Skip to content

F grpc f acm

Timm Fitschen requested to merge f-grpc-f-acm into dev

Summary

  • Implementation for the AccessControlManagement GRPC Service
  • Authentication via SessionTokens for the GRPC Server
  • EntityACL retrieval and updates

Focus

  • Start your review with AccessControlManagementServiceImpl.java
  • Note that a significant change happens regarding the roles and email address of users from the PAM realm: Prior to this MR, users from the PAM realm always had the roles which are assigned to them in the usersources.ini and it wasn't possible to change the roles via any other API. Now, the roles from the usersources.ini are only the default, which is copied to the backend when a user signs in for the first time. Afterwards, an administrator can update the user roles and even remove the ones that have been assigned by the usersources.ini. Same holds for the email property of users.
  • Note that the implementation of the ListUser RPC made it necessary to log user sign-ins, at least when they authenticate with the server for the first time (otherwise, we wouldn't have any clue, which users are active in the PAM realm). This happens in the LogUserVisit transaction. Currently, this is the sole real purpose of LogUserVisit. However, it is foreseeable that we will have feature-request for logging user activity in the future, and this is already named and designed with this in mind.

Test Environment

  • Unit-tests are TODO
  • Use caosdb-webui2 (git clone git@gitlab.indiscale.com:caosdb/src/caosdb-webui2.git) repo for manual testing (See README there)
  • There are currently no integration tests for this new part of the GRPC API (cpp-implemetation needed).

Check List for the Author

Please, prepare your MR for a review. Be sure to write a summary and a focus and create gitlab comments for the reviewer. They should guide the reviewer through the changes, explain your changes and also point out open questions. For further good practices have a look at our review guidelines

  • All automated tests pass
  • Reference related Issues
  • Up-to-date CHANGELOG.md
  • Annotations in code (Gitlab comments)
    • Intent of new code
    • Problems with old code
    • Why this implementation?

Check List for the Reviewer

  • I understand the intent of this MR
  • All automated tests pass
  • Up-to-date CHANGELOG.md
  • The test environment setup works and the intended behavior is reproducible in the test environment
  • In-code documentation and comments are up-to-date.
  • Check: Are there specifications? Are they satisfied?

For further good practices have a look at our review guidelines.

Edited by Timm Fitschen

Merge request reports