Feat: Refactor notifications from core to modules #822
Conversation
|
Just a couple of notes that I meant to leave on the previous Email notifciation PR - @dlpzx
|
|
@noah-paige, @TejasRGitHub I got an enhancement idea. Currently who receives a notification is still a little messy: Current stateSHARE_SUBMISSION SHARE_APPROVAL SHARE_REJECTED Target stateALL ACTIONS |
|
After agreeing with @TejasRGitHub offline, the PR is ready for review with the latest changes to simplify the notifications recipients. |
|
I tested this feature with I believe this is because in the Then in Either we have to add 1 - an additional conditional in the filter to say if user's username is the same email as in Notification.username or user's groups is one of the groups specified in Notification.username (and remove duplicates) 2 - get a list of user's emails that are within the dataset.SamlAdminGroup and dataset.stewards and add a new Notification object to the table for each distinct user email with Notification.username=user's email |
backend/dataall/modules/dataset_sharing/services/share_notification_service.py
Show resolved
Hide resolved
backend/dataall/modules/dataset_sharing/services/share_notification_service.py
Outdated
Show resolved
Hide resolved
… group filter, replace Context for get_context, add input checks
|
@noah-paige, @TejasRGitHub |
|
@noah-paige @TejasRGitHub I still see one possible enhancement for this feature, but maybe it is out of the scope for this PR. I modified the notifications to take a group as Option 1: One of the options that you pointed out @noah-paige was to create a notification record for each user. But that means going into cognito and getting the emails of each of the users belonging to a group. The downside is that we depend on Cognito as underlying technology and that not all users in a group are data.all active users Option2: have a window where all users can see all notifications. A proper frontend view for notifications. Even if a user marks a notification as read, all other members of the team can go and check the notifications so that the information is not lost. And we make notifications more user-friendly. At the moment I don't think they are that usable Option 3: we store the users that have "marked as read" the notification in a different table --> not the ideal for a relational database to store They are not exclusive. In my opinion option 2, having notifications views, is always a positive addition |
…odules' into feat/refactor-notifications-to-modules
|
@TejasRGitHub @noah-paige I have updated the PR, I made some final changes in the cdk.json and config.json. I also moved all the condition/checks logic to the same place and used if elses block (the one-liner conditionals was getting busy). Please have a look at my latest commits. I will perform a final AWS test and as next steps we leave the "enhancements to notifications in UI" for future releases |
There was a problem hiding this comment.
Looks Good to me as well. @dlpzx , please let me know where are you planning to keep the email_sender_id parameter value and I will update the documentation and create PR on the gh-pages.
|
I think the latest changes to add exceptions for local deployment look good as well - think good to merge @dlpzx |
### Feature or Bugfix - Feature - Bugfix - Refactoring ### Detail #### Features * Limit pivot role S3 permissions by @dlpzx in #780 * Limit pivot role KMS permissions by @dlpzx in #830 * Add configurable session timeout to IDP by @manjulaK in #786 * Allow to submit a share when you are both an approver and a requester by @zsaltys in #793 * Redirect upon creating a share request by @zsaltys in #799 * Handle Pre-filtering of tables by @anushka-singh in #811 * Email Notification on Share Workflow - Issue - 734 by @TejasRGitHub in #818 * Refactor notifications from core to modules by @dlpzx in #822 * Add frontend and backend feature flags by @zsaltys in #817 * Make hosted_zone_id optional by @lorchda in #812 #### Fixes * Add Additional Error Messages for KMS Key lookup on imported dataset by @noah-paige in #748 * Handle Environment Import of IAM service roles by @noah-paige in #749 * Build Compliant Names for Opensearch Resources by @noah-paige in #750 * Update Lambda runtime by @nikpodsh in #782 * Ensure valid environments for share request and other objects creation by @dlpzx in #781 * Fix shell true semgrep by @dlpzx in #760 * Add condition when there are no public subnets by @lorchda in #794 * Remove unused variable by @zsaltys in #815 * Check other share exists before clean up by @noah-paige in #769 ### Relates - v2.1.0 minor release ## New Contributors * @manjulaK made their first contribution in #786 * @zsaltys made their first contribution in #793 * @anushka-singh made their first contribution in #811 * @TejasRGitHub made their first contribution in #818 ### Security Please answer the questions below briefly where applicable, or write `N/A`. Based on [OWASP 10](https://owasp.org/Top10/en/). - Does this PR introduce or modify any input fields or queries - this includes fetching data from storage outside the application (e.g. a database, an S3 bucket)? - Is the input sanitized? - What precautions are you taking before deserializing the data you consume? - Is injection prevented by parametrizing queries? - Have you ensured no `eval` or similar functions are used? - Does this PR introduce any functionality or component that requires authorization? - How have you ensured it respects the existing AuthN/AuthZ mechanisms? - Are you logging failed auth attempts? - Are you using or adding any cryptographic features? - Do you use a standard proven implementations? - Are the used keys controlled by the customer? Where are they stored? - Are you introducing any new policies/roles/users? - Have you used the least-privilege principle? How? By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Noah Paige <69586985+noah-paige@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: jaidisido <jaidisido@gmail.com> Co-authored-by: mourya-33 <134511711+mourya-33@users.noreply.github.com> Co-authored-by: nikpodsh <124577300+nikpodsh@users.noreply.github.com> Co-authored-by: MK <manjula_kasturi@hotmail.com> Co-authored-by: Zilvinas Saltys <zilvinas.saltys@yahooinc.com> Co-authored-by: Daniel Lorch <98748454+lorchda@users.noreply.github.com> Co-authored-by: Anushka Singh <anushka.singh@yahooinc.com> Co-authored-by: trajopadhye <tejas.rajopadhye@yahooinc.com>
Feature or Bugfix
Detail
As a rule of thumb, we encourage customization of
moduleswhile changes incoreshould be avoided when possible.notificationsis a component initially in core which is only used bydataset_sharing. To facilitate customization of thenotificationsmodule and also to clearly see its dependencies we have:notificationscode from core to modules as it is a reusable component that is not needed by any core component.notificationsindependent from any other module (done mostly in Email Notification for Actions on Share Requests #734, so credits to @TejasRGitHub)[WIP] Testing
Local testing
AWS testing
Other remarks
Not for this PR, but as a general note, we should clean up deprecated ECS tasks
Relates
Security
Please answer the questions below briefly where applicable, or write
N/A. Based onOWASP 10.
N/Ajust refactoringBy submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.