Page MenuHomePhabricator
Differential D6101

Soften requirements for password when deleting thread
ClosedPublic
Actions

Authored by marcin on Dec 29 2022, 6:45 AM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Jun 26, 3:04 PM
Unknown Object (File)
Tue, Jun 25, 11:17 AM
Unknown Object (File)
Mon, Jun 24, 4:32 PM
Unknown Object (File)
Sun, Jun 23, 10:38 PM
Unknown Object (File)
Sun, Jun 23, 10:49 AM
Unknown Object (File)
Sun, Jun 23, 6:59 AM
Unknown Object (File)
Fri, Jun 21, 10:31 PM
Unknown Object (File)
Fri, Jun 21, 3:45 AM
View All Files
Subscribers
ashoat
atul
tomek

Details

Reviewers
tomek
atul
Commits
rCOMMdc9bcf0e32b1: Soften requirements for password when deleting thread
Summary

This differential makes account password an optional parameter of thread deletion request

Test Plan

Build and lanynch the app

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

marcin created this revision.Dec 29 2022, 6:45 AM
Herald added subscribers: atul, tomek, ashoat. · View Herald TranscriptDec 29 2022, 6:45 AM
marcin added a parent revision: D6099: UI changes on native to allow account deletion for SIWE accounts.Dec 29 2022, 6:47 AM
Harbormaster returned this revision to the author for changes because remote builds failed.Dec 29 2022, 6:49 AM
Harbormaster failed remote builds in B14921: Diff 20338!
marcin requested review of this revision.Dec 29 2022, 6:50 AM
marcin added reviewers: tomek, atul.
marcin added a child revision: D6102: Ignore password when deleting thread on the server side.Dec 29 2022, 6:52 AM
tomek accepted this revision.Dec 29 2022, 6:57 AM
This revision is now accepted and ready to land.Dec 29 2022, 6:57 AM
tomek added inline comments.Dec 29 2022, 7:03 AM
keyserver/src/responders/thread-responders.js
46 ↗(On Diff #20338)

We can consider completely removing this parameter for newer clients

marcin added inline comments.Dec 29 2022, 7:08 AM
keyserver/src/responders/thread-responders.js
46 ↗(On Diff #20338)

I also thought about that, but I was strictly following this requirement: https://linear.app/comm/issue/ENG-2541#comment-a48dff3b. It explicitly advices to keep it as optional parameter even though we should ignore it altogether.

ashoat added inline comments.Dec 29 2022, 8:25 AM
keyserver/src/responders/thread-responders.js
46 ↗(On Diff #20338)

Hmm... I think @tomek is referring to the client side, not the keyserver side. He's saying we shouldn't pass that data up from newer clients, right?

marcin updated this revision to Diff 20354.Dec 29 2022, 8:47 AM

Rebase master

Harbormaster completed remote builds in B14936: Diff 20354.Dec 29 2022, 9:02 AM
marcin updated this revision to Diff 20419.Dec 30 2022, 3:36 AM

Rebase before landing

Harbormaster completed remote builds in B14968: Diff 20419.Dec 30 2022, 3:50 AM
Closed by commit rCOMMdc9bcf0e32b1: Soften requirements for password when deleting thread (authored by marcin). · Explain WhyDec 30 2022, 4:13 AM
This revision was automatically updated to reflect the committed changes.
marcin added a commit: rCOMMdc9bcf0e32b1: Soften requirements for password when deleting thread.
tomek added inline comments.Dec 30 2022, 6:48 AM
keyserver/src/responders/thread-responders.js
46 ↗(On Diff #20338)

My idea here was to have two different validators, one with and one without password, and choose them based on viewer's code version.

marcin added inline comments.Dec 30 2022, 7:12 AM
keyserver/src/responders/thread-responders.js
46 ↗(On Diff #20338)

What is the benefit of this approach? Moreover the choice between validators based on code version, should still be restricted to non-SIWE accounts (SWIE accounts shouldn't have to provide password regardless of code version). As far as I can see this approach introduces noticeable complexity, but I can't see benefits.
Additionally, I am really sorry for not starting this discussion before landing this differential - I was in a rush to land this stack to meet the deadline, but still should have at least share my opinion before landing.

tomek added inline comments.Dec 30 2022, 9:53 AM
keyserver/src/responders/thread-responders.js
46 ↗(On Diff #20338)

Overall we should be precise about declaring our API. In theory we could declare the requests to be inexact, accept any object, and take from it whatever interests us and ignore anything else. But that will degrade maintainability.

So the maintainability is probably the most important benefit here. If we declare that all the clients above some code version aren't supposed to send this parameter, we could ultimately delete it after bumping minimal supported version.

Also, when we are precise when declaring the API, we can safely implement it without guessing. In the future someone may start wondering why this is an optional prop and when clients send it. Some searching though blame will clarify the issue, but it is less convenient that stating it explicitly.

On the other hand having different validators for different code versions also complicates the code.

Also SIWE increases the complexity, so maybe it's better to not change this.

Revision Contents
Changeset List

PathSize
keyserver/
src/
responders/
2 lines
lib/
actions/
2 lines
types/
2 lines

Diff 20428

View Options

keyserver/src/responders/thread-responders.js

Loading...
View Options

lib/actions/thread-actions.js

Loading...
View Options

lib/types/thread-types.js

Loading...