Conversation
|
See https://github.com/wearefrank/ladybug/actions/runs/23439488095/job/68186164956 for tests with FF!. |
| } catch(HttpInternalServerErrorException e) { | ||
| return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build(); |
There was a problem hiding this comment.
This is very strange? Why not use an ExceptionHandler ?
The whole point of the ExceptionHandlers is to uniformly handle all exceptions of a certain type.
If you're going to catch all exceptions, why throw them in the first place?
There was a problem hiding this comment.
I intend to introduce exception handlers in a later PR. My aim with this PR is to pass a user role to the frontend and to make a start to make the UI role-dependent.
| String result = null; | ||
| // When authorization is disabled, isUserInRole() always returns true. | ||
| // Therefore we have to check for the most powerful rule first. | ||
| if (isUserInRoles(testerRoles)) { | ||
| result = TestToolApiImpl.TESTER; | ||
| } else if (isUserInRoles(dataAdminRoles)) { | ||
| result = TestToolApiImpl.DATA_ADMIN; | ||
| } else if(isUserInRoles(observerRoles)) { | ||
| result = TestToolApiImpl.OBSERVER; | ||
| } else { | ||
| result = TestToolApiImpl.NO_AUTHORIZATION; | ||
| } | ||
| log.info("Tell frontend that user is in role [{}]", result); | ||
| return result; |
There was a problem hiding this comment.
A user can have multiple roles, why not return all authorities? At least create a mechanism both implementations can use to map the roles...
There was a problem hiding this comment.
The trouble is that with JAX-RS it is not so easy to get the user role. We have two tools:
- We have a method
isUserInRoles()that receives a list of roles and that returns true if the user is in a role from the list. - From Spring we get variables that hold cumulative lists of roles.
testerRoles = IbisTester,dataAdminRoles = IbisDataAdmin, IbisAdmin, IbisTesterandobserverRoles = IbisObserver, IbisDataAdmin, IbisAdmin, IbisTester.
To get as close as possible to a single role, we must group the roles by distinguishing role. We can calculate that IbisTester < IbisTester, IbisDataAdmin, IbisAdmin < IbisTester, IbisDataAdmin, IbisAdmin, IbisObserver. Then we can use isUserInRole() to return either {IbisTester} or {IbisDataAdmin, IbisAdmin} or {IbisObserver}. Then we can have common logic to produce a result from one of IbisTester, {IbisTester}, IbisDataAdmin, IbisAdmin, {IbisDataAdmin, IbisAdmin}, IbisObserver and {IbisObserver}.
Complicated as this logic may be, it is possible to write unit tests for it. Although we produce more complex code than the code you reviewed, it is probably more trustworthy.
There was a problem hiding this comment.
Niels, we discussed this orally. Now I understand. I think this PR does it the right way now.
| log.error("Cannot read properties from existing classpath resource test.properties"); | ||
| return result; | ||
| } | ||
| String uiTestModeStr = props.getProperty("ladybug.ui.test.mode"); |
There was a problem hiding this comment.
You could just use @Value("hier") instead of creating your own properties parser...
There was a problem hiding this comment.
Then I need a class with annotation @propertysource to read my test.properties file. That file is optional - these are properties to make Ladybug behave in ways that are not relevant for real users. I am going to add properties here to let the backend throw fake exceptions. Within the @propertysource annotation I need to set ignoreResourceNotFound=true. But then I cannot inject values so easily with the @value annotation. When the property is not found, I get ${the.property} as value when the property name is the.property. I think the current approach is more appropriate. Less risk to introduce Spring configurations that may jeopardize other parts of Ladybug or the FF!.
| public static final class TestProperties { | ||
| private @Getter @Setter UI_TEST_MODE uiTestMode = UI_TEST_MODE.DEFAULT; | ||
| } |
There was a problem hiding this comment.
Why do you have a class with only 1 field? Why not just use the field directly?
There was a problem hiding this comment.
I will add the logic for fake exceptions here instead of hard coding whether to throw fake exceptions or not. Then that logic is not temporary anymore.
| if (!StringUtils.isEmpty(transformation)) { | ||
| map.put(KEY_TRANSFORMATION, transformation); | ||
| } | ||
| map.put("uiTestMode", testProperties.getUiTestMode().toString().toLowerCase()); |
There was a problem hiding this comment.
It is in a bean now. Te enum value is put in the JSON automatically.
| @if (activeTab === GLOBAL) { | ||
| <div class="form-group"> | ||
| <label>Report generator</label> | ||
| <label>Report generator{{ optionalNotAuthorized() }}</label> |
There was a problem hiding this comment.
Why don't you just disable the field with a tooltip that the user doesn't have the required roles?
|
I am busy processing review comments. I need to push to save my work. As it is now it is not ready for merging. |
|
I am busy extending the PR with extra Cypress tests for authorization. I will enable authorization with and without using the test mode. Without the test mode we login as observer and check that the control about the report generator is disabled - no option anymore to enable / disable the report generator except back to default. With the test mode and as observer, we try to disable the report generator and check that we get a toast originating from a backend error. |
|
See https://github.com/wearefrank/ladybug/actions/runs/23948757436 for test with FF!. |
|
See https://github.com/wearefrank/ladybug/actions/runs/23955165018 for the tests with the FF!. I may put this to ready for review before the tests will have finished. |
nielsm5
left a comment
nielsm5
left a comment
There was a problem hiding this comment.
Je gebruikt de testmode nu niet meer maar het zit er wel in. Zelf denk ik dat het handiger is zaken uit de codebase te houden wanneer deze niets toevoegen. (Behalve als je andere plannen hebt. Maar dan zou het eigenlijk in een los pr moeten 😉.)
3 participants
No description provided.