feat: add support for setting password and org for a new user in the cli #15981

jsteenb2 · 2019-11-19T20:26:56Z

one thing to note here is that new endpoint was created. there was no
endpoint for setting an initial password that worked. The existing endpoint
was a bit messy and coupled across multiple routes. Having multiple auth
schemes proved incredibly taxing to write against.

update: this came up in discussion in another topic with @goller and from that conversation decided to fixup the password service interface here. To provide the user id instead of name as the first arg to each set/compare func in the PasswordService.

closes: #15977

CHANGELOG.md updated with a link to the PR (not the Issue)
Well-formatted commit messages
Rebased/mergeable
Tests pass

jsteenb2 · 2019-11-19T20:46:14Z

cmd/influx/main.go

@@ -17,21 +17,27 @@ import (
 	"github.com/spf13/viper"
 )

-var influxCmd = &cobra.Command{


want to make this noted, the init and global state are 100% not needed. Only adds side effects and indirection in this case. Creating constructors allows the ability to provide DI for testing (see pkg_test.go)

kelwang

I didn't see any authorizer wrapped post password, can you wrap it into an authorizer, and add some tests in http package as well?

dearyhud

lgtm

dearyhud · 2019-11-19T20:39:27Z

http/user_service.go

+
+// ComparePassword compares the user new password with existing. Note: is not implemented.
+func (s *PasswordService) ComparePassword(ctx context.Context, name string, password string) error {
+	panic("not implemented")


dearyhud · 2019-11-19T21:00:14Z

http/user_service.go

@@ -72,6 +73,10 @@ func NewUserHandler(b *UserBackend) *UserHandler {
 	h.HandlerFunc("GET", usersLogPath, h.handleGetUserLog)
 	h.HandlerFunc("PATCH", usersIDPath, h.handlePatchUser)
 	h.HandlerFunc("DELETE", usersIDPath, h.handleDeleteUser)
+	// the POST doesn't need to be nested under users in this scheme
+	// seems worthwhile to make this a root resource in our HTTP API


I can agree w/ this, seems kind of odd to have this nested under the /users/:id path when id isn't used

desa

LGTM

one thing to note here is that new endpoint was created. there was no endpoint for setting an initial password that worked. The existin endpoint was a bit messy and coupled across multiple routes. Having multiple auth schemes proved incredibly taxing to write against.

jsteenb2 · 2019-11-20T16:37:18Z

tests failing in idpe here, will have follow up PR in idpe to touch that up. This is an expected failure:

# github.com/influxdata/idpe/kv_test [github.com/influxdata/idpe/kv.test]
kv/passwords_test.go:57:44: cannot use f.Users[i].Name (type string) as type influxdb.ID in argument to svc.SetPassword
kv/passwords_test.go:310:54: cannot use tt.args.name (type string) as type influxdb.ID in argument to s.SetPassword
kv/passwords_test.go:485:58: cannot use tt.args.name (type string) as type influxdb.ID in argument to s.ComparePassword
+ record_failure 'go vet failed'

…nfluxdb#15981

jsteenb2 force-pushed the 15897/pkger_authentication branch from c6448ac to 15f3dd0 Compare November 19, 2019 20:27

jsteenb2 requested review from a team and desa November 19, 2019 20:27

jsteenb2 force-pushed the 15897/pkger_authentication branch 5 times, most recently from 80dd3e5 to c8e504c Compare November 19, 2019 20:44

jsteenb2 commented Nov 19, 2019

View reviewed changes

kelwang suggested changes Nov 19, 2019

View reviewed changes

dearyhud approved these changes Nov 19, 2019

View reviewed changes

jsteenb2 force-pushed the 15897/pkger_authentication branch 6 times, most recently from ee0278b to 81c39d7 Compare November 20, 2019 14:40

desa approved these changes Nov 20, 2019

View reviewed changes

jsteenb2 force-pushed the 15897/pkger_authentication branch from 81c39d7 to 091e6f8 Compare November 20, 2019 15:57

jsteenb2 added 2 commits November 20, 2019 08:22

chore: refactor password service to provide userID instead of name

4cbfcd2

jsteenb2 force-pushed the 15897/pkger_authentication branch from 091e6f8 to af8cc9d Compare November 20, 2019 16:23

kelwang approved these changes Nov 20, 2019

View reviewed changes

jsteenb2 merged commit dc2d931 into master Nov 20, 2019

jsteenb2 deleted the 15897/pkger_authentication branch November 20, 2019 17:16

bednar added a commit to influxdata/influxdb-client-csharp that referenced this pull request Nov 22, 2019

test: disabled password changing - not yet implemented - influxdata/i…

987abf0

…nfluxdb#15981

bednar added a commit to influxdata/influxdb-client-java that referenced this pull request Nov 22, 2019

test: disabled password changing - not yet implemented - influxdata/i…

67be1d2

…nfluxdb#15981

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: add support for setting password and org for a new user in the cli #15981

feat: add support for setting password and org for a new user in the cli #15981

jsteenb2 commented Nov 19, 2019 •

edited

Loading

jsteenb2 Nov 19, 2019

kelwang left a comment

dearyhud left a comment

dearyhud Nov 19, 2019

dearyhud Nov 19, 2019

desa left a comment

jsteenb2 commented Nov 20, 2019 •

edited

Loading

feat: add support for setting password and org for a new user in the cli #15981

feat: add support for setting password and org for a new user in the cli #15981

Conversation

jsteenb2 commented Nov 19, 2019 • edited Loading

jsteenb2 Nov 19, 2019

Choose a reason for hiding this comment

kelwang left a comment

Choose a reason for hiding this comment

dearyhud left a comment

Choose a reason for hiding this comment

dearyhud Nov 19, 2019

Choose a reason for hiding this comment

dearyhud Nov 19, 2019

Choose a reason for hiding this comment

desa left a comment

Choose a reason for hiding this comment

jsteenb2 commented Nov 20, 2019 • edited Loading

jsteenb2 commented Nov 19, 2019 •

edited

Loading

jsteenb2 commented Nov 20, 2019 •

edited

Loading