Closed
Bug 1370220
Opened 7 years ago
Closed 7 years ago
handle 404s from /api/users/current better
Categories
(Release Engineering Graveyard :: Applications: Balrog (frontend), enhancement, P3)
Release Engineering Graveyard
Applications: Balrog (frontend)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: bhearsum, Assigned: vikas_mahato, Mentored)
References
Details
(Whiteboard: [lang=js][lang=html][good first bug][ready])
Current, if a user has no permissions nor roles, any request to /api/users/current will generate a 404. This is correct (the user doesn't exist in the db), but in order to support this kind of "read only" user, we shouldn't an error for it.
|
Reporter | |
Updated•7 years ago
|
Mentor: bhearsum
Whiteboard: [lang=js][lang=html] → [lang=js][lang=html][good first bug][ready]
|
Assignee | |
Comment 1•7 years ago
|
||
Hi, I am getting started with open source and would like to work on this bug.Can you assign it to me?
|
|
Reporter | |
Comment 2•7 years ago
|
||
(In reply to Vikas Prasad Mahato from comment #1) > Hi, > I am getting started with open source and would like to work on this bug.Can > you assign it to me? Absolutely!
Assignee: nobody → vikasmahato0
|
|
Assignee | |
Comment 3•7 years ago
|
||
I have set up my development environment as per the instructions given on http://mozilla-balrog.readthedocs.io/en/latest/contribute.html Please guide me on how to proceed further with this bug
|
|
Reporter | |
Comment 4•7 years ago
|
||
(In reply to Vikas Prasad Mahato from comment #3) > I have set up my development environment as per the instructions given on > http://mozilla-balrog.readthedocs.io/en/latest/contribute.html > Please guide me on how to proceed further with this bug Unfortunately, this bug is very difficult to reproduce locally, but what we're trying to do is stop sending 404s when the current user has no Permissions or Roles, and queries /api/users/current. This endpoint is implemented in https://github.com/mozilla/balrog/blob/28af89fcc56c7ed88669ef4c33df53161ef2ba76/auslib/web/admin/views/permissions.py#L32, so that's the code you'll need to touch. You should also adjust and add (as necessary) test cases for this new behaviour in https://github.com/mozilla/balrog/blob/28af89fcc56c7ed88669ef4c33df53161ef2ba76/auslib/test/admin/views/test_permissions.py#L20. It's important that we continue to return 404s when a _specific_ user is requested, eg: /api/users/foo@bar.com -- we should only avoid sending them for /api/users/current.
|
|
Assignee | |
Comment 5•7 years ago
|
||
(In reply to Ben Hearsum (:bhearsum) from comment #4) > (In reply to Vikas Prasad Mahato from comment #3) > > I have set up my development environment as per the instructions given on > > http://mozilla-balrog.readthedocs.io/en/latest/contribute.html > > Please guide me on how to proceed further with this bug > > Unfortunately, this bug is very difficult to reproduce locally, but what > we're trying to do is stop sending 404s when the current user has no > Permissions or Roles, and queries /api/users/current. This endpoint is > implemented in > https://github.com/mozilla/balrog/blob/ > 28af89fcc56c7ed88669ef4c33df53161ef2ba76/auslib/web/admin/views/permissions. > py#L32, so that's the code you'll need to touch. You should also adjust and > add (as necessary) test cases for this new behaviour in > https://github.com/mozilla/balrog/blob/ > 28af89fcc56c7ed88669ef4c33df53161ef2ba76/auslib/test/admin/views/ > test_permissions.py#L20. > > It's important that we continue to return 404s when a _specific_ user is > requested, eg: /api/users/foo@bar.com -- we should only avoid sending them > for /api/users/current. What should be expected when /api/users/current is requested and the current user has no Permissions or Roles
|
|
Reporter | |
Comment 6•7 years ago
|
||
