WOR-1823 part 3: workspace deletion refactoring #3049
Conversation
| @@ -43,19 +46,6 @@ trait LibraryPermissionsSupport extends RoleSupport { | |||
| case _ => changeMetadataChecker(workspaceId) _ | |||
| } | |||
|
|
|||
| def withLibraryAttributeNamespaceCheck[T](attributeNames: Iterable[AttributeName])(op: => T): T = { | |||
There was a problem hiding this comment.
This was moved to WorkspaceService, since it is only called there.
| val samDAO: SamDAO | ||
| val gcsDAO: GoogleServicesDAO | ||
| val ctx: RawlsRequestContext |
There was a problem hiding this comment.
These were being inherited by RoleSupport, but there's no real reason for this trait to be connected to it.
| @@ -28,20 +28,4 @@ trait RoleSupport { | |||
| new RawlsExceptionWithErrorReport(errorReport = ErrorReport(StatusCodes.Forbidden, "You must be an admin.")) | |||
| ) | |||
| } | |||
|
|
|||
| def tryIsCurator(userEmail: RawlsUserEmail): Future[Boolean] = | |||
| gcsDAO.isLibraryCurator(userEmail.value) recoverWith { case t => | |||
There was a problem hiding this comment.
This was only used once, So I just moved it inline.
| * @param f the operation to execute within the trace | ||
| * @return the result of the operation `f` | ||
| */ | ||
| def trace[T](name: String, parentContext: RawlsRequestContext)(f: RawlsRequestContext => T): T = |
There was a problem hiding this comment.
Not having this was pushing a lot of different places to use a Future where it wasn't really necessary.
There was a problem hiding this comment.
This appears to be equivalent to traceNakedWithParent below
There was a problem hiding this comment.
That's using RawlsTracingContext not RawlsRequestContext.
It's arguable that the better approach would be an overload or something, but we have similar divergence between others, such as between traceFutureWithParent and traceFuture.
Also, this is the most common/basic/unembellished instance of this, and therefore worth giving the most basic name. But I didn't feel like renaming usages of traceNakedWithParent in what is already a substantial PR.
blakery
force-pushed
the
WOR-1823-part-3
branch
from
df30fda
to
4b1f1f7
Compare
| @@ -17,19 +17,15 @@ import org.broadinstitute.dsde.rawls.entities.exceptions.{ | |||
| import org.broadinstitute.dsde.rawls.expressions.ExpressionEvaluator | |||
| import org.broadinstitute.dsde.rawls.metrics.RawlsInstrumented | |||
| import org.broadinstitute.dsde.rawls.model.AttributeUpdateOperations.{AttributeUpdateOperation, EntityUpdateDefinition} | |||
| import org.broadinstitute.dsde.rawls.model.{ | |||
There was a problem hiding this comment.
The changes in this file are just from moving an exception definition to the place where it's thrown.
| count: Int = 1, | ||
| labels: Map[String, String] = Map.empty, | ||
| description: Option[String] = None | ||
| ): IO[Unit] = { |
There was a problem hiding this comment.
Unneccesary IO wrapping - only called in one place anyway.
|
|
||
| import dataSource.dataAccess.driver.api._ | ||
|
|
||
| def getActiveWorkflowsAndSetStatusToAborted( |
There was a problem hiding this comment.
This was moved in wholesale from WorkspaceService.
| * @throws AttributeUpdateOperationException when adding or removing from an attribute that is not a list | ||
| * @return the updated entity | ||
| */ | ||
| def applyOperationsToEntity(entity: Entity, operations: Seq[AttributeUpdateOperation]): Entity = | ||
| entity.copy(attributes = applyAttributeUpdateOperations(entity, operations)) | ||
| } | ||
|
|
||
| class AttributeUpdateOperationException(message: String) extends RawlsException(message) |
There was a problem hiding this comment.
This is the only place these are thrown, so it makes sense for them to be defined here.
| val defaultRequestContext: RawlsRequestContext = | ||
| RawlsRequestContext( | ||
| UserInfo(RawlsUserEmail("test"), OAuth2BearerToken("Bearer 123"), 123, RawlsUserSubjectId("abc")) | ||
| val ctx: RawlsRequestContext = RawlsRequestContext( |
There was a problem hiding this comment.
I got tired of having defaultRequestContext making practically every mock require a line break. Sorry about the resulting diff size.
| @@ -79,7 +84,6 @@ import scala.jdk.DurationConverters.JavaDurationOps | |||
| import scala.language.postfixOps | |||
| import scala.util.Try | |||
|
|
|||
| //noinspection NameBooleanParameters,TypeAnnotation,EmptyParenMethodAccessedAsParameterless,ScalaUnnecessaryParentheses,RedundantNewCaseClass,ScalaUnusedSymbol | |||
There was a problem hiding this comment.
