[WIP] : Multiple project owner backend. #4536
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: aryan <aryan1bhokare@gmail.com>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Signed-off-by: aryan <aryan1bhokare@gmail.com>
aryan-bhokare
force-pushed
the
multiple-project-owner-backend
branch
from
974ff44
to
962175b
Compare
Signed-off-by: aryan <aryan1bhokare@gmail.com>
aryan-bhokare
force-pushed
the
multiple-project-owner-backend
branch
from
d43d147
to
0c8528e
Compare
| var project struct { | ||
| Members []*entities.Member `bson:"members"` | ||
| } | ||
| err := r.Collection.FindOne(context.TODO(), filter).Decode(&project) |
Check failure
Code scanning / CodeQL
Database query built from user-controlled sources
…itmuschaos#4527) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.18.0 to 0.21.0. - [Commits](golang/crypto@v0.18.0...v0.21.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.5 to 1.15.6. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.5...v1.15.6) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/golang/protobuf](https://github.com/golang/protobuf) from 1.5.3 to 1.5.4. - [Release notes](https://github.com/golang/protobuf/releases) - [Commits](golang/protobuf@v1.5.3...v1.5.4) --- updated-dependencies: - dependency-name: github.com/golang/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Raj Das <mail.rajdas@gmail.com>
This modification unables to send invite with the role as owner. Signed-off-by: aryan <aryan1bhokare@gmail.com>
This modification checks if the User is the last owner of the project and if not User can leave the project. Signed-off-by: aryan <aryan1bhokare@gmail.com>
| query := bson.D{{"_id", projectID}} | ||
| update := bson.D{{"$set", bson.M{"members.$[elem]role": role}}} | ||
|
|
||
| _, err := r.Collection.UpdateOne(context.TODO(), query, update, opts) |
Check failure
Code scanning / CodeQL
Database query built from user-controlled sources
Allows Owner to be able to leave the project. Signed-off-by: aryan <aryan1bhokare@gmail.com>
This API is used for updating role of the member in the project. Signed-off-by: aryan <aryan1bhokare@gmail.com>
aryan-bhokare
force-pushed
the
multiple-project-owner-backend
branch
from
112e819
to
77bcd91
Compare
Saranya-jena
requested changes
Apr 2, 2024
| func GetActiveProjectOwners(service services.ApplicationService) gin.HandlerFunc { | ||
| return func(c *gin.Context) { | ||
| projectID := c.Param("project_id") | ||
| // state := c.Param("state") |
There was a problem hiding this comment.
can remove if not required
chaoscenter/web/yarn.lock
Outdated
| version "1.15.5" | ||
| resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.5.tgz#54d4d6d062c0fa7d9d17feb008461550e3ba8020" | ||
| integrity sha512-vSFWUON1B+yAw1VN4xMfxgn5fTUiaOzAJCKBwIIgT/+7CuGy9+r+5gITvP62j3RmaD5Ph65UaERdOSRGUzZtgw== | ||
| version "1.15.6" |
There was a problem hiding this comment.
why is this change required?
There was a problem hiding this comment.
It happened automatically. I am unable to understand I was thinking about starting new from the commit before the bumps
There was a problem hiding this comment.
these changes were included in the main litmus repo I will remove it from the pr.
Signed-off-by: aryan <aryan1bhokare@gmail.com>
Signed-off-by: aryan <aryan1bhokare@gmail.com>
Saranya-jena
requested changes
Apr 9, 2024
| @@ -569,6 +593,20 @@ func LeaveProject(service services.ApplicationService) gin.HandlerFunc { | |||
| return | |||
| } | |||
|
|
|||
| if member.Role == nil || *member.Role == entities.RoleOwner { | |||
There was a problem hiding this comment.
Why are we checking member.Role == nil
There was a problem hiding this comment.
because if we don't, it gives a runtime error attempting to access or deference nil pointer
There was a problem hiding this comment.
