Add support for the editor role
#738
Conversation
✅ Deploy Preview for kaleidoscopic-dango-0cf31d canceled.
|
nkaretnikov
added
type: enhancement 💅🏼
status: in progress 🏗
area: user experience 👩🏻💻
nkaretnikov
force-pushed
the
role-editor-675
branch
from
5f22c1c
to
f74e867
Compare
| Lets go through a few examples to make this more concrete and assume | ||
| Additionally, the role `editor` can be used, which is an alias for `developer`. | ||
|
|
||
| Let's go through a few examples to make this more concrete and assume |
There was a problem hiding this comment.
Typo fix: "Lets" -> "Let's"
One of the previous commits explicitly defined both aliases in `role_mappings`, but that was wrong because only one value is used in the DB, which is `developer`. Instead, you need to map `developer` from the DB to `role_mappings`, which can either have `editor` (new name) or `developer` (legacy name). The new name is checked first, then the old one.
| # Additionally, this code allows for legacy 'role_mappings' that | ||
| # used to specify the role as 'developer'. Because it's a | ||
| # user-visible setting, we cannot break compatibility here | ||
| assert role != "editor" # must NEVER be 'editor' in the DB |
There was a problem hiding this comment.
An assert outside of a test strikes me as odd. Looking into it, it seems like some compilation flags remove assert statements. If this check is valuable, I think raising an exception here would be more valuable. However, I am not sure that this represents an unrecoverable error, since we would still know what to do with that data. We could just handle it and log an warning that data that shouldn't be in the db is. Or if it really does represent an unrecoverable error, than raising an exception seems better than an assert.
There was a problem hiding this comment.
@dcmcand Changed to raise. It's not unrecoverable, but it's a mistake that's easy to make when potentially refactoring or adding new DB APIs.
For example, see the change in conda-store-server/conda_store_server/api.py in this PR. The old code would bypass validate_role because .update is a lowel-level API, which just skips ORM validation logic. That was caught by the tests, which is how I noticed. But we might not have good coverage for some new yet to be added APIs, so I want to make sure this is never a problem.
dcmcand
added
status: needs changes 🧱
and removed
status: in progress 🏗
needs: review 👀
labels
nkaretnikov
added
status: in progress 🏗
needs: review 👀
and removed
status: needs changes 🧱
labels
|
@dcmcand PTAL. Note: I want to keep the diff minimal to make it easier to review, I'll rebase after this is approved. |
pavithraes
added
status: merge ready 🚀
and removed
status: in progress 🏗
needs: review 👀
labels
Fixes #675.
Description
This pull request:
editorfordeveloperto role mappings, which is supported by the HTTP API and the DBThe auth flow is as follows:
editorordeveloper)developer)role_mappingsdeveloperfrom the DB is matched againsteditorordeveloperinrole_mappings(in this order).All user-visible parameters (the HTTP API and the
role_mappingssetting) allow for botheditoranddeveloper.The name
editoris preferred, which is reflected in the documentation.The name
developeris supported for compatibility reasons.How I tested this locally:
role_mappingsare actually used by the test, I commented outeditorin the defaultrole_mappingsdeveloperis still supported, I replacededitorwithdeveloperin the defaultrole_mappingseditorin the defaultrole_mappingsAfter making each of these changes in the application, I ran
PYTEST_ADDOPTS="-rpfxs -k test_end_to_end_auth_flow" pytest testsand looked at the test output.
Pull request checklist
Additional information