Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bio field now part of User; status moved off of DrupalUser #1497

Merged
merged 20 commits into from
Jul 7, 2017

Conversation

jywarren
Copy link
Member

@jywarren jywarren commented Jul 4, 2017

This also establishes a 'token' field for API use and deprecates the location_privacy field of User.

  • all tests pass -- rake test:all
  • code is in uniquely-named feature branch, and has been rebased on top of latest master (especially if you've been asked to make additional changes)
  • pull request is descriptively named with #number reference back to original issue

@ryzokuken - here I'm initializing a token field. You can autogen random tokens in this PR if you like; add to the migration file in each user. We only have to generate them for users of non-zero status.

# copy bios into new fields for non-spam users
DrupalUsers.where('status != 0').each do |u|
user = u.user
user.status = u.status
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right here you could do something like user.token = SecureRandom.hex

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jywarren okay, I am setting up plots2 again and will do this hopefully by today.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jywarren I don't think SecureRandom.hex will ensure uniqueness, though. What do you say?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to regenerate the schema file. Doing this now!

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jywarren great.

@jywarren
Copy link
Member Author

jywarren commented Jul 4, 2017 via email

@ryzokuken
Copy link
Member

ryzokuken commented Jul 4, 2017

@jywarren SecureRandom.uuid sounds better. Although I would like to point out:

This is because the probability that the 16-byte or 128-bit token is nonunique is so vanishingly small that it is virtually zero. There is only a 50% chance of there being any repetitions after approximately 2^64 = 18,446,744,073,709,551,616 = 1.845 x 10^19 tokens have been generated. If you start generating one billion tokens per second, it will take approximately 2^64/(109360024*365.25) = 600 years until there is a 50% chance of there having occurred any repetitions at all.

@jywarren
Copy link
Member Author

jywarren commented Jul 4, 2017

That's fine. We need to regenerate the schema too, and perhaps remove a few unused tables like searches, location tags

@ryzokuken
Copy link
Member

ryzokuken commented Jul 4, 2017

Basically, these are our options:

SecureRandom.uuid           # => "8efb5d40-32d8-43c8-a92d-d5f048c8729c"
SecureRandom.hex            # => "bad6650fc0142451e624bd89b6aa3acf"
SecureRandom.urlsafe_base64 # => "vp6xjBgi48Jgag6dqH8niw"

The last one looks rather short, doesn't it?

P.S: All of these have the exact same entropy.

@jywarren
Copy link
Member Author

jywarren commented Jul 4, 2017 via email

@ryzokuken
Copy link
Member

@jywarren SecureRandom.uuid looks a little more verbose, but I will use it. Will make the required changes as soon as the environment is setup locally. A few thing I would like to confirm though:

  1. How do I add to this PR? Do I copy your branch, make changes and make a PR for your fork's branch? When you push my changes, they will show up in here, I guess.

  2. Apart from adding user.token = SecureRandom.uuid in https://github.com/publiclab/plots2/pull/1497/files/4014dfc777c83f9f97491676b9ffd0aadf2250c4#diff-85d8a967f5e9f12cfb43f842e560d394, what all other tasks do I need to perform? Which specific tables need to be removed?

@jywarren
Copy link
Member Author

jywarren commented Jul 4, 2017 via email

@ryzokuken
Copy link
Member

@jywarren Awesome. I will look more into safely dropping tables from the schema while bundle install executes. On another note, are we using any dependencies we could avoid? The CI build takes way too much time to finish.

@jywarren
Copy link
Member Author

jywarren commented Jul 4, 2017 via email

@ryzokuken
Copy link
Member

Definitely. One of the new contributors was also talking about Makefiles which reminded of the PR I once made for the same. I will consult @icarito and make one for real this time.

@ryzokuken
Copy link
Member

@jywarren we figured out a workaround for Gem::LoadError: mysql2 is not part of the bundle. Add it to your Gemfile., right? I am getting this error :/

@jywarren
Copy link
Member Author

jywarren commented Jul 5, 2017

I think you figured this out? Sorry i wasn't able to respond faster!

@ryzokuken
Copy link
Member

@jywarren Yes, you already fixed it, I was using an older version :P

I will submit a PR for this one in a moment, thanks for your patience.

@ryzokuken
Copy link
Member

@jywarren Made a PR. Please look into it. Awaiting your approval before going ahead with the migration.

@ryzokuken
Copy link
Member

@jywarren

ActiveRecord::StatementInvalid: Mysql2::Error: BLOB/TEXT column 'params' used in key specification without a key length: CREATE  INDEX `poly_params_request_index` ON `impressions` (`impressionable_type`, `impressionable_id`, `params`)

/app/db/schema.rb:193:in `block in <top (required)>'

/app/db/schema.rb:14:in `<top (required)>'

Mysql2::Error: BLOB/TEXT column 'params' used in key specification without a key length

/app/db/schema.rb:193:in `block in <top (required)>'

/app/db/schema.rb:14:in `<top (required)>'

Tasks: TOP => db:schema:load

@ryzokuken
Copy link
Member

@jywarren There's a pending migration. Do you want me to make a PR with the migration done and schema replaced?

@jywarren
Copy link
Member Author

jywarren commented Jul 6, 2017 via email

@ryzokuken
Copy link
Member

@jywarren No problem. I'll do it right now, all I need to do is rake db:migrate and then copy my schema to the example schema, right?

* Use SecureRandom.uuid for generating per-user tokens

* Remove redundant drop_table calls

* Run migration and copy database schema
@jywarren
Copy link
Member Author

jywarren commented Jul 6, 2017

Huh, did u notice there were changes to a few other tables in your schema? I think they're SQLite MySQL differences. Could you remove them? Thanks!

@ryzokuken
Copy link
Member

@jywarren I will. Just a minute.

