[BACK-2780] Add new user profiles endpoint.#698
Conversation
lostlevels
force-pushed
the
jimmy/BACK-2780-new-profiles-endpoint
branch
from
5abaa66 to
7d32881
Compare
toddkazakov
left a comment
toddkazakov
left a comment
There was a problem hiding this comment.
Overall it looks good. I found few issues:
- There is a lot of cruft that was copied from shoreline. I believe the majority of those functions are not used. There's no reason to keep unused code in platform, because it only leads to confusion.
- There is probably a gap in the requirements that I discovered when I read the seagull code to try and figure out why the profile endpoints require custodian permissions. In order to fully deprecate and migrate existing seagull profiles from Mongo to Keycloak, we have to provide an alternative implementation of this functionality. For each user sharing their data with a user with a given id seagull fetches the user object from shoreline and merges it with the user profile attributes stored in the profile object in mongo. The response is sanitized depending on the actual permissions of the requesting user. This deserves its own ticket, but please do some research what the linked code does and then write the requirements. The alternative implementation should be much simpler, because the user account and profiles will be stored in a single service (Keycloak).
toddkazakov
left a comment
toddkazakov
left a comment
There was a problem hiding this comment.
Looks ok, but needs to be thoroughly tested. @lostlevels please open a new ticket for reimplementing the missing seagull endpoint I mentioned in my previous review.
| return slices.Contains(TRUES, value) | ||
| } | ||
|
|
||
| func parseUsersQuery(query url.Values) *usersProfileFilter { |
There was a problem hiding this comment.
My impression is that this query is not used at all. Can we check blip and uploader?
There was a problem hiding this comment.
On checking blip and uploader it seems they are indeed no query string parameters used.
blip
platform-client
uploader
uploader
Can you confirm that no query string parameters are passed for getAssociatedUsersDetails @krystophv @gniezen @jh-bate ?
There was a problem hiding this comment.
The blip and uploader calls are all piped through the platform-client function, so I believe you're correct - no query string params are being sent.
| profile = profile.ClearPatientInfo() | ||
| } else { | ||
| if trustorPerms.HasAny(permission.Custodian, permission.Read, permission.Write) { | ||
| // TODO: need to read seagull.value.settings - confirm this is actually used |
There was a problem hiding this comment.
Settings are not part of the profile object so probably there's no need to do anything?
There was a problem hiding this comment.
I see the settings and preferences returned in the old seagull code, but don't know if they are actually used by clients. @krystophv @clintonium-119 @gniezen Do you know if the returned result of paltform-client getAssociatedUsersDetails ever uses the returned users' settings or preferences in blip or uploader?
| // TODO: need to read seagull.value.settings - confirm this is actually used | ||
| } | ||
| if trustorPerms.Has(permission.Custodian) { | ||
| // TODO: need to read seagull.value.preferences - confirm this is actually used |
There was a problem hiding this comment.
Preferences are not part of the profile object so probably there's no need to do anything?
|
/deploy qa1 auth |
|
lostlevels updated values.yaml file in qa1 |
|
lostlevels updated flux policies file in qa1 |
|
lostlevels deployed platform jimmy/BACK-2780-new-profiles-endpoint branch to qa1 namespace |
lostlevels
force-pushed
the
jimmy/BACK-2780-new-profiles-endpoint
branch
from
6d1b1c7 to
7d53e78
Compare
lostlevels
force-pushed
the
jimmy/BACK-2780-new-profiles-endpoint
branch
from
8337700 to
6fd7649
Compare
sending as `{"patient":{"about": "..."}}`.
null fields work properly w/o changes.
Handle 404 case where profile failed to migrate / migration in progress in which case should return seagull profile. Refactor / remove some role-specific logic out of api layer. Fix panics when unable to get admin token. Fix bugs found during testing.
lostlevels
force-pushed
the
jimmy/BACK-2780-new-profiles-endpoint
branch
from
6fd7649 to
97daee8
Compare
Tests that differentiate b/t trustor permissions and user vs service.
toddkazakov
left a comment
toddkazakov
left a comment
There was a problem hiding this comment.
