New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WIP] : Multiple project owner backend. #4536
[WIP] : Multiple project owner backend. #4536
Conversation
Signed-off-by: aryan <aryan1bhokare@gmail.com>
Signed-off-by: aryan <aryan1bhokare@gmail.com>
974ff44
to
962175b
Compare
Signed-off-by: aryan <aryan1bhokare@gmail.com>
d43d147
to
0c8528e
Compare
…itmuschaos#4527) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.18.0 to 0.21.0. - [Commits](golang/crypto@v0.18.0...v0.21.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.5 to 1.15.6. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.5...v1.15.6) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/golang/protobuf](https://github.com/golang/protobuf) from 1.5.3 to 1.5.4. - [Release notes](https://github.com/golang/protobuf/releases) - [Commits](golang/protobuf@v1.5.3...v1.5.4) --- updated-dependencies: - dependency-name: github.com/golang/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Raj Das <mail.rajdas@gmail.com>
This modification unables to send invite with the role as owner. Signed-off-by: aryan <aryan1bhokare@gmail.com>
This modification checks if the User is the last owner of the project and if not User can leave the project. Signed-off-by: aryan <aryan1bhokare@gmail.com>
query := bson.D{{"_id", projectID}} | ||
update := bson.D{{"$set", bson.M{"members.$[elem]role": role}}} | ||
|
||
_, err := r.Collection.UpdateOne(context.TODO(), query, update, opts) |
Check failure
Code scanning / CodeQL
Database query built from user-controlled sources
Allows Owner to be able to leave the project. Signed-off-by: aryan <aryan1bhokare@gmail.com>
This API is used for updating role of the member in the project. Signed-off-by: aryan <aryan1bhokare@gmail.com>
112e819
to
77bcd91
Compare
func GetActiveProjectOwners(service services.ApplicationService) gin.HandlerFunc { | ||
return func(c *gin.Context) { | ||
projectID := c.Param("project_id") | ||
// state := c.Param("state") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can remove if not required
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure
chaoscenter/web/yarn.lock
Outdated
version "1.15.5" | ||
resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.5.tgz#54d4d6d062c0fa7d9d17feb008461550e3ba8020" | ||
integrity sha512-vSFWUON1B+yAw1VN4xMfxgn5fTUiaOzAJCKBwIIgT/+7CuGy9+r+5gITvP62j3RmaD5Ph65UaERdOSRGUzZtgw== | ||
version "1.15.6" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why is this change required?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It happened automatically. I am unable to understand I was thinking about starting new from the commit before the bumps
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these changes were included in the main litmus repo I will remove it from the pr.
Signed-off-by: aryan <aryan1bhokare@gmail.com>
Signed-off-by: aryan <aryan1bhokare@gmail.com>
@@ -569,6 +593,20 @@ func LeaveProject(service services.ApplicationService) gin.HandlerFunc { | |||
return | |||
} | |||
|
|||
if member.Role == nil || *member.Role == entities.RoleOwner { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why are we checking member.Role == nil
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
because if we don't, it gives a runtime error attempting to access or deference nil pointer
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
2024/04/09 14:28:53 [Recovery] 2024/04/09 - 14:28:53 panic recovered:
runtime error: invalid memory address or nil pointer dereference
/usr/local/go/src/runtime/panic.go:261 (0x4556d7)
panicmem: panic(memoryError)
/usr/local/go/src/runtime/signal_unix.go:881 (0x4556a5)
sigpanic: panicmem()
/home/aryan/Desktop/dev2/lfx/litmus/chaoscenter/authentication/api/handlers/rest/project_handler.go:595 (0xc540df)
ProjectRouter.LeaveProject.func16: if *member.Role == entities.RoleOwner {
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/context.go:174 (0xc1972a)
(*Context).Next: c.handlers[c.index](c)
/home/aryan/Desktop/dev2/lfx/litmus/chaoscenter/authentication/api/middleware/jwt_middlware.go:33 (0xc5824e)
ProjectRouter.JwtMiddleware.func1: c.Next()
