Page MenuHomePhabricator

[keyserver] Recalculate permissions and reintroduce ADD_MEMBERS permission
ClosedPublic

Authored by ashoat on Aug 19 2024, 9:44 AM.
Tags
None
Referenced Files
F3389141: D13114.id43513.diff
Fri, Nov 29, 5:45 PM
Unknown Object (File)
Tue, Nov 26, 5:52 AM
Unknown Object (File)
Tue, Nov 12, 4:30 PM
Unknown Object (File)
Sat, Nov 9, 8:56 PM
Unknown Object (File)
Fri, Nov 8, 7:03 PM
Unknown Object (File)
Fri, Nov 8, 7:03 PM
Unknown Object (File)
Fri, Nov 8, 7:01 PM
Unknown Object (File)
Sun, Nov 3, 2:34 AM
Subscribers
None

Details

Summary

This diff does two things:

  1. Resolves ENG-9055 by bringing back ADD_MEMBERS permissions. Unfortunately we have no way to determine which communities had this permission before the errant migration, so I'm just assuming they all had it (as it's a default) and bringing it back for all communities.
  2. Recalculates all permissions so that the changes in the last two diffs in the stack are applied.

Depends on D13113

Test Plan
  1. I set up a repro of ENG-9055 in my local environment
  2. I confirmed that after this migration ran, ADD_MEMBERS permission was present

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

keyserver/src/database/migration-config.js
881–895 ↗(On Diff #43465)

This query was inspired by a similar one in updateRoles here

881–895 ↗(On Diff #43465)

I should mention I tested its performance on the production MariaDB, as I was worried about removing the WHERE thread clause:

mysql> UPDATE roles SET permissions = CASE id WHEN '2' THEN '' ELSE permissions END;
Query OK, 0 rows affected (0.01 sec)
Rows matched: 8709  Changed: 0  Warnings: 0
tomek added inline comments.
keyserver/src/database/migration-config.js
856 ↗(On Diff #43465)

Why do we skip the admin role? Shouldn't we also have ADD_MEMBERS for these?

881–895 ↗(On Diff #43465)

This query might be quite long. Are we sure we don't need to split it into batches?

This revision is now accepted and ready to land.Aug 20 2024, 1:37 AM
keyserver/src/database/migration-config.js
856 ↗(On Diff #43465)

Admin roles were not affected by the errant migration, as they're special-cased here.

Additionally, admin role permissions are not determined by the user-surfaced permission system, and the role editing UI does not allow editing admin permissions. Instead, admin permissions are determined directly by getRolePermissionBlobs. If we were to include them here, it would require adding some special cases below.

881–895 ↗(On Diff #43465)

That's a fair concern, so I did some testing to make sure it was okay.

I constructed a fake query with the same amount of entries as follows:

let query = 'UPDATE roles SET permissions = CASE id ';
for (let i = 0; i < 8709; i++) {
  query += `WHEN '-${i}' THEN '' `;
}
query += 'ELSE permissions END';

I then ran this query on my production keyserver:

Query OK, 0 rows affected (3.24 sec)
Rows matched: 8714  Changed: 0  Warnings: 0

Technically this is just a little shorter than the real query, since the IDs are shorter. But I think it should be okay.