Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RBAC for Test Repositories - Issue #105 #855

Closed
wants to merge 21 commits into from
Closed

RBAC for Test Repositories - Issue #105 #855

wants to merge 21 commits into from

Conversation

amizhen
Copy link
Contributor

@amizhen amizhen commented Jun 5, 2024
edited
Loading

CLOSED: PR MOVED TO: #881

Resolves: AlmaLinux/build-system#105
•Teams must now be assigned to Test Repositories upon creation
•Only members of a Test Repo's team can modify the Test Repo
•Done in conjunction with a pull request in frontend: https://github.com/amizhen/albs-frontend/tree/bs-105

almalinux Cloud User and others added 7 commits June 5, 2024 16:33
@amizhen
Draft: Issue 105 - RBAC for Test Repos - Database Migration
615ff7f 
Migrated database to include new team/test repo role mappings
@amizhen
Draft: Issue 105 - RBAC for Test Repos - Test Repo Perm Checks
874a204 
-Added Test Repo permission checks in update/delete repo
-Added code to add test repo/team role mappings to db - Currently broken
-Updated the calls to crud in routers to include requisite user object
-Updated roles and actions to include update/delete roles/actions
@amizhen
Modified db role mapping, still broken
f744bbb
@amizhen
RBAC working, need to remove actions when deleting
dbfd9a3
@amizhen
Done, deletion not needed
d06ac18
@amizhen
Commented out handlers for debugging
de95277
@amizhen
Uncommented decorators, fixed default Async Session parameters
4b739c7
@github-actions GitHub Actions
Copy link

github-actions bot commented Jun 5, 2024
edited
Loading

73 passed, 11 skipped

Code Coverage Summary

Package Line Rate
alws 76%
alws.auth 77%
alws.auth.oauth 100%
alws.crud 41%
alws.dramatiq 60%
alws.middlewares 93%
alws.perms 86%
alws.routers 57%
alws.schemas 80%
alws.utils 41%
Summary 57% (5699 / 10057)