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/context.go:174 (0xc1972a)
(*Context).Next: c.handlers[c.index](c)
/home/aryan/Desktop/dev2/lfx/litmus/chaoscenter/authentication/api/middleware/jwt_middlware.go:33 (0xc5b54e)
UserRouter.JwtMiddleware.func3: c.Next()
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/context.go:174 (0xc26619)
(*Context).Next: c.handlers[c.index](c)
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/recovery.go:102 (0xc26607)
CustomRecoveryWithWriter.func1: c.Next()
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/context.go:174 (0xc2575c)
(*Context).Next: c.handlers[c.index](c)
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/logger.go:240 (0xc25743)
LoggerWithConfig.func1: c.Next()
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/context.go:174 (0xc24c4d)
(*Context).Next: c.handlers[c.index](c)
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/gin.go:620 (0xc248dc)
(*Engine).handleHTTPRequest: c.Next()
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/gin.go:576 (0xc24411)
(*Engine).ServeHTTP: engine.handleHTTPRequest(c)
/usr/local/go/src/net/http/server.go:3137 (0x800ced)
serverHandler.ServeHTTP: handler.ServeHTTP(rw, req)
/usr/local/go/src/net/http/server.go:2039 (0x7fbfc7)
(*conn).serve: serverHandler{c.server}.ServeHTTP(w, w.req)
/usr/local/go/src/runtime/asm_amd64.s:1695 (0x472c20)
goexit: BYTE $0x90 // NOP
} | ||
|
||
err = service.UpdateMemberRole(member.ProjectID, member.UserID, member.Role) | ||
if err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should also add one more check for a case: There is only 1 owner and that owner is trying update their role to viewer/editor. In this case there will be no project owner. 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sure I'll do that
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How about a check to not allow the logged in user to change their own project roles. This will cover all the conditions. Please check on feasibility of this approach and race conditions if any
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes that would be better. cc: @aryan-bhokare
Owner can delete project with help of this API. Signed-off-by: aryan <aryan1bhokare@gmail.com>
Signed-off-by: aryan <aryan1bhokare@gmail.com>
…kend Signed-off-by: Aryan Bhokare <92683836+aryan-bhokare@users.noreply.github.com>
Signed-off-by: aryan <aryan1bhokare@gmail.com>
chaoscenter/authentication/api/handlers/rest/project_handler.go
Outdated
Show resolved
Hide resolved
// @Router /delete_project [post] | ||
// | ||
// DeleteProject is used to delete a project. | ||
func DeleteProject (service services.ApplicationService) gin.HandlerFunc { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All the resources related to the deleted project should also be deleted. This change can go in a different PR
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lets do that in different pr.
chaoscenter/authentication/api/handlers/rest/project_handler.go
Outdated
Show resolved
Hide resolved
User cannot change role of their own, so that it will avoid edge cases like 1. User is the last owner of the project. 2. User accidentally losing owner access to the projects. Signed-off-by: aryan <aryan1bhokare@gmail.com>
Signed-off-by: aryan <aryan1bhokare@gmail.com>
93808b1
to
fef4c59
Compare
Signed-off-by: aryan <aryan1bhokare@gmail.com>
fef4c59
to
4a10fe3
Compare
Signed-off-by: aryan <aryan1bhokare@gmail.com>
a954d11
to
33dec51
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks good to me 🚀
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me 🚀 , great work
Thank you 🚀 |
0e51dbf
into
litmuschaos:multiple-owner-support
closes #3958 #4161
Proposed changes
Work done:
GetProjectOwners
.SendInvitation
API.LeaveProject
API.UpdateMemberRole
.DeleteProject
.Types of changes
What types of changes does your code introduce to Litmus? Put an
x
in the boxes that applyChecklist
Put an
x
in the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. We're here to help! This is simply a reminder of what we are going to look for before merging your code.Dependency
Special notes for your reviewer: