-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add prompted confirmation #30
Add prompted confirmation #30
Conversation
@gohkhoonhiang can you take a look and have some feedbacks? Thanks a lot 🙏 |
@haile-kaligo Sorry for the late response! I didn't check my Github notifications and missed this PR. Thanks for the PR! 🙏 Regarding the feature, I'm thinking that, if the dev wanted confirmation to run a job, it wouldn't hurt to have the prompt message for extra security. For that, I'm proposing we merge the 2 into a single feature, such that if a worker is configured to require a prompt, then a prompt message must be input to confirm the job run. It keeps the config simpler as there's only 1 option to configure, and the implementation more straightforward, as there's no need to check for either a WDYT? |
Thanks for your feed back @gohkhoonhiang, since both types serve the same purpose so it would be easier to maintain if we just only use one. So I'll remove the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM to me, 2 small nits:
- nicer if we can also mention in the readme how to use
- maybe default the message to "confirm" or something, so that it look nicer on clients once they upgrade the lib from last release?
README.md
Outdated
@@ -75,4 +75,4 @@ Note: There is no UI validation for the input, as the class inspector will not b | |||
|
|||
### Require Confirmation | |||
|
|||
If the `require_confirm_worker_names` option is configured with the worker class name of the job you want to run, it will prompt for confirmation. By clicking `OK`, the job will be scheduled to run; otherwise, it will not run. This helps to prevent accidentally running a critical job when not meant to be. | |||
If the `require_confirm_worker_names` option is configured with the worker class name of the job you want to run, it will prompt for confirmation. You will be required to type a specific keyword for the job to run, otherwise, it will not run. This keyword is set to `confirm` by default and can be customized using `require_confirm_prompt_message` option. This helps to prevent accidentally running a critical job when not meant to be. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Suggestion:
If you're using sidekiq adhoc jobs in Production, you may want to consider using this configuration as an extra protection against erroneously running a sidekiq job. Once turned on, the user will be required to enter a challenge keyword in a prompt before the job can be run through the admin UI.
To use this feature, add the worker class name of the jobs you would like to add the confirmation for into the require_confirm_worker_names
option.
If you would like to configure the challenge keyword, you can use the require_confirm_prompt_message
option.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you sir 🙏
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@haile-kaligo Thanks for the fixes! There's just one more small one for the README. After this, maybe you could run this branch for your app again to test the latest changes are okay, then I can release the feature. 🙏
|
||
To use this feature, add the worker class name of the jobs you would like to add the confirmation for into the `require_confirm_worker_names` option. | ||
|
||
The challenge keyword is set to be `confirm` as default, if you would like to configure the challenge keyword, you can use the `require_confirm_prompt_message` option. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@haile-kaligo One last fix for the README. Could you add the option description to the Options
list above under Usage
section? Then all should be good.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Got it 👍
cf32890
to
c337197
Compare
Background
Need to require more attention when confirming to run a job, for an extra assurance that very critical jobs won't be triggered by mistake.
What's this change
require_confirm_prompt_message
: The keyword for the confirmation (preferably an environment variable)Running confirmation required job
Requires user to type a challenge keyword