Nearly all of the changes in this file are fixing ide warnings from removing this.
| // Delete Google Project | ||
| _ <- traceFutureWithParent("deleteGoogleProject", ctx)(_ => deleteGoogleProject(workspace.googleProjectId)) | ||
| // attempt to delete workspace in WSM, in case thsi is a TDR snapshot - but don't fail on it | ||
| _ = Try(workspaceManagerDAO.deleteWorkspace(workspace.workspaceIdAsUUID, ctx)).recover { |
There was a problem hiding this comment.
This is the same behavior we had before, because we would only fail if it was a McWorkspace we were trying to delete, which would never happen, since those are handled by MultiCloudWorkspaceService.
blakery
requested review from
a team,
cahrens and
marctalbott
and removed request for
a team
This allows getWorkspace and getWorkspaceById to share the processing logic, without getWorkspaceById calling getWorkspace directly.
…n for consistency
It's arguable we should create a new type of repository for this, but this will work for now. We can always split it out later.
The only permission below WorkspaceAccessLevels.Read is NoAccess, which isn't realistic, since the user has at least read permissions to get this far. Also, not making the additional call to Sam is purely an optimization - so better to just make the call to Sam.
this should be done by the MC workspace service
there's no longer any point keeping them separate, now that it's more concise
commit a793aa0 Author: Blake Geno <[email protected]> Date: Fri Sep 27 17:00:11 2024 -0400 WOR-1823 part 2: listWorkspaces refactors (#3048) * break out shared processing of workspace response This allows getWorkspace and getWorkspaceById to share the processing logic, without getWorkspaceById calling getWorkspace directly. * refactor getWorkspaceDetails to use for comprehension * remove pointless transaction when getting bucket options * remove inspection supression, fix resulting issues * clean up getBucketUsage and add unit tests * clean up context parameters to reflect actual usage * disabled invalidated tests for getWorkspace(workspaceId) * move getBucketOptions next to getBucketUsage and use for comprehension for consistency * add test for getBucketOptions * move raw datasource calls to repository It's arguable we should create a new type of repository for this, but this will work for now. We can always split it out later. * eliminate some raw usages of datasource * moved admin methods to separate service * only retrieve transfers from queried workspace * move database operations for lock/unlock into repository * fixed unit tests for getWorkspaceById * removed unused method * clean up * moved only method usage of tryIsCurator inline * move only usage of withLibraryAttributeNamespaceCheck to calling service * decoupled LibraryPermissionsSupport from RoleSupport * simplified canShare resolution The only permission below WorkspaceAccessLevels.Read is NoAccess, which isn't realistic, since the user has at least read permissions to get this far. Also, not making the additional call to Sam is purely an optimization - so better to just make the call to Sam. * add method to list submissions, change single query to return an option * add convenience apply method to RawlsExceptionWithErrorReport * refactor list workspaces * add unit tests for listWorkspaces * scalafmt * fixed WorkspaceServiceSpec organization headers, clean up tests * updates from PR review commit 729bb64 Author: Bria Morgan <[email protected]> Date: Fri Sep 27 13:03:32 2024 -0400 AJ-2002 Render local-dev config with gsm instead of vault (#3044) * new render without .ctmpl * use dsde-dev
blakery
force-pushed
the
WOR-1823-part-3
branch
from
d52d4a9
to
74fe8a1
Compare
| * @param f the operation to execute within the trace | ||
| * @return the result of the operation `f` | ||
| */ | ||
| def trace[T](name: String, parentContext: RawlsRequestContext)(f: RawlsRequestContext => T): T = |
There was a problem hiding this comment.
This appears to be equivalent to traceNakedWithParent below
| leonardoService.cleanupResources(workspace.googleProjectId, workspace.workspaceIdAsUUID, ctx) | ||
| ) | ||
| // Delete Google Project | ||
| _ <- traceFutureWithParent("deleteGoogleProject", ctx)(_ => deleteGoogleProject(workspace.googleProjectId)) |
There was a problem hiding this comment.
There are technically still v1 workspaces in Rawls and this would bork all other v1 workspaces in a billing project by deleting the billing project's google project. Painful to have to leave it in given our stance on v1 workspaces, but as long as they're still around we probably need to keep the check
There was a problem hiding this comment.
If it was a v1 workspace, we'd never have gotten this far.
The first operation is getWorkspaceContextAndPermissions, which only returns v2 workspaces. So calling this endpoint on a v1 workspace would already return a NoSuchWorkspace exception.
Note: IIRC, v1 workspaces are not returned or treated as valid targets for any user-facing operation at this point.
Ticket: https://broadworkbench.atlassian.net/browse/WOR-1823
Refactors workspace deletion and adds unit tests.
PR checklist
model/, then you should publish a new officialrawls-modeland updaterawls-modelin Orchestration's dependencies.