feat(authN): Add to all DB entries 'Modified_by'... (#81) #230
Conversation
michalkrzyz
force-pushed
the
mikrzyz/issue-81
branch
from
e084f8b
to
cb2f9c1
Compare
michalkrzyz
force-pushed
the
mikrzyz/issue-81
branch
7 times, most recently
from
94c222f
to
2cdfe8c
Compare
michalkrzyz
force-pushed
the
mikrzyz/issue-81
branch
from
2cdfe8c
to
b8d5d0a
Compare
There was a problem hiding this comment.
Most queries don't include the createdBy and updatedBy fields. Do we want to add them?
There was a problem hiding this comment.
I have added them only in the files used directly in testing of 'createdBy'/'updatedBy'
| @@ -104,6 +104,7 @@ func (e *evidenceHandler) ListEvidences(filter *entity.EvidenceFilter, options * | |||
| } | |||
|
|
|||
| func (e *evidenceHandler) CreateEvidence(evidence *entity.Evidence) (*entity.Evidence, error) { | |||
| evidence.CreatedBy = "Creator" | |||
| @@ -208,9 +211,11 @@ func (s *SqlDatabase) CreateActivity(activity *entity.Activity) (*entity.Activit | |||
|
|
|||
| query := ` | |||
| INSERT INTO Activity ( | |||
There was a problem hiding this comment.
aren't we missing the updated_by field? This is also in the other db queries the case
There was a problem hiding this comment.
Do we need to insert it during creation of an object? is it possible that updatedBy will be given when the object is created in database?
There was a problem hiding this comment.
In theory we can do that via a trigger on the DB layer, yes. But than we need to add the trigger to each DB Table. Its probably more work then just adding it here.
michalkrzyz
force-pushed
the
mikrzyz/issue-81
branch
from
353848a
to
f4ce3e7
Compare
|
I think we need to update the |
There was a problem hiding this comment.
From my perspective, I'd like in this PR the metadata removed from the entities where it should not be part of. @MR2011 did a good job spotting them.
For the other open topics I would suggest creating tickets:
-
As well the topic of adding udpated_by for delete operations
-
instead of getting users by fixed "uniuqeUserId" in each handler write a functionality on the app layer to get the authenticated user (this can then for now do this "statical" fetching)
-
Address Todos
-
Add updated_by to inserts
|
|
||
| func GetUserId(db database.Database, uniqueUserId string) (int64, error) { | ||
| filter := &entity.UserFilter{UniqueUserID: []*string{&uniqueUserId}} | ||
| ids, err := db.GetAllUserIds(filter) |
There was a problem hiding this comment.
Better get the whole User, we probably going to replace the "AllUserIDs" thing with a "AllCursors" thing
There was a problem hiding this comment.
We could also keep the "GetAllUserIds" function though. Have no strong opinion here!
There was a problem hiding this comment.
"S0000000" is current placeholder, when OIDC auth will be ready we will have correct user name and these name will be existing entry in database.
Anyway we have an option to disable authentication so in this case it will be needed to have some "nobody", "anonymous", "guest" or "none" user, whatever we will name it.
Second problem will be authentication via JWT token, I guess we would need some scannerUser, or we would need to validate user name from JWT (or use systemuser for mentioned purpose).
| @@ -208,9 +211,11 @@ func (s *SqlDatabase) CreateActivity(activity *entity.Activity) (*entity.Activit | |||
|
|
|||
| query := ` | |||
| INSERT INTO Activity ( | |||
There was a problem hiding this comment.
In theory we can do that via a trigger on the DB layer, yes. But than we need to add the trigger to each DB Table. Its probably more work then just adding it here.
michalkrzyz
force-pushed
the
mikrzyz/issue-81
branch
3 times, most recently
from
90403c6
to
ca99077
Compare
michalkrzyz
force-pushed
the
mikrzyz/issue-81
branch
7 times, most recently
from
e1718c2
to
7b188a6
Compare
Move 'CreatedAt', 'DeletedAt' and 'UpdatedAt' to common entity.Info struct Add 'CreatedBy' and 'UpdatedBy' to common entity.Info struct Add metadata for user Add tests Add metadata for activity, IssueVariant and IssueRepository Add metadata for component Add metadata for componentInstance, componentVersion Add metadata for evidence Issue Metadata rename to IssueMetadata, because now metadata means data related to creation time, creation user, update time and update user Add Metadata for Issue Add metadata for IssueMatch Add Metadata for IssueMatchChange, Service and SupportGroup Refactor and review fixes Test foreign key Add Foreign Key changed issueMetadata and serviceMetadata to objectMetadata
michalkrzyz
force-pushed
the
mikrzyz/issue-81
branch
from
7b188a6
to
9ef9651
Compare
* feat(authN): Add to all DB entries 'Modified_by'... (#81) Move 'CreatedAt', 'DeletedAt' and 'UpdatedAt' to common entity.Info struct Add 'CreatedBy' and 'UpdatedBy' to common entity.Info struct Add metadata for user Add tests Add metadata for activity, IssueVariant and IssueRepository Add metadata for component Add metadata for componentInstance, componentVersion Add metadata for evidence Issue Metadata rename to IssueMetadata, because now metadata means data related to creation time, creation user, update time and update user Add Metadata for Issue Add metadata for IssueMatch Add Metadata for IssueMatchChange, Service and SupportGroup Refactor and review fixes Test foreign key Add Foreign Key changed issueMetadata and serviceMetadata to objectMetadata * chore: bumping for re-trigger * Automatic application of license header --------- Co-authored-by: David Rochow <[email protected]> Co-authored-by: License Bot <[email protected]>
Move 'CreatedAt', 'DeletedAt' and 'UpdatedAt' to common entity.Info struct
Add 'CreatedBy' and 'UpdatedBy' to common entity.Info struct
Description
Please include a summary of the changes and the related issue. Please also include relevant motivation and context. List any dependencies that are required for this change.
What type of PR is this? (check all applicable)
Related Tickets & Documents
Added tests?
Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration
Added to documentation?
Checklist