Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add More Validation for api calls #229

Closed
wants to merge 8 commits into from
Closed

Add More Validation for api calls #229

wants to merge 8 commits into from

Conversation

sthwang-metal
Copy link
Contributor

@sthwang-metal sthwang-metal commented Sep 27, 2023
edited
Loading

Adds more validation checks to the resolvers.

  • remove PortIDs as an input field for loadbalancer mutations
  • check ownership of input fields

@github-actions
Copy link

github-actions bot commented Sep 27, 2023
edited
Loading

GraphQL Schema Check

Compared 0 schema changes against 0 operations

✅ Found no changes

🔗 View full schema check details

@sthwang-metal sthwang-metal changed the title wip Add More Validation for api calls Sep 28, 2023
@sthwang-metal sthwang-metal marked this pull request as ready for review September 28, 2023 18:36
@sthwang-metal sthwang-metal requested review from a team as code owners September 28, 2023 18:36
nicolerenee
nicolerenee reviewed Sep 28, 2023
View reviewed changes
internal/graphapi/loadbalancer_test.go Outdated
@@ -121,6 +124,11 @@ func TestCreate_loadBalancer(t *testing.T) {
Input: graphclient.CreateLoadBalancerInput{Name: name, ProviderID: prov.ID, OwnerID: ownerID, LocationID: ""},
errorMsg: "value is less than the required length",
},
{
TestName: "fails to create loadbalancer with another loadbalancer's port",
Input: graphclient.CreateLoadBalancerInput{Name: name, ProviderID: prov.ID, OwnerID: ownerID, LocationID: locationID, PortIDs: []gidx.PrefixedID{port.ID}},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the better solution here would be that PortIDs be removed from the input for LoadBalancers. I can't think of a valid example where we would ever want to create a load balancer and pass in existing port IDs for the ports on that LB. Especially since ports have to be mapped to a LB to get created in the first place.

internal/graphapi/pool_test.go
TestName: "fails to update pool with port with conflicting OwnerID",
Input: graphclient.UpdateLoadBalancerPoolInput{
Name: newString("ImaPool"),
AddPortIDs: []gidx.PrefixedID{port.ID},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same thing here, I don't think we want to allow users to pass PortIDs in ever on a load balancer.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Im assuming you are talking about UpdateLoadBalancerInput since we dont really mutate ports through the load balancer since ports dont exist without loadbalancers, and instead to mutate ports directly instead?

Copy link
Contributor Author

@sthwang-metal sthwang-metal Sep 29, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also could the same be said with pools and origins since origins dont exist outside of pools (I think) and thus we shouldnt mutate origins through pools as well?

nvm I think origins and pools are m:m so would not make sense

@nicolerenee
Copy link
Member

The Apollo Schema Check is failing since this isn't a backwards compatible change since it removes fields from the API. Given that is exactly what we want to do here, we can ignore the failure.

@sthwang-metal
add more checks to resolvers
027ce47 
Signed-off-by: Stephen Hwang <126002920+sthwang-metal@users.noreply.github.com>
@sthwang-metal
add tests
755f071 
Signed-off-by: Stephen Hwang <126002920+sthwang-metal@users.noreply.github.com>
@sthwang-metal
add more tests
d807e09 
Signed-off-by: Stephen Hwang <126002920+sthwang-metal@users.noreply.github.com>
@sthwang-metal
update permission checks
b14b4df 
Signed-off-by: Stephen Hwang <126002920+sthwang-metal@users.noreply.github.com>
@sthwang-metal
update query method
07ebc30 
Signed-off-by: Stephen Hwang <126002920+sthwang-metal@users.noreply.github.com>
@sthwang-metal
remove ports from lb inputs, regenerate, fix tests
0449572 
Signed-off-by: Stephen Hwang <126002920+sthwang-metal@users.noreply.github.com>
@sthwang-metal
remove test for pool/origin
a6ca5da 
Signed-off-by: Stephen Hwang <126002920+sthwang-metal@users.noreply.github.com>
@sthwang-metal sthwang-metal force-pushed the sthwang/add-permission-checks branch from c10c4af to a6ca5da Compare October 3, 2023 16:18
@sthwang-metal
remove dist files
259bcf9 
Signed-off-by: Stephen Hwang <126002920+sthwang-metal@users.noreply.github.com>
@sthwang-metal
Copy link
Contributor Author

closing in favour of this pr: #244

@sthwang-metal sthwang-metal deleted the sthwang/add-permission-checks branch October 4, 2023 18:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rizzza rizzza Awaiting requested review from rizzza

@nicolerenee nicolerenee Awaiting requested review from nicolerenee

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sthwang-metal @nicolerenee @rizzza