* Use SecureRandom.uuid for generating per-user tokens

* Remove redundant drop_table calls

* Run migrations and update schema
@ryzokuken
Copy link
Member

@jywarren were they still there? (the sqlite differences)

Strange. I made sure to manually remove them all.

@ryzokuken
Copy link
Member

@jywarren Nope, here's my schema.rb.example:

add_index "impressions", ["controller_name", "action_name", "ip_address"], :name => "controlleraction_ip_index"
  add_index "impressions", ["controller_name", "action_name", "request_hash"], :name => "controlleraction_request_index"
  add_index "impressions", ["controller_name", "action_name", "session_hash"], :name => "controlleraction_session_index"
  add_index "impressions", ["impressionable_type", "impressionable_id", "ip_address"], :name => "poly_ip_index"
  add_index "impressions", ["impressionable_type", "impressionable_id", "params"], :name => "poly_params_request_index", :unique => false, :length => { "params" => 255 }
  add_index "impressions", ["impressionable_type", "impressionable_id", "request_hash"], :name => "poly_request_index"
  add_index "impressions", ["impressionable_type", "impressionable_id", "session_hash"], :name => "poly_session_index"
  add_index "impressions", ["impressionable_type", "message", "impressionable_id"], :name => "impressionable_type_message_index", :unique => false, :length => { "message" => 255 }
  add_index "impressions", ["user_id"], :name => "index_impressions_on_user_id"

Copy link
Member

@ryzokuken ryzokuken left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's take care of these two.

@@ -190,26 +190,12 @@ ActiveRecord::Schema.define(:version => 20170208174046) do
add_index "impressions", ["controller_name", "action_name", "request_hash"], :name => "controlleraction_request_index"
add_index "impressions", ["controller_name", "action_name", "session_hash"], :name => "controlleraction_session_index"
add_index "impressions", ["impressionable_type", "impressionable_id", "ip_address"], :name => "poly_ip_index"
add_index "impressions", ["impressionable_type", "impressionable_id", "params"], :name => "poly_params_request_index", :unique => false, :length => { "params" => 255 }
add_index "impressions", ["impressionable_type", "impressionable_id", "params"], :name => "poly_params_request_index"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is what went wrong, but this one was done in another commit, I think.

add_index "impressions", ["impressionable_type", "impressionable_id", "request_hash"], :name => "poly_request_index"
add_index "impressions", ["impressionable_type", "impressionable_id", "session_hash"], :name => "poly_session_index"
add_index "impressions", ["impressionable_type", "message", "impressionable_id"], :name => "impressionable_type_message_index", :unique => false, :length => { "message" => 255 }
add_index "impressions", ["impressionable_type", "message", "impressionable_id"], :name => "impressionable_type_message_index"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This too.

@jywarren
Copy link
Member Author

jywarren commented Jul 6, 2017

Can you try reverting those lines? Thanks!

@ryzokuken
Copy link
Member

@jywarren sure, I will.

* Use SecureRandom.uuid for generating per-user tokens

* Remove redundant drop_table calls

* Fix database inconsistencies
@PublicLabBot
Copy link

PublicLabBot commented Jul 6, 2017

1 Warning
⚠️ New migrations added. Please update schema.rb.example by overwriting it with a copy of the up-to-date db/schema.rb.
2 Messages
📖 @jywarren Thank you for your pull request! I’m here to help with some tips and recommendations. Please take a look at the list provided and help us review and accept your contribution!
📖 It looks like you haven’t marked all the checkboxes. Help us review and accept your suggested changes by going through the steps one by one. If it is still a ‘Work in progresss’, please include ‘[WIP]’ in the title.

Generated by 🚫 Danger

@jywarren
Copy link
Member Author

jywarren commented Jul 6, 2017

aha! now this is my error. looking now.

@ryzokuken
Copy link
Member

@jywarren But we did replace schema.rb.example didn't we?

@ryzokuken
Copy link
Member

@jywarren the tests need to be changed to match the current schema.

@@ -0,0 +1,26 @@
class AddUserBioAndToken < ActiveRecord::Migration
def up
add_column :rusers, :bio, :text, limit: 2147483647, default: ''
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's odd; the error I'm seeing is:

Error: test_confirm_user_reset_key_not_visible_on_profile_to_non-admins(UsersControllerTest): ActionView::Template::Error: wrong argument type nil (expected String)
app/views/users/profile.html.erb:149:in `to_html'

that's on this line:

<p><small><%= raw auto_link(RDiscount.new(@profile_user.bio).to_html, :sanitize => false) %></small></p>

And @profile_user is a User as of this line: https://github.com/jywarren/plots2/blob/user-bio-and-token/app/controllers/users_controller.rb#L107

So, given this default, it should have a value of '', not nil. What's the deal?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm adding a unit test to ensure that a new User record has a non-nil bio.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jywarren I'll try to look into it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, okay. Yes, in the migration we set the default bio to '', right?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, that's what's confusing!

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apparently default values are not universally supported??? whoa. I'll try setting it manually.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using rails console?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jywarren Oh, the fixtures weren't updated?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ugh yeah. i should've done this all at once, locally, but i kept thinking it was a small fix.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jywarren I'm glad we have this sorted. What next for this PR?

@jywarren
Copy link
Member Author

jywarren commented Jul 7, 2017

This is good to go! If you can now open a new PR with the comment_controller.rb work to enable posting a comment using only a token, and not just if you're logged in, that'd be great.

@jywarren jywarren merged commit 049bc1b into publiclab:master Jul 7, 2017
@ryzokuken
Copy link
Member

@jywarren I would. I think I should go to bed now but I definitely will do so tomorrow morning.

@jywarren
Copy link
Member Author

jywarren commented Jul 7, 2017 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants