Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: move permission list validation from model level to service layer #5946

Merged
merged 3 commits into from
Mar 22, 2023
Merged

fix: move permission list validation from model level to service layer #5946

merged 3 commits into from
Mar 22, 2023

Conversation

justynoh
Copy link
Contributor

@justynoh justynoh commented Mar 20, 2023
edited
Loading

Problem

Whenever agencies change email domains, we remove their domain from the Agency collection. However, this means that if they had any collaborators in their form collaborator list whose emails were from the old domain, their form is forever locked. They cannot make changes to their form anymore, since the form document cannot be saved with invalid collaborators.

image

The reason for this occurring is validation that is applied at the model level. The validation is thus run on every document save, and the database rejects the invalid save on change.

Solution

Even though we would like for there to be model-level validation, this is not practical or informative. The model validations should specify invariants of the model over all operations throughout the system. However, the agency collection is always subject to change, and the validator will certainly not be invariant over time. Therefore, we should not in principle validate based on the agency collection at the model level. All we can guarantee is that the list of collaborators are emails. What we would really like is that all new collaborators are whitelisted.

Therefore, this PR removes the model-level validation based on the agency collection. In replacement, the validation occurs at the service layer. Any new collaborators added are extracted and checked for validity, while old collaborators are left untouched.

Breaking Changes

  • No - this PR is backwards compatible

Screenshots

Screen.Recording.2023-03-20.at.4.54.57.PM.mov
Screen.Recording.2023-03-20.at.5.00.24.PM.mov

Tests

  • Ensure that the email domain data.gov.sg is not in the govtech agency. Try to add [email protected] email as a collaborator. This should fail.
  • Add the data.gov.sg email domain to the govtech agency. Now add [email protected] and [email protected] email as collaborators. Then, remove the data.gov.sg email domain from the govtech agency. Perform the following actions in order.

Notes

Separately, I found an existing bug with transfer ownership. We currently allow ownership to be transferred to users whose emails are no longer valid domains belonging to any agency. You can see this in the second video clip, right at the end. I'll open a ticket for it after looking through the existing issues to see if it's duplicated.

LinHuiqing
LinHuiqing approved these changes Mar 21, 2023
View reviewed changes
Copy link
Contributor

@LinHuiqing LinHuiqing left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

@justynoh justynoh mentioned this pull request Mar 22, 2023
Open
@justynoh justynoh merged commit d4fb51d into develop Mar 22, 2023
@justynoh justynoh deleted the fix/collaborators-bug branch March 22, 2023 03:19
@wanlingt wanlingt mentioned this pull request Mar 24, 2023
Merged
16 tasks
timotheeg
timotheeg reviewed Mar 27, 2023
View reviewed changes
src/app/modules/form/admin-form/admin-form.service.ts
.filter(
(c1) =>
!form.permissionList.some(
(c2) => c1.email === c2.email && c1.write === c2.write,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just checking: is normalization of the emails (trim + lowercasing) done before this filtering occurs? (question is also relevant to the agency search below)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

these are both done in the frontend. we have validation middleware requiring that the emails be emails (which means they must already be trimmed), but i don't think this enforces a lowercase restriction. we should do it here too. Thanks for catching!

I'll open a PR to force lowercase validation in the middleware

@justynoh justynoh mentioned this pull request Mar 27, 2023
Merged
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@timotheeg timotheeg timotheeg left review comments

@LinHuiqing LinHuiqing LinHuiqing approved these changes

@tshuli tshuli Awaiting requested review from tshuli

@foochifa foochifa Awaiting requested review from foochifa

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@justynoh @timotheeg @LinHuiqing