The biggest issue are the looser permissions in /v1/users/:userId/users and the lack of sanitization in /v1/users/:userId/profile and /v1/users/legacy/:userId/profile. In addition to that, I think the code can be further cleaned up.
| if err != nil { | ||
| return err | ||
| } | ||
| } |
There was a problem hiding this comment.
You're missing a break here
| "golang.org/x/oauth2" | ||
|
|
||
| "github.com/tidepool-org/platform/pointer" | ||
| userLib "github.com/tidepool-org/platform/user" |
There was a problem hiding this comment.
This doesn't follow platform import conventions
| ) | ||
|
|
||
| const ( | ||
| tokenPrefix = "kc" |
|
|
||
| const ( | ||
| tokenPrefix = "kc" | ||
| tokenPartsSeparator = ":" |
|
|
||
| // IsValidUserID return true if the string is in a human readable uuid hex 8-4-4-4-12 format or legacy alphanumeric 10 characters | ||
| func IsValidUserID(id string) bool { | ||
| ok, _ := regexp.MatchString(`^([a-fA-F0-9]{10})$|^([a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12})$`, id) |
There was a problem hiding this comment.
Why is the regexp duplicated with the one above?
| } | ||
|
|
||
| // ClearPatientInfo makes a copy of up, clearing out certain patient information - this is called usually due to lack of permissions to the patient information | ||
| func (up *UserProfile) ClearPatientInfo() *UserProfile { |
There was a problem hiding this comment.
Should the profile implement the standard Sanitize similar to other models?
| return cfg, err | ||
| } | ||
|
|
||
| func LoadConfigPrefix(prefix string) (*Config, error) { |
There was a problem hiding this comment.
Is this used? If not, let's delete it.
| GroupsForUser(ctx context.Context, granteeUserID string) (Permissions, error) | ||
| // UsersInGroup returns permissions that the user with id sharerID has shared with others, keyed by user id. It includes the user themself. | ||
| UsersInGroup(ctx context.Context, sharerID string) (Permissions, error) | ||
| HasMembershipRelationship(ctx context.Context, granteeUserID, grantorUserID string) (has bool, err error) |
There was a problem hiding this comment.
What do you think about renaming this to UsersHaveSharingRelationship? The implementation checks bi-directionally so grantee and grantor are incorrectly used
| GetUserPermissions(ctx context.Context, requestUserID string, targetUserID string) (Permissions, error) | ||
| UpdateUserPermissions(ctx context.Context, requestUserID string, targetUserID string, permissions Permissions) error | ||
| // GroupsForUser returns permissions that have been shared with granteeUserID. It is keyed by the user that has shared something with granteeUserID. It includes the user themself. | ||
| GroupsForUser(ctx context.Context, granteeUserID string) (Permissions, error) |
There was a problem hiding this comment.
What do you think about renaming this PermissionsGrantedToUser?
| // GroupsForUser returns permissions that have been shared with granteeUserID. It is keyed by the user that has shared something with granteeUserID. It includes the user themself. | ||
| GroupsForUser(ctx context.Context, granteeUserID string) (Permissions, error) | ||
| // UsersInGroup returns permissions that the user with id sharerID has shared with others, keyed by user id. It includes the user themself. | ||
| UsersInGroup(ctx context.Context, sharerID string) (Permissions, error) |
There was a problem hiding this comment.
What do you think about renaming this PermissionsGrantedByUser?
4 participants
Since a lot of this is copy paste from shoreline, for reviewers:
shoreline/user/user.go=>platform/user/full_user.go- (because there's already a type calledUser).platform/user.gouser.Userextended with shoreline user fields.shoreline/user/hasher.go=>platform/user/hasher.goshoreline/user/storage.go=>platform/user/user_accessor.go(somewhat like the interface of the Storage repository, but simplified).shoreline/user/migrationStore.go=>platform/user/keycloak/user_accessor.go(Takes the logic around User creation / manipulation and removes the fallback / mongodb stuff), implementsplatform/user.UserAccessorinterfaceshoreline/keycloak/client.go=>platform/user/keycloak/client.go(Wrapper around gocloak).