Fix scope tests to ensure proper deletion of data in between test runs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice @gregmundy !
I easily stood up your PR locally, and I ran lots of queries. It worked as expected.
On the PR itself, I left some nitty-gritty feedback: please incorporate it as you see fit. Then, I'll leave that beautiful green check mark.
Update source code based on PR review.
…f github.com:brighthive/authserver into feat/HIVE-901/remove-datatrust-model-from-authserver
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
APPROVED!
Description
This PR encompasses the bulk of updates needed for Authserver to support
Path to NASWA
. It does the following:User
and aRole
(e.g. Administrator).Role
and an OAuth 2.0Scope
. This allows for the ability to limit a client's abilities to only those scopes associated with the role assigned to the user.Scopes
.DataTrust
data model, which has become unnecessary.In addition to these fixes, some general unit test cleanup and an upgrade of the Docker image to Python 3.8.5 was done. The version of
flask-marshmallow
used for schema validation was also updated to latest.Checklists
Basic
Notes for the Reviewer
Please ensure that the updates do not break established Facet functionality and that the
Scope
model supports the access use cases defined forPath to NASWA
.