2024/04/09 14:28:53 [Recovery] 2024/04/09 - 14:28:53 panic recovered:
runtime error: invalid memory address or nil pointer dereference
/usr/local/go/src/runtime/panic.go:261 (0x4556d7)
panicmem: panic(memoryError)
/usr/local/go/src/runtime/signal_unix.go:881 (0x4556a5)
sigpanic: panicmem()
/home/aryan/Desktop/dev2/lfx/litmus/chaoscenter/authentication/api/handlers/rest/project_handler.go:595 (0xc540df)
ProjectRouter.LeaveProject.func16: if *member.Role == entities.RoleOwner {
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/context.go:174 (0xc1972a)
(*Context).Next: c.handlers[c.index](c)
/home/aryan/Desktop/dev2/lfx/litmus/chaoscenter/authentication/api/middleware/jwt_middlware.go:33 (0xc5824e)
ProjectRouter.JwtMiddleware.func1: c.Next()
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/context.go:174 (0xc1972a)
(*Context).Next: c.handlers[c.index](c)
/home/aryan/Desktop/dev2/lfx/litmus/chaoscenter/authentication/api/middleware/jwt_middlware.go:33 (0xc5b54e)
UserRouter.JwtMiddleware.func3: c.Next()
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/context.go:174 (0xc26619)
(*Context).Next: c.handlers[c.index](c)
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/recovery.go:102 (0xc26607)
CustomRecoveryWithWriter.func1: c.Next()
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/context.go:174 (0xc2575c)
(*Context).Next: c.handlers[c.index](c)
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/logger.go:240 (0xc25743)
LoggerWithConfig.func1: c.Next()
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/context.go:174 (0xc24c4d)
(*Context).Next: c.handlers[c.index](c)
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/gin.go:620 (0xc248dc)
(*Engine).handleHTTPRequest: c.Next()
/home/aryan/go/pkg/mod/github.com/gin-gonic/gin@v1.9.1/gin.go:576 (0xc24411)
(*Engine).ServeHTTP: engine.handleHTTPRequest(c)
/usr/local/go/src/net/http/server.go:3137 (0x800ced)
serverHandler.ServeHTTP: handler.ServeHTTP(rw, req)
/usr/local/go/src/net/http/server.go:2039 (0x7fbfc7)
(*conn).serve: serverHandler{c.server}.ServeHTTP(w, w.req)
/usr/local/go/src/runtime/asm_amd64.s:1695 (0x472c20)
goexit: BYTE $0x90 // NOP
| } | ||
|
|
||
| err = service.UpdateMemberRole(member.ProjectID, member.UserID, member.Role) | ||
| if err != nil { |
There was a problem hiding this comment.
I think we should also add one more check for a case: There is only 1 owner and that owner is trying update their role to viewer/editor. In this case there will be no project owner. 🤔
There was a problem hiding this comment.
sure I'll do that
There was a problem hiding this comment.
How about a check to not allow the logged in user to change their own project roles. This will cover all the conditions. Please check on feasibility of this approach and race conditions if any
There was a problem hiding this comment.
Yes that would be better. cc: @aryan-bhokare
Owner can delete project with help of this API. Signed-off-by: aryan <aryan1bhokare@gmail.com>
Signed-off-by: aryan <aryan1bhokare@gmail.com>
…kend Signed-off-by: Aryan Bhokare <92683836+aryan-bhokare@users.noreply.github.com>
Signed-off-by: aryan <aryan1bhokare@gmail.com>
SarthakJain26
requested changes
Apr 10, 2024
chaoscenter/authentication/api/handlers/rest/project_handler.go
Outdated
Show resolved
Hide resolved
| // @Router /delete_project [post] | ||
| // | ||
| // DeleteProject is used to delete a project. | ||
| func DeleteProject (service services.ApplicationService) gin.HandlerFunc { |
There was a problem hiding this comment.
All the resources related to the deleted project should also be deleted. This change can go in a different PR
There was a problem hiding this comment.
Lets do that in different pr.
chaoscenter/authentication/api/handlers/rest/project_handler.go
Outdated
Show resolved
Hide resolved
User cannot change role of their own, so that it will avoid edge cases like 1. User is the last owner of the project. 2. User accidentally losing owner access to the projects. Signed-off-by: aryan <aryan1bhokare@gmail.com>
Signed-off-by: aryan <aryan1bhokare@gmail.com>
aryan-bhokare
force-pushed
the
multiple-project-owner-backend
branch
from
93808b1
to
fef4c59
Compare
Signed-off-by: aryan <aryan1bhokare@gmail.com>
aryan-bhokare
force-pushed
the
multiple-project-owner-backend
branch
from
fef4c59
to
4a10fe3
Compare
Signed-off-by: aryan <aryan1bhokare@gmail.com>
aryan-bhokare
force-pushed
the
multiple-project-owner-backend
branch
from
a954d11
to
33dec51
Compare
SarthakJain26
approved these changes
Apr 12, 2024
Thank you 🚀 |
Saranya-jena
merged commit 0e51dbf
into
litmuschaos:multiple-owner-support
4 of 5 checks passed
9 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
closes #3958 #4161
Proposed changes
Work done:
GetProjectOwners.SendInvitationAPI.LeaveProjectAPI.UpdateMemberRole.DeleteProject.Types of changes
What types of changes does your code introduce to Litmus? Put an
xin the boxes that applyChecklist
Put an
xin the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. We're here to help! This is simply a reminder of what we are going to look for before merging your code.Dependency
Special notes for your reviewer: