Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: call gsuite-wrapper on key moments #183

Draft
wants to merge 7 commits into
base: stable
Choose a base branch
from

Conversation

linuxbandit
Copy link
Member

@linuxbandit linuxbandit commented Nov 22, 2020

we can change superagent if needed. Some things are still quite rough and only placeholders.

The things that needs work are:

  1. transliteration
  2. unique name checking
  3. workflows checking
  4. create a user on gsuite when the members list are uploaded (danger zone)

@linuxbandit linuxbandit marked this pull request as draft November 22, 2020 21:51
@linuxbandit linuxbandit requested a review from WikiRik November 22, 2020 21:57
@serge1peshcoff
Copy link
Member

general comment:

  1. check out what eslint is complaining about
  2. some tests are failing apparently
  3. can we add some tests for gsuite wrapper? to stay on 100% coverage

@linuxbandit
Copy link
Member Author

tests for gsuite wrapper are already there, i don't pipeline them because I want control over them (since it involves many rapid hitting google endpoints and creating/deleting users etc, I want to be careful of the quota)

@serge1peshcoff
Copy link
Member

on tests I mean the following: mocking the request to gsuite-wrapper and checking if it works under different conditions (it returns error, garbage, valid data etc.), I have something similar for mailer so check this out as well

@WikiRik
Copy link
Member

WikiRik commented Nov 25, 2020

Workflow has been checked, everything that needs to be done is the following;

  • Implement everything from TODOs
  • Change superagent to request and request-promise-native
  • Change payload generation to new file lib/gsuite.js
  • Add tests, mock requests to gsuite-wrapper as is also done for requests to mailer
  • Add validation to the gsuite_id that checks if it does not exist in either body, circle or user

For the third point, see comment of @serge1peshcoff
"we have the payload generation and actual query inside the middleware, which I think doesn't belong here. instead, we can create a module (like lib/gsuite.js) which will contain functions that are wrappers for gsuite-wrapper requests.
check out how I call functions from mailer.js for the idea"

@WikiRik
Copy link
Member

WikiRik commented Nov 25, 2020

On the transliteration of first/last names, check the NAME_REGEX in models/User.js

familyName: req.body.last_name
},
secondaryEmail: req.body.email,
password: crypto.createHash('sha1').update(JSON.stringify(req.body.password)).digest('hex'),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@serge1peshcoff this is what needs to be changed in GSuiteWrapper

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah okay, haven't seen this comment somehow

Copy link
Member

@WikiRik WikiRik Jul 16, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's because we use the same function in two places. So it's good if we move it to a class where we can just define it once and call it twice

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

agree 100%

@@ -52,6 +52,8 @@ exports.createBody = async (req, res) => {
return errors.makeForbiddenError(res, 'Permission global:create:body is required, but not present.');
}

// TODO: if antenna, contact antenna or contact, then create GSuite account
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can also be done later

@@ -65,6 +67,8 @@ exports.updateBody = async (req, res) => {
return errors.makeForbiddenError(res, 'Permission update:body is required, but not present.');
}

// TODO: if antenna, contact antenna or contact, then update GSuite account if needed
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can also be done later

@@ -89,6 +93,7 @@ exports.setBodyStatus = async (req, res) => {
await BodyMembership.destroy({ where: { body_id: req.currentBody.id }, transaction: t });
await Circle.destroy({ where: { body_id: req.currentBody.id }, transaction: t });
await Payment.destroy({ where: { body_id: req.currentBody.id }, transaction: t });
// TODO: suspend GSuite account (if attached)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can also be done later

@@ -122,6 +127,7 @@ exports.createMember = async (req, res) => {
body_id: req.currentBody.id
});

// TODO: create active GSuite account
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can also be done later

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nevermind, this should create a GSuite account for new users. That should be implemented at the start already

@@ -63,6 +64,18 @@ exports.updateUser = async (req, res) => {
}

await req.currentUser.update(req.body, { fields: constants.FIELDS_TO_UPDATE.USER.UPDATE });

// TODO: update first/late name to GSuite account (if there is an account attached)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I mention it here, but it goes for the whole file; not every user will have a GSuite account attached (mostly older accounts) so we also need to check that we only do things if an account is attached

@WikiRik WikiRik force-pushed the feat/add-calls-to-gsuite-wrapper branch from 01d41c3 to e23e889 Compare July 15, 2021 21:43
lib/cron.js Outdated
@@ -1,4 +1,5 @@
const cron = require('node-cron');
const superagent = require('superagent');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you don't need superagent as an extra dependency for it, we have request and request-promise-native already

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know, Fabri added it before and I just kept it there. It will be replaced before it will be merged

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR is still WIP

@@ -36,6 +36,7 @@ exports.registerUser = async (req, res) => {
});

// TODO: add uniqueness check; transliterate gsuiteEmail in case of umlauts or other special characters
// TODO: probably move this elsewhere since not all MyAEGEE users need a GSuite account
const gsuiteEmail = req.body.first_name + '.' + req.body.last_name + '@' + constants.GSUITE_DOMAIN;
const payload = {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

better to do it this way: have a file to contain all gsuite functions (or even better, make it a class, like GSuiteClient, create instance of it and assign it to something like req.gsuiteClient), then you can reference this class instead of having this logic in a middleware itself

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's a great idea

// await superagent.post('gsuite-wrapper:8084/accounts?SETPASS')
if (req.currentUser.gsuite_id) {
const payload = {
password: crypto.createHash('sha1').update(JSON.stringify(req.body.password)).digest('hex')
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

github complains here, is it okay? if it is, can it be muted?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This needs to be fixed in GSuiteWrapper itself first, we can temporarily mute it if we merge this before

linuxbandit and others added 6 commits October 14, 2021 12:24
Also fixed linter and installed superagent. Superagent will have to be removed to use request
This is not in the scope of the current issues, so I removed it from here
Not all merge conflicts were resolved correctly
@WikiRik WikiRik force-pushed the feat/add-calls-to-gsuite-wrapper branch from 9b38d70 to c4f0fab Compare October 14, 2021 10:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants