Closed
Bug 975413
Opened 10 years ago
Closed 10 years ago
Fireplace should call search API without authentication credentials
Categories
(Marketplace Graveyard :: API, defect, P2)
Tracking
(Not tracked)
VERIFIED
FIXED
2014-03-11
People
(Reporter: mat, Unassigned)
Details
(Keywords: perf)
To improve its cacheability, we need to remove everything that's user-dependant from the search API and start requesting it without ?_user param. The 'user' key on each app in the result that contains installed/developed/purchased flags should be obsolete once bug 969433 is done, at least on the fireplace endpoint. However, there is another piece of code in the search API that is dependant on the user: the region bypass system. If you are a collection curator or have the Regions:BypassFilters permission, you are allowed to pass the special region=None parameter (called "No region in search" in fireplace) in order to search for apps everywhere and not just in your current region. AFAIK this system is used by payment testers before we enable payments in a region (not entirely sure how that works, though) and collection curators, since there is no lookup search API. The ultimate goal is to improve cacheability, so we need fireplace calls to search/featured to be anonymous, at least for all normal users. So I see 2 options: 1) We remove that check and allow everyone to pass region=None. We modify fireplace to make all search requests anonymous. 2) We keep that check. In fireplace, we only pass user info to the endpoint if the user has the relevant permission. Thoughts ?
Reporter | ||
Updated•10 years ago
|
Flags: needinfo?(krupa.mozbugs)
Flags: needinfo?(amckay)
Comment 1•10 years ago
|
||
We decided just Friday to stop the use of Regions:BypassFilters for testing of payments. Testing in that way isn't really of value and something we don't think its worth supporting. So please do whatever makes the most sense for you.
Flags: needinfo?(krupa.mozbugs)
Flags: needinfo?(amckay)
Reporter | ||
Comment 3•10 years ago
|
||
https://github.com/mozilla/fireplace/pull/384 https://github.com/mozilla/zamboni/pull/1821 https://github.com/mozilla/zamboni/pull/1822
Status: NEW → ASSIGNED
Target Milestone: --- → 2014-03-11
Reporter | ||
Comment 4•10 years ago
|
||
Merged: - https://github.com/mozilla/zamboni/commit/f9ac5aa699886e40f319a9df4e273d54095463c4 - https://github.com/mozilla/zamboni/commit/062e6775b1aa54bb873c49944715ba47845081bb
Reporter | ||
Comment 5•10 years ago
|
||
Merged https://github.com/mozilla/fireplace/commit/6778c8af8672330b6c516ef55424514a1b58698b STR: - Go to consumer pages while logged out. - Open debug page, select "no region in search" region - Make sure the homepage works, do a search, you should see apps. - Go to consumer pages, log in - In network tab, make sure requests to search and categories api are done without the '_user' parameter in the URL Also retest scenarios from bug 969433.
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Comment 6•10 years ago
|
||
Scenario 1(logged out, no region in search): Verified as fixed Scenario 2(logged in) : Verified as fixed in network tab : _user parameter is not seen in the URL Scenario 3: Verified everything from bug 969433
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•