remove job configuration in jobInstance to enable casl authorization #1395
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ires two arguments, the new being the jobConfig property. Casl for jobs instances is restructred to use it in the if statements instead of configuration being part of jobInstance
|
Despina, I can also make a PR straight to release-jobs if you prefer. merging might be a pain.. |
despadam
reviewed
Sep 2, 2024
There was a problem hiding this comment.
Great job @sofyalaski 👏 My only comment is the following:
I tried running the mocha tests on this branch and I got these results:
1067 passing (7m)
6 pending
9 failing
1) 0300: DatasetAuthorization: Test access to dataset
0502: add a new raw dataset with specified pid as Admin:
Error: expected 201 "Created", got 400 "Bad Request"
2) 0300: DatasetAuthorization: Test access to dataset
0530: add a new raw dataset with specified pid and different owner group as Admin:
Error: expected 201 "Created", got 400 "Bad Request"
3) 0300: DatasetAuthorization: Test access to dataset
0702: add a new raw dataset with specified pid as User 2 which belongs to a create dataset with pid group:
Error: expected 201 "Created", got 400 "Bad Request"
4) 0300: DatasetAuthorization: Test access to dataset
0802: add a new raw dataset with specified pid as User 3 which belongs to a create dataset privileged group:
Error: expected 201 "Created", got 400 "Bad Request"
5) 0300: DatasetAuthorization: Test access to dataset
0830: add a new raw dataset with specified pid and different owner group as User 3 which belongs to a create dataset privileged group:
Error: expected 201 "Created", got 400 "Bad Request"
6) 0700: DerivedDataset: Derived Datasets
0130: should be able to add new derived dataset with explicit pid:
Error: expected 201 "Created", got 400 "Bad Request"
7) 0700: DerivedDataset: Derived Datasets
0150: should be able to add new derived dataset with group that is part of allowed groups and correct explicit PID:
Error: expected 201 "Created", got 400 "Bad Request"
8) 0700: DerivedDataset: Derived Datasets
0240: should delete a derived dataset with explicit PID:
Error: expected 200 "OK", got 404 "Not Found"
9) 1400: ProposalAuthorization: Test access to proposal
0040: cannot access proposal as unauthenticated user:
Error: expected 401 "Unauthorized", got 403 "Forbidden"
Then I wanted to compare with the tests on master and noticed that errors 1 - 8 are the same, but error 9 is a new one. I suspect error 9 is caused by the changes in test/TestData.js. Regarding errors 1 - 8, do we still want to allow for failing tests on master branch?
|
Hello Despina, yes, proposals error is new.. I think this was something that propagated from my cherry-picking a commit. I fixed the return code for that test to be same as a value in master |
despadam
merged commit b478fe1
into
SciCatProject:store-configVersion-in-job-schema
1 check passed
despadam
added a commit
that referenced
this pull request
Sep 3, 2024
* update job schema * store configVersion during job creation * fixes in controller * rename variable * remove job configuration in jobInstance to enable casl authorization (#1395) * wip cherry-picking commits * wip: casl for job instances before adding argument with jobConfig * merged cherry-picked commit that splits casl, jobs authorization requires two arguments, the new being the jobConfig property. Casl for jobs instances is restructred to use it in the if statements instead of configuration being part of jobInstance * fix linting * proposals pass tests --------- Co-authored-by: Sofya Laskina <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Since we decided to not store the whole configuration in the jobInstance, the casl rules needed to be rewritten. Now the function for instance access accepts two arguments, the second being the object of jobConfig class, based on which rules are rewritten.
Motivation
Not storing the full job configuration in the job Instance. Job configuration is extracted based on the type of the job from the currently loaded configuration.
Fixes:
Passing API tests with mocha
Changes:
Tests included
Documentation