Skip to content

Add user to orgs by default#371

Merged
sleepycat merged 2 commits into
masterfrom
add-user-to-orgs-by-default
May 7, 2020
Merged

Add user to orgs by default#371
sleepycat merged 2 commits into
masterfrom
add-user-to-orgs-by-default

Conversation

@sleepycat

@sleepycat sleepycat commented May 7, 2020

Copy link
Copy Markdown
Contributor

This commit started it's life as a relatively small feature adding a user to an
org by default to ensure that users has a usable account after logging in, but
ended up with some serious mission creep.

Writing tests for this feature uncovered a lack of isolation between
tests, and tests that mostly failed with KeyError or
'NoneType' object is not subscriptable errors, as well as test data with
clashing ids.

This change had some far reaching consequences and I basically kept reworking
the tests until the isolation errors went away and I could tell if the "user
orgs" feature had actually broken stuff. If it did, I fixed that too.

sleepycat added 2 commits May 4, 2020 15:43
This commit creates an org for each user that is created. This org is the
default org to which ad hoc scans will be attached.
This commit started it's life as a relatively small feature adding a user to an
org by default to ensure that users has a usable account after logging in, but
ended up with some serious mission creep.

Writing tests for this feature uncovered a lack of isolation between
tests, and tests that mostly failed with `KeyError` or
`'NoneType' object is not subscriptable` errors, as well as test data with
clashing ids.

This change had some far reaching consequences and I basically kept reworking
the tests until the isolation errors went away and I could tell if the "user
orgs" feature had actually broken stuff. If it did, I fixed that too.
@sleepycat
sleepycat requested a review from tparrott-cse May 7, 2020 04:47
elif user_claims:
user_id = user_claims[0]['user_id']
with app.app_context():
# XXX: affiliations should have been eager loaded with joinedload

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The user_id is being pulled from the jwt, and the reason why there is another query to user_affiliations is to confirm that the users access is up to date and has not been modified since initial login

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we did a joinedload and loaded both the user and their affiliations in one shot at the beginning of the request that would be good. But I guess you're getting at the idea that another thread/query could change the state in the db between that inital load and when this gets executed. I'll have to think about that.

payload = {
"exp": datetime.datetime.utcnow()
+ datetime.timedelta(days=0, seconds=1800),
+ datetime.timedelta(days=0, seconds=1800), # XXX: too short

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When this was initially created Po approved the 30min time limit

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ha! We'll have to figure that out. I was finding that was so short that it was actually invalidating my jwts while I was debugging stuff!

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh I know that feeling 😂

}
user_roles.append(temp_dict)
else:
# XXX: Roles is [] || [""] || [{}]?

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I forget the exact reason why its set like this

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No worries! Little breadcrumbs leading us back to things to simplify.

@tparrott-cse tparrott-cse left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM -- with the understanding we should come back through this code base and look for optimizations such as your joinedload suggestions.

@sleepycat
sleepycat merged commit 256ad4b into master May 7, 2020
@sleepycat
sleepycat deleted the add-user-to-orgs-by-default branch May 7, 2020 18:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants