Page MenuHomePhabricator

[services] Tunnelbroker - Skipping `deviceID` validation in tools function
ClosedPublic

Authored by max on Feb 2 2023, 4:50 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Nov 19, 12:26 PM
Unknown Object (File)
Tue, Nov 19, 12:26 PM
Unknown Object (File)
Tue, Nov 19, 12:25 PM
Unknown Object (File)
Tue, Nov 19, 12:14 PM
Unknown Object (File)
Tue, Nov 19, 12:14 PM
Unknown Object (File)
Nov 18 2024, 7:27 PM
Unknown Object (File)
Nov 15 2024, 2:48 PM
Unknown Object (File)
Nov 15 2024, 1:23 PM
Subscribers

Details

Summary

This diff adds skipping of the deviceID format validation in the validateDeviceID tools function by checking the sessions.disable_deviceid_validation config flag (from D6523).

We are disabling the validation of the deviceID format for using the Tunnelbroker as a Redis replacement, in this case, the deviceID format will be different and we should not validate it.

Linear task: ENG-2640

Test Plan
  1. CI checks are successfully passed.
  2. Manual testing:

Adding the disable_deviceid_validation flag to the [sessions] section of the config file results in always true returns from the validateDeviceID tools function.

Diff Detail

Repository
rCOMM Comm
Branch
check-disable-deviceid-flag-in-tools
Lint
No Lint Coverage
Unit
No Test Coverage

Event Timeline

max held this revision as a draft.
max edited the test plan for this revision. (Show Details)
max added a reviewer: bartek.
max added inline comments.
services/tunnelbroker/src/libcpp/src/Tools/Tools.cpp
30

Logging here in case we are skipping the validation is a good debugging point.

max published this revision for review.Feb 2 2023, 5:00 AM
This revision is now accepted and ready to land.Feb 2 2023, 10:18 AM
services/tunnelbroker/src/libcpp/src/Tools/Tools.cpp
32

deviceID is user-identifiable... this creates a log of all the times a given user has accessed Tunnelbroker. I'd rather we didn't implicitly create access logs like this. Is LOG(INFO) going to be active in production?

max added inline comments.
services/tunnelbroker/src/libcpp/src/Tools/Tools.cpp
32

deviceID is user-identifiable... this creates a log of all the times a given user has accessed Tunnelbroker. I'd rather we didn't implicitly create access logs like this.

Makes sense to remove this logging.

Is LOG(INFO) going to be active in production?

No, ERROR and FATAL are going to be printed in production.