(In reply to Vikas Prasad Mahato from comment #5) > (In reply to Ben Hearsum (:bhearsum) from comment #4) > > (In reply to Vikas Prasad Mahato from comment #3) > > > I have set up my development environment as per the instructions given on > > > http://mozilla-balrog.readthedocs.io/en/latest/contribute.html > > > Please guide me on how to proceed further with this bug > > > > Unfortunately, this bug is very difficult to reproduce locally, but what > > we're trying to do is stop sending 404s when the current user has no > > Permissions or Roles, and queries /api/users/current. This endpoint is > > implemented in > > https://github.com/mozilla/balrog/blob/ > > 28af89fcc56c7ed88669ef4c33df53161ef2ba76/auslib/web/admin/views/permissions. > > py#L32, so that's the code you'll need to touch. You should also adjust and > > add (as necessary) test cases for this new behaviour in > > https://github.com/mozilla/balrog/blob/ > > 28af89fcc56c7ed88669ef4c33df53161ef2ba76/auslib/test/admin/views/ > > test_permissions.py#L20. > > > > It's important that we continue to return 404s when a _specific_ user is > > requested, eg: /api/users/foo@bar.com -- we should only avoid sending them > > for /api/users/current. > > > What should be expected when /api/users/current is requested and the current > user has no Permissions or Roles A 200 should be returned with the following json in the body: { "permissions": {}, "roles": {}, "username": "bhearsum@mozilla.com" }
|
|
Assignee | |
Comment 7•7 years ago
|
||
Can you please see this and let me know whether this would work since I can't reproduce the bug locally.
|
|
Assignee | |
Comment 8•7 years ago
|
||
(In reply to Vikas Prasad Mahato from comment #7) > Can you please see this and let me know whether this would work since I > can't reproduce the bug locally. https://github.com/mozilla/balrog/compare/master...vikasmahato:bug_1370220
|
|
Reporter | |
Comment 9•7 years ago
|
||
(In reply to Vikas Prasad Mahato from comment #8) > (In reply to Vikas Prasad Mahato from comment #7) > > Can you please see this and let me know whether this would work since I > > can't reproduce the bug locally. > > https://github.com/mozilla/balrog/compare/master...vikasmahato:bug_1370220 Can you open a pull request please? I can leave feedback on that.
|
|
Assignee | |
Comment 10•7 years ago
|
||
(In reply to Ben Hearsum (:bhearsum) from comment #9) > (In reply to Vikas Prasad Mahato from comment #8) > > (In reply to Vikas Prasad Mahato from comment #7) > > > Can you please see this and let me know whether this would work since I > > > can't reproduce the bug locally. > > > > https://github.com/mozilla/balrog/compare/master...vikasmahato:bug_1370220 > > Can you open a pull request please? I can leave feedback on that. Done
|
|
Assignee | |
Comment 12•7 years ago
|
||
I have requested a review on my pull request and waiting for a reply. Can you please comment on it so that I can continue with the bug.
|
|
Reporter | |
Comment 13•7 years ago
|
||
(In reply to Vikas Prasad Mahato from comment #12) > I have requested a review on my pull request and waiting for a reply. Can > you please comment on it so that I can continue with the bug. I think I replied to your latest question https://github.com/mozilla/balrog/pull/371#discussion_r134329828? Please let me know if I've missed something.
|
|
Assignee | |
Comment 14•7 years ago
|
||
I have updated the pull request. Can you review it? https://github.com/mozilla/balrog/pull/371
|
||
Comment 15•7 years ago
|
||
Commit pushed to master at https://github.com/mozilla/balrog https://github.com/mozilla/balrog/commit/fc1892df1196f732bf7b6ca5bc4b4bd6d56d5c3d bug 1370220: handle 404s from /api/users/current better (#371). r=bhearsum
|
|
Reporter | |
Comment 16•7 years ago
|
||
This is now in production, nice work Vikas!
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Comment 17•7 years ago
|
||
Thank you!!
|
||
Updated•5 years ago
|
Product: Release Engineering → Release Engineering Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•