Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable users to create groups #2402

Merged
merged 16 commits into from Jul 31, 2015
Merged

Enable users to create groups #2402

merged 16 commits into from Jul 31, 2015

Conversation

seanh
Copy link
Contributor

@seanh seanh commented Jul 24, 2015

@nickstenning suggests that (since it's behind a feature flag) this can be merged now even though the groups dropdown list in the sidebar is still a fake.

@tilgovi Want to review this? Since Nick and I have both worked on it.

What this does:

  • Authorized users (anyone who's logged-in) can go to /groups/new to get a form for creating a new group
  • The form has validation and re-rendering with inline errors and user data intact, if the group name is too short or too long
  • On form submission group will be created, user is redirected to group's page including hashid as part of URL. Anyone (logged-in or not, member of group or not) can see this page if they have the link. No functionality on this page yet.
  • In the database we save a bunch of generated stuff: created and updated times, creator, and make the creator the first member of the group

@seanh seanh changed the title New group Enable users to create groups Jul 24, 2015
nickstenning
nickstenning reviewed Jul 24, 2015
View reviewed changes
h/groups/views.py

def _get_hashids(request):
salt = security.derive_key(
request.registry.settings["secret_key"], "h.groups.hashid", length=20)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As we discussed, I think this is a dangerous route to go down. Just add a config option for this.

@nickstenning
Copy link
Contributor

So, just to be clear, this is butt ugly at the moment and definitely will need more work. My comment about the feature flags is merely observing that merging this doesn't block deployment, so if we're happy with what's here we can merge and carry on in additional PRs.

@landscape-bot
Copy link

Code Health
Repository health increased by 0.04% when pulling 6a392b5 on new-group into b175b6a on master.

@seanh seanh mentioned this pull request Jul 29, 2015
Merged
tilgovi
tilgovi reviewed Jul 29, 2015
View reviewed changes
h/groups/models.py
__tablename__ = 'group'

id = sa.Column(sa.Integer, autoincrement=True, primary_key=True)
name = sa.Column(sa.Unicode(100), nullable=False)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How do we motivate a choice of group name size limit?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Honestly, I just figured that

East Louisiana State Troopers Chinchilla Brevicaudata Appreciation Society - East Baton Rouge Branch

Was more than long enough for a group name.

@tilgovi
Copy link
Contributor

tilgovi commented Jul 29, 2015

Looks fine, just a few small questions.

@landscape-bot
Copy link

Code Health
Repository health decreased by 0.11% when pulling 6a392b5 on new-group into 3107939 on master.

@seanh
Copy link
Contributor Author

seanh commented Jul 30, 2015

It might be nice to tweak some names to make them consistent. Our view callables are create_group_form(), create_group() and read_group(), yet the route names are group_create and group_read, and the templates are again create_group and read_group.

You could argue for verb first or noun first, or in the case of the callables and the templates just verb without noun (create(), read() etc) since they're already in a groups package.

We don't seem to be consistent about this in views.py files across the codebase.

@nickstenning nickstenning force-pushed the new-group branch 3 times, most recently from 47a7a8a to 8d39d1c Compare July 30, 2015 11:45
nickstenning
nickstenning reviewed Jul 30, 2015
View reviewed changes
conf/production.ini
@@ -15,6 +15,8 @@ use: egg:h
#h.client_id:
#h.client_secret:

h.hashids.salt: production salt
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm inclined to remove this so that if you don't set the environment var in production the application will explode rather than silently using a predictable salt.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Iirc correctly I put this in because Travis was crashing otherwise (it builds the Chrome extension with production.ini iirc). We could fix the Travis script instead

@nickstenning
Copy link
Contributor

  • Rebased on master
  • Schema migration rebased onto current head
  • Switched to using python-slugify
  • Updated view function names
  • Made the FK fields in the user-group join table NOT NULLABLE
  • Lightly squashed the commit history

@seanh
Copy link
Contributor Author

seanh commented Jul 30, 2015

Just fixed most of landscape's issues, I'm happy to leaves it remaining complaints alone

@landscape-bot
Copy link

Code Health
Repository health increased by 0.23% when pulling 6f1b4e0 on new-group into 3920527 on master.

