zdu UID2-1776 Enforce Opt-Out Policy Check for New Participants added after 9/1/2023 #207
Conversation
| LOGGER.error("request body misses opt-out policy argument"); | ||
| ResponseUtil.ClientError(rc, "request body misses opt-out policy argument"); | ||
| return; | ||
| } |
There was a problem hiding this comment.
Can we make a function for the duplicate code?
There was a problem hiding this comment.
Refactored the code as suggested.
There was a problem hiding this comment.
The two blocks still look largely similar. How can more stuff be pushed into the common function?
There was a problem hiding this comment.
Refactored the similar code into a single method.
| @@ -1636,6 +1651,11 @@ private TokenGeneratePolicy readTokenGeneratePolicy(JsonObject req) { | |||
| TokenGeneratePolicy.defaultPolicy(); | |||
| } | |||
|
|
|||
| private boolean isAfterCutoffDate(long timestamp) { | |||
| long cutoff = Instant.parse("2023-09-01T00:00:00.00Z").getEpochSecond(); | |||
There was a problem hiding this comment.
String should be a static member
There was a problem hiding this comment.
I'd even suggest to make the whole Instant to be static final member. Or even the long. No reason to do these calculations every time.
There was a problem hiding this comment.
Refactored as suggested.
| @@ -777,6 +777,13 @@ private void handleTokenGenerateV2(RoutingContext rc) { | |||
| } | |||
| } | |||
|
|
|||
| if (isAfterCutoffDate(clientKey.getCreated()) && (!req.containsKey(TOKEN_GENERATE_POLICY_PARAM) | |||
There was a problem hiding this comment.
Why is this looking at the client API key used for auth?
There was a problem hiding this comment.
Switched to the oldest client key.
| if (isAfterCutoffDate(clientKey.getCreated()) && (!req.containsKey(TOKEN_GENERATE_POLICY_PARAM) | ||
| || TokenGeneratePolicy.fromValue(req.getInteger(TOKEN_GENERATE_POLICY_PARAM)) != TokenGeneratePolicy.respectOptOut())) { | ||
| LOGGER.error("request body misses opt-out policy argument"); | ||
| ResponseUtil.ClientError(rc, "request body misses opt-out policy argument"); |
There was a problem hiding this comment.
The message can be misleading if one specifies policy=0 in the request.
There was a problem hiding this comment.
Updated the error message.
| @@ -1636,6 +1651,11 @@ private TokenGeneratePolicy readTokenGeneratePolicy(JsonObject req) { | |||
| TokenGeneratePolicy.defaultPolicy(); | |||
| } | |||
|
|
|||
| private boolean isAfterCutoffDate(long timestamp) { | |||
| long cutoff = Instant.parse("2023-09-01T00:00:00.00Z").getEpochSecond(); | |||
There was a problem hiding this comment.
I'd even suggest to make the whole Instant to be static final member. Or even the long. No reason to do these calculations every time.
| @@ -1636,6 +1651,11 @@ private TokenGeneratePolicy readTokenGeneratePolicy(JsonObject req) { | |||
| TokenGeneratePolicy.defaultPolicy(); | |||
| } | |||
|
|
|||
| private boolean isAfterCutoffDate(long timestamp) { | |||
There was a problem hiding this comment.
In the context of this over-bloated class, isAfterCutoffDate is not descriptive enough. Cut-off for what?
There was a problem hiding this comment.
Renamed the method to be more meaningful.
zaiweidu
force-pushed
the
zdu-UID2-1776-Add-policy-check-for-Publisher
branch
from
1256174 to
6cfbbe5
Compare
| @@ -741,6 +748,68 @@ public static void validateAdvertisingToken(String advertisingTokenString, Token | |||
| } | |||
| } | |||
|
|
|||
| @ParameterizedTest | |||
| @ValueSource(strings = {"NoOutoutPolicySpecified", "WrongOutOutPolicySpecified"}) | |||
There was a problem hiding this comment.
Can you pass the policy values instead of strings? You should avoid switch (and if) statements in the unit tests.
There was a problem hiding this comment.
- The org.junit.jupiter.params.provider requires compile-time constant for annotation. Since Enum policy values aren't primitive type, I can't pass them as annotation.
- Removed Switch usage by splitting ParameterizedTest.
| req.put("policy", 0); | ||
| break; | ||
| default: | ||
| req.put("policy", 1); |
There was a problem hiding this comment.
Judging by value source above this case would never get hit?
| @@ -768,6 +771,13 @@ private void handleTokenGenerateV2(RoutingContext rc) { | |||
| } | |||
| } | |||
|
|
|||
| boolean respsctOptOut = req.containsKey(TOKEN_GENERATE_POLICY_PARAM) | |||
There was a problem hiding this comment.
Typo in variable name?
| LOGGER.error("request body misses opt-out policy argument"); | ||
| ResponseUtil.ClientError(rc, "request body misses opt-out policy argument"); | ||
| return; | ||
| } |
There was a problem hiding this comment.
The two blocks still look largely similar. How can more stuff be pushed into the common function?
Token/Generate & Identity/Map
Unit Tests (merged from @Ian-Nara's PR)