MF-922 - Add UpdateUser endpoint #923
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
drasko
requested changes
Oct 30, 2019
users/tracing/users.go
Outdated
| defer span.Finish() | ||
| ctx = opentracing.ContextWithSpan(ctx, span) | ||
|
|
||
| return urm.repo.Update(ctx, user) |
There was a problem hiding this comment.
Does this update whole user structure or just Metadata?
If it updates whole user structure, it means that User can change his own "constructive" information - which is contrary to the ide that users are created and managed by the admins - and can lead to security breaches.
@nmarcetic please review this one and advise.
There was a problem hiding this comment.
@nmarcetic please review and advise here so we can move further.
Codecov Report
@@ Coverage Diff @@
## master #923 +/- ##
==========================================
- Coverage 83.59% 82.93% -0.67%
==========================================
Files 75 75
Lines 5341 5385 +44
==========================================
+ Hits 4465 4466 +1
- Misses 610 652 +42
- Partials 266 267 +1
Continue to review full report at Codecov.
|
anovakovic01
suggested changes
Oct 30, 2019
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
anovakovic01
suggested changes
Oct 31, 2019
users/api/logging.go
Outdated
|
|
||
| func (lm *loggingMiddleware) UpdateMetadata(ctx context.Context, token string, metadata map[string]interface{}) (email string, err error) { | ||
| defer func(begin time.Time) { | ||
| message := fmt.Sprintf("Method user_update for user %s took %s to complete", email, time.Since(begin)) |
There was a problem hiding this comment.
Change user_update to update_metadata.
users/api/metrics.go
Outdated
|
|
||
| func (ms *metricsMiddleware) UpdateMetadata(ctx context.Context, token string, metadata map[string]interface{}) (email string, err error) { | ||
| defer func(begin time.Time) { | ||
| ms.counter.With("method", "user_update").Add(1) |
manuio
changed the title
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
anovakovic01
suggested changes
Oct 31, 2019
users/api/http/endpoint.go
Outdated
| @@ -90,6 +90,23 @@ func userInfoEndpoint(svc users.Service) endpoint.Endpoint { | |||
| } | |||
| } | |||
|
|
|||
| func userUpdateMetaEndpoint(svc users.Service) endpoint.Endpoint { | |||
There was a problem hiding this comment.
Please rename this method name.
users/api/http/requests.go
Outdated
| @@ -28,6 +28,18 @@ func (req viewUserInfoReq) validate() error { | |||
| return nil | |||
| } | |||
|
|
|||
| type updateUserReq struct { | |||
| Token string | |||
| User users.User | |||
There was a problem hiding this comment.
First, I want to ask why is Token public? Second, I still think that here you should have fields that you're updating (for now just metadata). If you leave it this way, I can pass email and pass, and the request will be accepted.
users/api/logging.go
Outdated
|
|
||
| func (lm *loggingMiddleware) UpdateUser(ctx context.Context, token string, u users.User) (err error) { | ||
| defer func(begin time.Time) { | ||
| message := fmt.Sprintf("Method update_user_info for user %s took %s to complete", u.Email, time.Since(begin)) |
There was a problem hiding this comment.
Change to update_user
users/api/metrics.go
Outdated
|
|
||
| func (ms *metricsMiddleware) UpdateUser(ctx context.Context, token string, u users.User) (err error) { | ||
| defer func(begin time.Time) { | ||
| ms.counter.With("method", "update_user_info").Add(1) |
There was a problem hiding this comment.
Change to update_user.
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
drasko
requested changes
Oct 31, 2019
manuio
changed the title
manuio
changed the title
|
Add missing tests in this issue: https://github.com/mainflux/mainflux/issues/926 |
drasko
approved these changes
Oct 31, 2019
manuio
added a commit
that referenced
this pull request
Oct 12, 2020
* MF-922 - Add User Update endpoint Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Revert Update function Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Update swagger Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix Things swagger Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix swagger Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * update Things swagger Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix users swagger Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix mocks Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix method name Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix swagger Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix swagger Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix swagger Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use User instead of metadata Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix reviews Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Manuel Imperiale manuel.imperiale@gmail.com
Closes #922