@seanh
Copy link
Contributor Author

seanh commented Jul 31, 2015

@tilgovi We're done with this, merge if you're happy with it

@landscape-bot
Copy link

Code Health
Repository health increased by 0.07% when pulling a828794 on new-group into cbffd55 on master.

nickstenning and others added 5 commits July 31, 2015 09:25
@nickstenning @tilgovi
Add a group package and data model
2bc0e50 
This commit adds a package "h.groups", which for now contains only data
models for group membership, and a schema migration to create the
relevant tables in the database.

For now, groups are identified simply by unique id, and they have a
unicode name, which is expected to be their display name.
@nickstenning @tilgovi
Add a basic "create a new group" page
4dc009e
@seanh @tilgovi
Hook up the new group form to the model
d68394f 
On form submission create a new group in the db and then redirect to the
group's page.

Validation of form params still needs to be done.

We're using the group id direct from the db in the group page's URL,
this needs to be replaced with a hashid based on the group's id and some
salt.
@seanh @tilgovi
Add validation to new group form
1141847 
- create_group() validates the posted params with our colander schema,
  rerenders the form on validation failure

- Views now return two items to the template: "form" and "data" (a dict
  of any values the user had entered into the form, e.g. {"name": "My
  New Group"}), so we can rerender the template with the user's data
  intact
@seanh @tilgovi
Add tests for groups views
57d2550
seanh and others added 11 commits July 31, 2015 09:27
@seanh @tilgovi
You have to be logged-in to create a group
1a6c5f4
@seanh @tilgovi
Record creator when creating a new group
8bc9624
@seanh @tilgovi
Remove test code duplication using fixtures
393065b
@seanh @tilgovi
Add tests for group models
649aaf4
@seanh @tilgovi
Use hashids in group URLs
71c24a8 
Rather than exposing raw primary keys in the group URLs, we use hashids
so that the URLs cannot be trivially enumerated. In production, we set a
hashid salt that ensures that other people can't generate our hashids.
@nickstenning @tilgovi
Add groupList directive to display user's groups
e99d512 
This commit adds a list of groups to the "topbar" when the groups
feature flag is enabled.
@nickstenning @tilgovi
Slightly better slug redirections
f4f244f 
This commit slightly simplifies the handling of requests with missing
slugs, while also catering for another common scenario: mistyped slugs.

Now, given a group with hashid "abc123" and slug "hello-world", all of
the following paths will redirect to "/groups/abc123/hello-world":

    /groups/abc123
    /groups/abc123/
    /groups/abc123/hello-wolrd

Any more path components will throw a 404 as before.

In addition, the redirect is now served as a 301 Moved Permanently.
@nickstenning @tilgovi
Shorter view function names
a140f5b 
These view functions are already namespaced, so referencing groups is
redundant and leads to inconsistencies with the global namespace of
route names.

    create_group_form -> create_form
    create_group -> create
    read_group -> read
@seanh @tilgovi
PEP8
cb165ac
@seanh @tilgovi
Add some docstrings
8c2bf50
@seanh @tilgovi
Remove a couple of unused names
1ca0236
@tilgovi
Copy link
Contributor

tilgovi commented Jul 31, 2015

Rebased over the simple conflict with the admins permissions PR. Waiting for the green light just to be paranoid, but it looks good and I'll hit merge when that's good.

tilgovi added a commit that referenced this pull request Jul 31, 2015
@tilgovi
Merge pull request #2402 from hypothesis/new-group
0b1f85a 
Enable users to create groups
@tilgovi tilgovi merged commit 0b1f85a into master Jul 31, 2015
@tilgovi tilgovi deleted the new-group branch July 31, 2015 16:39
@tilgovi
Copy link
Contributor

tilgovi commented Jul 31, 2015

\o/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@seanh @nickstenning @landscape-bot @tilgovi