[USERSKILL]: refactor away ja_resource#926
Conversation
snewcomer
force-pushed
the
user-skill-controller-ja-resource
branch
2 times, most recently
from
72a2b0f to
9ae0ae9
Compare
| with %UserSkill{} = user_skill <- UserSkill |> Repo.get(id), | ||
| %User{} = current_user <- conn |> Guardian.Plug.current_resource, | ||
| {:ok, :authorized} <- current_user |> Policy.authorize(:delete, user_skill), | ||
| {:ok, %UserSkill{} = _user_skill} <- user_skill |> Repo.delete |
There was a problem hiding this comment.
You've discovered a bug we've been creating on some controllers with this switch
We have a plug, SegmentPlugTracker, which registers an action right before the conn sends a response.
This action figures out what happened (in this case, that a UserSkill was deleted) and calls tracking code for that action.
However, the "figuring out" also relied on ja_resource and canary, so in this case, it got broken and the controller test found it. Unfortunately it seems not all our controller tests have this assert_received, so we may have turned off tracking in some cases. I'll make sure to check.
We probably want to make that explicit as well, to avoid further issues, so I'll create an issue to do this.
For know, to keep tracking working here, you'll need to do a conn |> Conn.assign(:user_skill, user_skill) |> conn |> send_resp(:no_content, "")
begedin
left a comment
begedin
left a comment
There was a problem hiding this comment.
Good work. The failed test is actually a good thing and you may have stopped us from causing bugs down the line.
| with %UserSkill{} = user_skill <- UserSkill |> Repo.get(id), | ||
| %User{} = current_user <- conn |> Guardian.Plug.current_resource, | ||
| {:ok, :authorized} <- current_user |> Policy.authorize(:delete, user_skill), | ||
| {:ok, %UserSkill{} = _user_skill} <- user_skill |> Repo.delete |
There was a problem hiding this comment.
You've discovered a bug we've been creating on some controllers with this switch
We have a plug, SegmentPlugTracker, which registers an action right before the conn sends a response.
This action figures out what happened (in this case, that a UserSkill was deleted) and calls tracking code for that action.
However, the "figuring out" also relied on ja_resource and canary, so in this case, it got broken and the controller test found it. Unfortunately it seems not all our controller tests have this assert_received, so we may have turned off tracking in some cases. I'll make sure to check.
We probably want to make that explicit as well, to avoid further issues, so I'll create an issue to do this.
For know, to keep tracking working here, you'll need to do a conn |> Conn.assign(:user_skill, user_skill) |> conn |> send_resp(:no_content, "")
|
@snewcomer perhaps we need some higher-level docs somewhere about the tracking? |
|
@joshsmith Higher level docs are good, but I've also created #927 to avoid unclear cases like this one. I think we made far too many things implicit in the early days of this project. |
|
@begedin is this g2g? |
snewcomer
force-pushed
the
user-skill-controller-ja-resource
branch
from
e7c3969 to
bf6de49
Compare
|
@snewcomer Squash the two commits together and then you can consider it merged. However, I'm hoping #805 gets merged first, since rebasing this one would be much easier, so don't worry, if the PR stays up for a bit. It's just waiting on that one. |
begedin
left a comment
begedin
left a comment
There was a problem hiding this comment.
We merged one of the two PRs, so rebasing the other became simple enough where we can get this merged to.
However, on a second review, I found a few things that need to be fixed.
lib/code_corps/policy/user_skill.ex
Outdated
| def create?(%User{id: id}, %Changeset{changes: %{user_id: user_id}}), do: id == user_id | ||
| def create?(%User{}, %Changeset{}), do: false | ||
| def create?(%User{admin: true}, %{}), do: true | ||
| def create?(%User{id: id}, %{user_id: user_id}), do: id == user_id |
There was a problem hiding this comment.
@snewcomer The params we send here use strings as keys. Additionally, there's an issue with id values in the params map all being strings (this is what ember sends), so to fix the problem here you need to
- replace this line with
def create?(%User{id: id}, %{"user_id" => user_id}), do: id == user_id - update the policy test to match
- add
plug CodeCorpsWeb.Plug.IdsToIntegersinto the controller, right after theDataToAttributesplug.
| test "returns true if user is creating their own record" do | ||
| user = insert(:user) | ||
| changeset = %UserSkill{} |> create_changeset(%{user_id: user.id}) | ||
| user_skill = %UserSkill{user_id: user.id} |
There was a problem hiding this comment.
As I explained above, this needs to be a params map isntead, looking like
params = %{"user_id" => user.id}
assert create?(user, params)
snewcomer
force-pushed
the
user-skill-controller-ja-resource
branch
from
bf6de49 to
28db06e
Compare
| changeset = %UserSkill{} |> create_changeset(%{}) | ||
|
|
||
| assert create?(user, changeset) | ||
| assert create?(user, %{"user_id" => user.id}) |
There was a problem hiding this comment.
You're not using the changeset here anymore. You can likely also remove import CodeCorps.UserSkill, only: [create_changeset: 2] from the top of the file.
Sorry I didn't catch this on my previous pass.
snewcomer
force-pushed
the
user-skill-controller-ja-resource
branch
from
32f768b to
48e4933
Compare
|
Thank you @snewcomer. Great work 👍 |
3 participants
Fixes #916