Remove update environments from putOrganization. #2564
Conversation
… deleted environments from slack
| @@ -47,9 +101,107 @@ export const putEnvironments = async ( | |||
| environments: updatedEnvironments, | |||
| }, | |||
| }); | |||
|
|
|||
| await req.audit({ | |||
There was a problem hiding this comment.
I looked into adding logic here to fire webhooks if an env's projects were updated, but the final argument to addEnvironmentToOrganizationEnvironments above is false, so we're not replacing any existing envs, we're ignoring them, so no existing env should see any changes.
packages/back-end/src/routers/environment/environment.controller.ts
Outdated
Show resolved
Hide resolved
…hecking for updating order of envs.
|
Your preview environment pr-2564-bttf has been deployed. Preview environment endpoints are available at: |
| const index = existingEnvs.findIndex((env) => env.id === environment); | ||
|
|
||
| if (index < 0) { | ||
| return res.status(400).json({ | ||
| status: 400, | ||
| message: `Unable to find environment: ${environment}`, | ||
| }); | ||
| } | ||
|
|
||
| updatedEnvs.push(existingEnvs[index]); |
There was a problem hiding this comment.
Any reason for now using the plain find method?
There was a problem hiding this comment.
Looks like the same code as putEnvironments. Maybe it could be factored out?
There was a problem hiding this comment.
No good reason for using find vs findIndex. I'll update to find as it does make things a bit more concise.
There was a problem hiding this comment.
Actually, I think for the putEnvironment it makes sense to keep the findIndex as with that, we want to find the index, so we can later update that specific index. I think find is better for the putEnvironmentOrder and deleteEnvironment, though.
packages/back-end/src/routers/environment/environment.controller.ts
Outdated
Show resolved
Hide resolved
| const existingProjects = envsArr[existingEnvIndex].projects || []; | ||
| const newProjects = environment.projects || []; | ||
|
|
||
| if (JSON.stringify(existingProjects) !== JSON.stringify(newProjects)) { |
There was a problem hiding this comment.
This comparison is bound to be runtime dependent on the order of keys in the object. lodash is used in the code already and has a comparison utility that seems better suited: https://lodash.com/docs/4.17.15#isEqual
packages/back-end/src/routers/environment/environment.controller.ts
Outdated
Show resolved
Hide resolved
| environment: z | ||
| .object({ | ||
| id: z.string(), | ||
| description: z.string(), | ||
| toggleOnList: z.boolean().optional(), | ||
| defaultState: z.any().optional(), | ||
| projects: z.array(z.string()).optional(), | ||
| }) | ||
| .strict(), |
There was a problem hiding this comment.
Should this be factored out to make it more visible for potential future re-use?
packages/back-end/types/audit.d.ts
Outdated
| | "environment.create" | ||
| | "environment.update" | ||
| | "environments.update" | ||
| | "environment.delete" |
There was a problem hiding this comment.
Do you also need an entry in EntityType?
There was a problem hiding this comment.
Oof - yes - great catch!
There was a problem hiding this comment.
When doing the bulk updates - either via the putEnvironmentOrder or putEnvironments - there isn't a single env.id for the entity, so I've currently just got it set to the organization. Not sure if that's the right direction...
There was a problem hiding this comment.
I have a PR changing those type definitions to take a constant object mapping entities to audit event names. This should fix these kind of gaps.
| @@ -222,12 +222,10 @@ const EnvironmentsPage: FC = () => { | |||
| const newEnvs = [...environments]; | |||
| newEnvs.splice(i, 1); | |||
| newEnvs.splice(i - 1, 0, e); | |||
| await apiCall(`/organization`, { | |||
| await apiCall(`/environment/order`, { | |||
There was a problem hiding this comment.
Do we need a net new endpoint for this? Should we simply allow the plural endpoint to also update the order?
There was a problem hiding this comment.
I ultimately broke it out into a separate endpoint as the permission logic for each of these is different.
For re-ordering, the user only needs to have permission to create environments globally, or in at least 1 project. Whereas, if the user is updating the actual environments, they need create/update permission for every endpoint passed in.
If we added this to the plural endpoint, the logic would get really complicated. We'd need to do a deep comparison of the environments being passed in to see if the user was just trying to update the order, or update the actual environments.
Ultimately, it felt like it would lead to bugs, and was easily handled by breaking the logic out into two separate endpoints.
Features and Changes
This PR updates how we handle CRUD actions for an organization's environments. Previously most of this logic was nestled within the
putOrganizationmethod, and we're making an effort to reduce the overall power of that method and instead, handle the logic in specific controllers.This PR removes the ability for an organization to update their environments via this method, and instead, moves it to the
environments.controller.tsfile.This PR introduces/moves the following logic:
Adds specific delete route
Adds specific put/:id route
Adds specific updateOrder endpoint for move up/move down - prevents any backdoor to updating envs or any permission error but only accepting an array of ids
Updates the /post endpoint to accept the optional projects property (previously, we ignored this)
Updates the bulk update endpoint
Moves logic to fire any web hooks to specific controller methods
Updates
EnvironmentModalto consume the PUT and POST requests (previously was using /organization)Updates ‘environments.tsx
to consume the new/environment/order` PUT requestCloses - [Feature] Update environment controller and remove ability to update environments from putOrganization #2494
Testing