Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Jt/create user api validation #35448

Open
wants to merge 32 commits into
base: master
Choose a base branch
from
Open

Jt/create user api validation #35448

wants to merge 32 commits into from
+539 −159

Conversation

Jtang-1
Copy link
Contributor

@Jtang-1 Jtang-1 commented Nov 26, 2024
edited
Loading

Product Description

Technical Summary

USH-4757

The main change in this PR is the addition of an API validation file. This will support the upcoming API for creating Invitations and updating Web Users. The remaining changes involve refactoring to consolidate validations used when bulk uploading Web Users or creating Invitations via the AdminInvitesUserForm.

I reused relevant validations already defined for bulk user import (in user_importer.validation) since the same checks are needed. Some validations previously implemented via the clean method in Django forms were consolidated, while built-in form validations were left as-is.

The key distinction between Invitation creation via the API and via bulk user import is how existing Web Users are handled. Bulk user import checks if the Web User exists and updates it if so. In contrast, the API will have a dedicated POST endpoint for creation. This endpoint will require validating whether the Invitation or Web User already exists and returning an error if it does, mirroring the behavior of the AdminInvitesUserForm.

Feature Flag

No feature flag

Safety Assurance

Safety story

The main changes (addition of validation for Web User creation API) will not be used yet. The changes to the existing validation code are solely refactors and I tested locally that those areas still work as expected.

Automated test coverage

There exists extensive testing on bulk user imports and surrounding validation. test_importer checks that web user and mobile workers can be successfully uploaded/updated. test_validators test that Location, Profile, Custom Data, etc.. validation catches invalid or unauthorized changes. I will add missing Tableau Group and Role validation.

QA Plan

no QA.

Rollback instructions

  • This PR can be reverted after deploy with no further considerations

Labels & Review

  • Risk label is set correctly
  • The set of people pinged as reviewers is appropriate for the level of risk of the change

@dimagimon dimagimon added Risk: High Change affects files that have been flagged as high risk. Risk: Medium Change affects files that have been flagged as medium risk. labels Nov 26, 2024
@Jtang-1 Jtang-1 force-pushed the jt/create-user-api-validation branch 4 times, most recently from 6568200 to 1a81553 Compare November 28, 2024 05:02
@Jtang-1
create class to consolidate validation of web user invitation fields
2de602f
@Jtang-1
this validation is already done as part of django form from CustomDat…
1f42d95 
…aEditor Form
@Jtang-1
refactor for readability
b4c260c
@Jtang-1
adds function to validate profile
2873fcb
@Jtang-1
refactor validation of email to consolidate
06e60e1
@Jtang-1
do same validation as done for bulk user import in preparation of val…
591245a 
…idating Invitation creation via API
@Jtang-1
refactor: move validating tableau role and tableau group header to ch…
3d99f35 
…eck_headers
@Jtang-1
prefactor - consolidate validation to be used for invitation creation…
9e801be 
… / web user edit API
@Jtang-1
refactor: extract required values from spec in higher level function …
a0119f6 
…to make it easier to tell what values are needed
@Jtang-1
create validation for location in preparetion for create invitation/u…
0fc4ddd 
…pdate web user API
@Jtang-1
refactor: location_ids is the equivalent return
fc6ced8
@Jtang-1
refactor: consolidate validation for location having users
30a3214
@Jtang-1
refactor: consolidate validating that primary location is one of the …
2e1de11 
…assigned locations or that primary location is defined if assigned locations is defined
@Jtang-1
refactor to extract out validation of tableau groups from the expecte…
7584aea 
…d format from spec
@Jtang-1
add validation of tableau group to Admin Invites User Validator to be…
21fd7ac 
… used for invite creation API
@Jtang-1
prefactor: extract out the validation of the tableau_role independent…
ff73910 
… of the spec format in preparation for reuse
@Jtang-1
add validation for tableau role
cd79129
@Jtang-1
add validation for custom data in preparation for web user creation API
062dde5
@Jtang-1
remove unnecessary caching
f0cd397
@Jtang-1
refactor: DRY function
ef2b0e6
@Jtang-1
refactor: The initial purpose of the validation class was to be used …
64c904a 
…for web user API. However, there wasn't as much

overlap with validation used for AdminInvitesUserForm. So move validation for Web User Resource its own file and
create a class to organize the validations relevant to AdminInvitesUserForm
@Jtang-1
perform permission and privilege check only if the parameter exists
a043006
@Jtang-1
remove location fields from backend if location shouldn't be shown
cca4098
@Jtang-1
update test and adds test for validating if invitation email is an ex…
7f3807e 
…isting webuser
@Jtang-1
rename since only one error is returned, not multiple
8fe97bc
@Jtang-1
separate conditionally allowed headers since allowed_headers is globa…
998a221 
…lly defined and the conditionally allowed headers should not be preserved upon additional calls to check_header
@Jtang-1
fix typo
6366ebf
@Jtang-1 Jtang-1 force-pushed the jt/create-user-api-validation branch from 1a81553 to 6366ebf Compare November 28, 2024 05:14
@Jtang-1
update test
34e4dc7 
couch_user is already included in the request so the test is updated to reflect that.
The couch_user is now used in `bulk_user_upload_api` so the test needs to be updated
@Jtang-1
test TableauRoleValidation and TableauGroupsValidation
8d30494
@Jtang-1
fix import
eba62f3
@Jtang-1
test: new tests for validation of Web User Resourcec
d9f55a1
@Jtang-1 Jtang-1 marked this pull request as ready for review November 30, 2024 05:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@esoergel esoergel Awaiting requested review from esoergel esoergel is a code owner

@stephherbers stephherbers Awaiting requested review from stephherbers stephherbers is a code owner

@AddisonDunn AddisonDunn Awaiting requested review from AddisonDunn

@Robert-Costello Robert-Costello Awaiting requested review from Robert-Costello

@jingcheng16 jingcheng16 Awaiting requested review from jingcheng16

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
Risk: High Change affects files that have been flagged as high risk. Risk: Medium Change affects files that have been flagged as medium risk.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Jtang-1 @dimagimon