Add a verify_credentials_task method #19346
Conversation
agrare
changed the title
agrare
force-pushed
the
add_a_verify_credentials_task
branch
2 times, most recently
from
954c24c
to
039697b
Compare
This adds a method that takes the options returned by ems.params_for_create and calls a common verify_credentials API call on the provider. This can be called by the API/UI without needing to know anything about the specific provider in a common way.
agrare
force-pushed
the
add_a_verify_credentials_task
branch
from
039697b
to
27daabf
Compare
agrare
changed the title
|
Checked commit agrare@27daabf with ruby 2.4.6, rubocop 0.69.0, haml-lint 0.20.0, and yamllint 1.10.0 app/models/mixins/verify_credentials_mixin.rb
|
|
Oh I tested it with you @Fryguy I just wanted to make sure after we renamed the module that everything still worked. |
|
@agrare I'm playing around with the method in the API, but I have no idea what to feed the |
|
@skateman Do we not have zone as part of the form? I'm thinking that every EMS needs a zone, and it doesn't really belong to the DDF form as it's more of a general ManageIQ thing as opposed to a provider specific thing. |
|
Well, I think we should ask @Hyperkid123 about it, but injecting data into the DDF seems like an antipattern for me...and we don't have any other way of displaying the Zone field than injecting data into the DDF 😕 |
|
We could add zone to the DDF form at the top level (like region for amazon) but it can't be passed in to verify_credentials_task like the rest of the args because it has to be part of the queue_options not the args. This isn't something that is different between the different providers though, it is the same for every provider. |
|
@agrare I'm okay with explicitly pulling out the zone for the verification, especially if the field is the same in every form. def verify_credentials_resource(_type, _id, options = {})
zone = options.delete('zone')
ExtManagementSystem.verify_credentials_task(current_user, zone, options)
endThis should be done even when we add the zone field to the DDF as you wanted first. So I'm totally okay with it. |
|
@agrare From UI perspective. there is minimum of two sections for every provider form:
@skateman I do agree that injecting data into the schema is not exactly the cleanest way how to it, but I also believe that in this case we probably don't have any other options. |
|
Okay, if you can guarantee me that the |
| # Ensure that any passwords are encrypted before putting them onto the queue for any | ||
| # DDF fields which are a password type | ||
| def encrypt_verify_credential_params!(options) | ||
| params_for_create[:fields].each do |field| |
There was a problem hiding this comment.
@skateman this is expected to be called on the provider class not on the base class.
There was a problem hiding this comment.
Thanks, this can be sorted out.
| [error_message.blank?, error_message] | ||
| end | ||
|
|
||
| def verify_credentials_task(userid, zone, options) |
There was a problem hiding this comment.
The zone argument here should be the name of the zone, right? I think it's not obvious, at least I was debugging this for half an hour 😕
There was a problem hiding this comment.
Correct, sorry if its not obvious but that's the standard for all tasks and queue items.
This adds a method that takes the options returned by
ems.params_for_create and calls a common verify_credentials API call on
the provider.
This can be called by the API/UI without needing to know anything about
the specific provider in a common way.
TODO need to update the task with the failure and ensure a boolean is returned so we don't leak the credentials on the queue.#18818