Page MenuHomePhabricator

[keyserver] Prevent updateRoles from resetting user-surfaced permissions
ClosedPublic

Authored by ashoat on Aug 13 2024, 12:52 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Nov 8, 11:06 PM
Unknown Object (File)
Fri, Nov 8, 12:23 PM
Unknown Object (File)
Sat, Oct 19, 2:33 PM
Unknown Object (File)
Sat, Oct 19, 2:32 PM
Unknown Object (File)
Sat, Oct 19, 2:31 PM
Unknown Object (File)
Sep 29 2024, 1:31 PM
Unknown Object (File)
Sep 29 2024, 1:26 PM
Unknown Object (File)
Sep 29 2024, 1:22 PM
Subscribers
None

Details

Summary

This resolves ENG-9031.

updateRoles currently resets user-surfaced permissions to the default. This diff instead attempts to reconstruct the set of user-surfaced permissions based on the current role permissions, and then reapply then when generating the updated permissions.

Depends on D13074

Test Plan

I tested this in combination with the next diff, where we add a updateRolesAndPermissionsForAllThreads migration:

  • Create a community
  • Update Members permission to include managing tags
  • Run the migration
  • Confirm that the managing tags permissions is still present

Diff Detail

Repository
rCOMM Comm
Lint
No Lint Coverage
Unit
No Test Coverage

Event Timeline

tomek added inline comments.
keyserver/src/updaters/role-updaters.js
51–58

I'm not sure if I understand this correctly, but it looks like defaultRolePermissions.Members would override what we have in currentRole.permissions. Wouldn't that mean that we override permissions that a user set?

131–142

I know this is based on the existing code, but it looks quite dangerous from the consistency point of view. Ideally, all the updates in this function should be one transaction, but at least we can first update the memberships and then delete the role. The current approach would leave some members with nonexistent roles, if the delete succeeds and update fails.

This revision is now accepted and ready to land.Aug 14 2024, 9:08 AM
keyserver/src/updaters/role-updaters.js
51–58

Yes. User-surfaced permissions are represented internally by roles specified at the community root level, and they don't affect the role permissions for any other threads. As such, role permissions for non-root thread types should always be reset to the default.

131–142

Good point – I'll make sure we update the memberships first

Perform updateMembershipsQuery before deleteQuery

This revision was landed with ongoing or failed builds.Aug 14 2024, 9:50 AM
This revision was automatically updated to reflect the committed changes.