Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: collaborators #485

Closed
wants to merge 24 commits into from

Conversation

prestonlimlianjie
Copy link
Contributor

Problem

This PR adds the collaborators feature as described in https://www.notion.so/opengov/Collaborators-65bfdc2267e044bfb19996ce9e7174f9

Solution

Features:

Key changes:

  • Add authorization middleware methods to allow routers to gate access to either site member or site admins [link]
  • New collaborator API endpoints [link]
  • Database migration to change role enum values to ADMIN and CONTRIBUTOR [link]
  • Tests for the abovementioned routes and services

Bug Fixes:

  • Fixed some typos/errors in the database models - 787a70e

Tests

Unit tests

  • Run npm run test

Smoke tests

Prepare database

  1. Add the following records to the Whitelist table
1	.gov.sg	NULL	2022-07-29 02:49:31.464881+00	2022-07-29 02:49:31.464881+00
2	test.sg	2023-01-01 00:00:00+00	2022-08-02 05:20:57.738498+00	2022-08-02 05:20:57.738498+00
  1. Add the following records to the Users table
1	[email protected]	test	91231234	2022-08-11 03:54:56.394+00	2022-04-04 07:25:41.013+00	2022-08-11 03:54:56.396+00	NULL
2	[email protected]	test	91231235	2022-04-30 07:41:09.661+00	2022-04-04 07:25:41.013+00	2022-07-30 07:41:09.662+00	NULL
3	[email protected]	testing	91231236	2022-04-29 07:41:09.661+00	2022-04-04 07:25:41.013+00	2022-07-30 07:41:09.662+00	NULL
4	[email protected]	testtest	91231237	2022-01-30 07:41:09.661+00	2022-04-04 07:25:41.013+00	2022-07-30 07:41:09.662+00	NULL
  1. Add the following records to the Sites table
1	a-test-v4	null	2022-08-10 10:46:02.874209+00	2022-08-10 10:46:02.874209+00	INITIALIZED	READY	1	NULL
  1. Add the following records to the SiteMembers table
1	1	ADMIN	2022-08-10 10:46:49.845261+00	2022-08-10 10:46:49.845261+00
2	1	ADMIN	2022-08-10 15:48:50.491+00	2022-08-10 15:48:50.491+00
3	1	ADMIN	2022-08-10 15:48:53.764+00	2022-08-10 15:48:53.764+00
4	1	CONTRIBUTOR	2022-08-11 06:06:44.013+00	2022-08-11 06:06:44.013+00

Run frontend

  • Check out the feat/collaborators branch on the CMS frontend
  • Run npm run dev
  • Log in via the email option
  • Go to [a-test-v4 dashboard](http://localhost:3000/sites/a-test-v4/dashboard)

Deploy Notes

Migrations

  • New database migration script to change role enum 20220811070630-change-role-enum.js

New dev dependencies:

  • @types/lodash

@seaerchin
Copy link
Contributor

i think tihs PR needs rebasing! feel free to ping me on slack/re-add me as a reviewer so i don't miss this when done!

Copy link
Contributor

@dcshzj dcshzj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some preliminary comments! Will continue looking through tomorrow.

src/fixtures/identity.ts Outdated Show resolved Hide resolved
src/routes/v2/authenticated/index.js Outdated Show resolved Hide resolved
src/services/identity/CollaboratorsService.ts Outdated Show resolved Hide resolved
src/services/identity/CollaboratorsService.ts Outdated Show resolved Hide resolved
src/services/identity/CollaboratorsService.ts Show resolved Hide resolved
src/services/identity/CollaboratorsService.ts Outdated Show resolved Hide resolved
src/services/identity/CollaboratorsService.ts Show resolved Hide resolved
src/routes/v1/authenticatedSites/index.js Outdated Show resolved Hide resolved
src/routes/v2/authenticatedSites/index.js Outdated Show resolved Hide resolved
Comment on lines +132 to +134
return new BadRequestError(
"That doesn't look like a valid email. Try a gov.sg or other whitelisted email."
)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we throw the error directly here instead of letting it be handled at the router level?

Copy link
Contributor Author

@prestonlimlianjie prestonlimlianjie Sep 22, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My thought here was that we should move towards a neverthrow-like pattern (but I didn't want to introduce neverthrow into this specific PR just yet - we should do it in a separate PR to prevent scope creep).

In this pattern, we want to ensure that library methods don't throw errors themselves as far as possible. Instead, we want to get them to return errors of specific types so that their callers can figure out what to do with them.

In this PR, because we're not introducing neverthrow yet:

  • the business-logic/expected errors (e.g. site not found) will be returned as a specific error
  • the unexpected errors (e.g. database-related errors) will be thrown

In a separate PR, when we introduce neverthrow, errors in both categories will be returned as specific errors.

tagging @seaerchin since he is familiar with neverthrow from his work in FormSG - thoughts?

Comment on lines +45 to +48
authenticatedSubrouter.use(
"/sites/:siteName/collaborators",
collaboratorsRouter.getRouter()
)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this router be part of authenticatedSites instead?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The way I saw it was that authenticatedSites was responsible for site content, i.e. what the GitHub repo handles today, while authenticatedSites was responsible for site-related meta features (e.g. collaborators, review requests, notifications).

But this is definitely up for discussion. Tagging @alexanderleegs and @seaerchin for their thoughts since they are working on RR+Notifications at the moment

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we haven't really made a decision on this - currently the authenticatedSubrouter and authenticatedSitesSubrouter are split as such because of the params they require. I think either way works, though I'm leaning towards reusing the authenticatedSites router to make use of the related subrouters which go together with it, to prevent having to set up siteName retrieval and other site specific operations again.

src/services/identity/CollaboratorsService.ts Outdated Show resolved Hide resolved
@prestonlimlianjie prestonlimlianjie changed the base branch from feat/email-login-flow to feat/identity-phase-2 October 3, 2022 03:04
@prestonlimlianjie prestonlimlianjie changed the base branch from feat/identity-phase-2 to feat/email-login-flow October 3, 2022 16:10
@prestonlimlianjie
Copy link
Contributor Author

Closing because it is now too painful to rebase. Redid the PR here #510

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants