move balrog whitelist checks out of AUSDatabase

RESOLVED FIXED

Status

Release Engineering
Balrog: Backend
RESOLVED FIXED
3 years ago
9 months ago

People

(Reporter: bhearsum, Assigned: vjoshi)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/2750] )

(Reporter)

Description

3 years ago
We do some whitelisted domain checks in db.py, which means that we need to give it knowledge of the domain whitelist. These checks are probably better done at the web layer instead, as long as we can factor them out to avoid massive duplication.

From Nick's review in bug 1021018:
> ::: admin.wsgi
> @@ +30,5 @@
> >  auslib.log.cef_config = auslib.log.get_cef_config(cfg.getCefLogfile())
> > +dbo.setDb(cfg.getDburi())
> > +dbo.setupChangeMonitors(cfg.getSystemAccounts())
> > +dbo.setDomainWhitelist(cfg.getDomainWhitelist())
> > +application.config['WHITELISTED_DOMAINS'] = cfg.getDomainWhitelist()
> 
> Setting this twice is a little odd. Perhaps we can look at moving
> containsForbiddenDomain() into the code that handles API calls. Fodder for a
> followup if it's worthwhile.

Updated

3 years ago
Whiteboard: [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/2742]

Updated

3 years ago
Whiteboard: [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/2742] → [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/2750]
(Reporter)

Comment 1

10 months ago
The blob classes might be the best place, actually, since finding the file urls is blob-specific.
(Assignee)

Updated

9 months ago
Assignee: nobody → varunj.1011

Comment 2

9 months ago
Commit pushed to master at https://github.com/mozilla/balrog

https://github.com/mozilla/balrog/commit/53f48d4519df5fc709cbd6b28097af2d57ebef37
Bug 1041584 - move balrog whitelist checks out of AUSDatabase (#121). r=bhearsum
(Reporter)

Updated

9 months ago
Depends on: 1304054
(Reporter)

Comment 3

9 months ago
This is in production now. Thanks Varun!
Status: NEW → RESOLVED
Last Resolved: 9 months ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.