Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NOISSUE - Fix: Clients, Channels roles initialization and Channels connection Authz #2663

Merged
merged 1 commit into from
Jan 27, 2025
Merged

NOISSUE - Fix: Clients, Channels roles initialization and Channels connection Authz #2663

merged 1 commit into from
Jan 27, 2025

Conversation

arvindh123
Copy link
Contributor

What type of PR is this?

What does this do?

Which issue(s) does this PR fix/relate to?

  • Related Issue #
  • Resolves #

Have you included tests for your changes?

Did you document any new/modified feature?

Notes

@arvindh123 arvindh123 requested a review from a team as a code owner January 23, 2025 16:46
@arvindh123 arvindh123 force-pushed the remove_domain_user branch 2 times, most recently from 85b38df to f4c1d1b Compare January 23, 2025 16:50
ianmuchyri
ianmuchyri previously approved these changes Jan 24, 2025
View reviewed changes
@ianmuchyri ianmuchyri mentioned this pull request Jan 24, 2025
Merged
dborovcanin
dborovcanin requested changes Jan 24, 2025
View reviewed changes
channels/service.go
@@ -40,8 +40,8 @@ type service struct {

var _ Service = (*service)(nil)

func New(repo Repository, policy policies.Service, idProvider supermq.IDProvider, clients grpcClientsV1.ClientsServiceClient, groups grpcGroupsV1.GroupsServiceClient, sidProvider supermq.IDProvider) (Service, error) {
rpms, err := roles.NewProvisionManageService(policies.ChannelType, repo, policy, sidProvider, AvailableActions(), BuiltInRoles())
func New(repo Repository, policy policies.Service, idProvider supermq.IDProvider, clients grpcClientsV1.ClientsServiceClient, groups grpcGroupsV1.GroupsServiceClient, sidProvider supermq.IDProvider, availableActions []roles.Action, builtInRoles map[roles.BuiltInRoleName][]roles.Action) (Service, error) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This signature looks messy. We have id provider twice, and we have way too many params. Can we group roles and actions (maybe something else as well) to a new config struct?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is still not addressed.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Roles need short ID provider, but now we are using uuid for role , it is making the url path longer.
Already we are domain id and entity id in url.

Example requests:
For instance if Client id is 87714e08-3087-476e-8a12-c7bee595b31d client role id is client_4tuyg19Dwd6AzwmnbWr3v6Wm and domain id is 960c325a-c973-45f8-9c0b-f9f686941c7b

  • Get All actions of client
    Method: GET URL: http://localhost/960c325a-c973-45f8-9c0b-f9f686941c7b/clients/87714e08-3087-476e-8a12-c7bee595b31d/roles/client_4tuyg19Dwd6AzwmnbWr3v6Wm/actions

  • Add All actions
    Method: POST URL: http://localhost/960c325a-c973-45f8-9c0b-f9f686941c7b/clients/87714e08-3087-476e-8a12-c7bee595b31d/roles/client_4tuyg19Dwd6AzwmnbWr3v6Wm/actions

  • Delete actions
    Method: POST URL: http://localhost/960c325a-c973-45f8-9c0b-f9f686941c7b/clients/87714e08-3087-476e-8a12-c7bee595b31d/roles/client_4tuyg19Dwd6AzwmnbWr3v6Wm/actions/delete

  • Delete all actions
    Method: POST URL: http://localhost/960c325a-c973-45f8-9c0b-f9f686941c7b/clients/87714e08-3087-476e-8a12-c7bee595b31d/roles/client_4tuyg19Dwd6AzwmnbWr3v6Wm/actions/delete-all

  • Get All members
    Method: GET URL: http://localhost/960c325a-c973-45f8-9c0b-f9f686941c7b/clients/87714e08-3087-476e-8a12-c7bee595b31d/roles/client_4tuyg19Dwd6AzwmnbWr3v6Wm/members

  • Add All members
    Method: POST URL: http://localhost/960c325a-c973-45f8-9c0b-f9f686941c7b/clients/87714e08-3087-476e-8a12-c7bee595b31d/roles/client_4tuyg19Dwd6AzwmnbWr3v6Wm/members

  • Delete members
    Method: POST URL: http://localhost/960c325a-c973-45f8-9c0b-f9f686941c7b/clients/87714e08-3087-476e-8a12-c7bee595b31d/roles/client_4tuyg19Dwd6AzwmnbWr3v6Wm/members

  • Delete all members
    Method: POST URL: http://localhost/960c325a-c973-45f8-9c0b-f9f686941c7b/clients/87714e08-3087-476e-8a12-c7bee595b31d/roles/client_4tuyg19Dwd6AzwmnbWr3v6Wm/members/delete-all

Here Role ID : client_4tuyg19Dwd6AzwmnbWr3v6Wm is encoded using https://github.com/sqids/sqids-go
The code is here https://github.com/absmach/supermq/blob/main/pkg/sid/sid.go

So something like this https://github.com/teris-io/shortid we need
Because of licenses i could decide which one to use

Related to AvailableActions and BuiltInRoles could not be combined because they are using for different purpose.
AvailableActions is list of string which helps user to understand which actions can be added to role.
BuiltInRole contains map of built in role with respective actions , which will automatically added to entity during it creation process

dborovcanin
dborovcanin requested changes Jan 26, 2025
View reviewed changes
channels/api/grpc/request.go Outdated
"github.com/absmach/supermq/pkg/policies"
)

var errDomainID = errors.New("domain id required for user type")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's make messages less cryptic: domain ID required for users.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changed

channels/service.go
@@ -40,8 +40,8 @@ type service struct {

var _ Service = (*service)(nil)

func New(repo Repository, policy policies.Service, idProvider supermq.IDProvider, clients grpcClientsV1.ClientsServiceClient, groups grpcGroupsV1.GroupsServiceClient, sidProvider supermq.IDProvider) (Service, error) {
rpms, err := roles.NewProvisionManageService(policies.ChannelType, repo, policy, sidProvider, AvailableActions(), BuiltInRoles())
func New(repo Repository, policy policies.Service, idProvider supermq.IDProvider, clients grpcClientsV1.ClientsServiceClient, groups grpcGroupsV1.GroupsServiceClient, sidProvider supermq.IDProvider, availableActions []roles.Action, builtInRoles map[roles.BuiltInRoleName][]roles.Action) (Service, error) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is still not addressed.

@dborovcanin dborovcanin merged commit ef32836 into absmach:main Jan 27, 2025
5 of 7 checks passed
@dborovcanin dborovcanin deleted the remove_domain_user branch January 27, 2025 09:46
@dborovcanin dborovcanin mentioned this pull request Jan 29, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dborovcanin dborovcanin dborovcanin approved these changes

@ianmuchyri ianmuchyri ianmuchyri left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@arvindh123 @dborovcanin @ianmuchyri