Linter reports

Pylint report 
************* Module e952dc755f9d_add_team_to_test_repos
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:24:0: C0301: Line too long (130/80) (line-too-long)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:25:0: C0301: Line too long (151/80) (line-too-long)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:82:0: C0301: Line too long (94/80) (line-too-long)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:83:0: C0301: Line too long (90/80) (line-too-long)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:84:0: C0301: Line too long (89/80) (line-too-long)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:85:0: C0301: Line too long (112/80) (line-too-long)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:86:0: C0301: Line too long (110/80) (line-too-long)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:104:0: C0301: Line too long (97/80) (line-too-long)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:105:0: C0301: Line too long (98/80) (line-too-long)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:13:0: C0103: Constant name "revision" doesn't conform to UPPER_CASE naming style (invalid-name)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:14:0: C0103: Constant name "down_revision" doesn't conform to UPPER_CASE naming style (invalid-name)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:15:0: C0103: Constant name "branch_labels" doesn't conform to UPPER_CASE naming style (invalid-name)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:16:0: C0103: Constant name "depends_on" doesn't conform to UPPER_CASE naming style (invalid-name)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:19:0: C0116: Missing function or method docstring (missing-function-docstring)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:21:4: E1101: Module 'alembic.op' has no 'create_table' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:28:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:31:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:34:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:37:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:40:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:43:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:46:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:49:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:52:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:55:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:58:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:61:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:64:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:67:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:70:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:73:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:76:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:79:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:82:4: E1101: Module 'alembic.op' has no 'add_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:83:4: E1101: Module 'alembic.op' has no 'add_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:84:4: E1101: Module 'alembic.op' has no 'add_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:85:4: E1101: Module 'alembic.op' has no 'create_foreign_key' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:86:4: E1101: Module 'alembic.op' has no 'create_foreign_key' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:87:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:90:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:96:0: C0116: Missing function or method docstring (missing-function-docstring)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:98:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:101:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:104:4: E1101: Module 'alembic.op' has no 'drop_constraint' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:105:4: E1101: Module 'alembic.op' has no 'drop_constraint' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:106:4: E1101: Module 'alembic.op' has no 'drop_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:107:4: E1101: Module 'alembic.op' has no 'drop_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:108:4: E1101: Module 'alembic.op' has no 'drop_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:109:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:112:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:115:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:118:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:121:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:124:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:127:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:130:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:133:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:136:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:139:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:142:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:145:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:148:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:151:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:154:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:157:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:160:4: E1101: Module 'alembic.op' has no 'alter_column' member (no-member)
alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:163:4: E1101: Module 'alembic.op' has no 'drop_table' member (no-member)
************* Module alws.crud.test_repository
alws/crud/test_repository.py:52:0: C0301: Line too long (85/80) (line-too-long)
alws/crud/test_repository.py:173:0: C0301: Line too long (85/80) (line-too-long)
alws/crud/test_repository.py:176:0: C0301: Line too long (86/80) (line-too-long)
alws/crud/test_repository.py:231:0: C0301: Line too long (84/80) (line-too-long)
alws/crud/test_repository.py:36:0: C0116: Missing function or method docstring (missing-function-docstring)
alws/crud/test_repository.py:60:27: E1102: func.count is not callable (not-callable)
alws/crud/test_repository.py:121:4: W0613: Unused argument 'flush' (unused-argument)
alws/crud/test_repository.py:208:4: W0613: Unused argument 'flush' (unused-argument)
alws/crud/test_repository.py:18:0: W0611: Unused Observer imported from alws.perms.roles (unused-import)
alws/crud/test_repository.py:26:0: W0611: Unused Team imported from alws.models (unused-import)
alws/crud/test_repository.py:26:0: W0611: Unused User imported from alws.models (unused-import)
************* Module alws.models
alws/models.py:1196:0: C0301: Line too long (83/80) (line-too-long)
alws/models.py:1579:0: C0301: Line too long (83/80) (line-too-long)
alws/models.py:1629:0: C0301: Line too long (85/80) (line-too-long)
alws/models.py:1:0: C0302: Too many lines in module (2141/1000) (too-many-lines)
alws/models.py:64:9: W0511: FIXME: Change nullable to False after owner population (fixme)
alws/models.py:83:9: W0511: FIXME: Change nullable to False after owner population (fixme)
alws/models.py:1041:5: W0511: FIXME: change nullable to False after population (fixme)
alws/models.py:1277:5: W0511: FIXME: change nullable to False after population (fixme)
alws/models.py:63:4: E0213: Method 'team_id' should have "self" as first argument (no-self-argument)
alws/models.py:75:4: E0213: Method 'team' should have "self" as first argument (no-self-argument)
alws/models.py:82:4: E0213: Method 'owner_id' should have "self" as first argument (no-self-argument)
alws/models.py:94:4: E0213: Method 'owner' should have "self" as first argument (no-self-argument)
alws/models.py:134:4: E0213: Method 'started_at' should have "self" as first argument (no-self-argument)
alws/models.py:138:4: E0213: Method 'finished_at' should have "self" as first argument (no-self-argument)
alws/models.py:234:0: C0115: Missing class docstring (missing-class-docstring)
alws/models.py:294:45: E1101: Instance of 'CustomRepoRepr' has no 'name' member (no-member)
alws/models.py:294:57: E1101: Instance of 'CustomRepoRepr' has no 'arch' member (no-member)
alws/models.py:294:69: E1101: Instance of 'CustomRepoRepr' has no 'url' member (no-member)
alws/models.py:338:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:391:0: C0115: Missing class docstring (missing-class-docstring)
alws/models.py:398:16: E1102: func.current_timestamp is not callable (not-callable)
alws/models.py:498:0: C0115: Missing class docstring (missing-class-docstring)
alws/models.py:578:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:656:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:678:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:702:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:882:4: E0213: Method 'user_id' should have "self" as first argument (no-self-argument)
alws/models.py:898:4: E0213: Method 'user_id' should have "self" as first argument (no-self-argument)
alws/models.py:906:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:1136:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:1151:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:1202:0: R0901: Too many ancestors (8/7) (too-many-ancestors)
alws/models.py:1212:16: E1102: func.current_timestamp is not callable (not-callable)
alws/models.py:1323:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:1372:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:1383:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:1420:0: C0115: Missing class docstring (missing-class-docstring)
alws/models.py:1562:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:1601:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:1645:0: C0115: Missing class docstring (missing-class-docstring)
alws/models.py:1703:4: R1710: Either all return statements in a function should return an expression, or none of them should. (inconsistent-return-statements)
alws/models.py:1708:4: R1710: Either all return statements in a function should return an expression, or none of them should. (inconsistent-return-statements)
alws/models.py:1719:0: C0115: Missing class docstring (missing-class-docstring)
alws/models.py:1856:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:1893:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:1905:0: R0903: Too few public methods (1/2) (too-few-public-methods)
alws/models.py:1937:0: C0115: Missing class docstring (missing-class-docstring)
alws/models.py:1995:4: R1710: Either all return statements in a function should return an expression, or none of them should. (inconsistent-return-statements)
alws/models.py:2000:4: R1710: Either all return statements in a function should return an expression, or none of them should. (inconsistent-return-statements)
alws/models.py:2010:0: R0903: Too few public methods (1/2) (too-few-public-methods)
************* Module alws.routers.test_repositories
alws/routers/test_repositories.py:29:4: C0103: Argument name "pageNumber" doesn't conform to snake_case naming style (invalid-name)
alws/routers/test_repositories.py:68:8: W0707: Consider explicitly re-raising using 'raise HTTPException(detail=str(exc), status_code=status.HTTP_400_BAD_REQUEST) from exc' (raise-missing-from)
alws/routers/test_repositories.py:99:8: W0707: Consider explicitly re-raising using 'raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=str(exc)) from exc' (raise-missing-from)
alws/routers/test_repositories.py:119:8: W0707: Consider explicitly re-raising using 'raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=str(exc)) from exc' (raise-missing-from)
alws/routers/test_repositories.py:143:8: W0707: Consider explicitly re-raising using 'raise HTTPException(detail=str(exc), status_code=status.HTTP_400_BAD_REQUEST) from exc' (raise-missing-from)
alws/routers/test_repositories.py:167:8: W0707: Consider explicitly re-raising using 'raise HTTPException(detail=str(exc), status_code=status.HTTP_400_BAD_REQUEST) from exc' (raise-missing-from)
alws/routers/test_repositories.py:186:8: W0707: Consider explicitly re-raising using 'raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=str(exc)) from exc' (raise-missing-from)
************* Module alws.schemas.test_repository_schema
alws/schemas/test_repository_schema.py:12:56: W0108: Lambda may not be necessary (unnecessary-lambda)
alws/schemas/test_repository_schema.py:21:4: R0903: Too few public methods (0/2) (too-few-public-methods)
alws/schemas/test_repository_schema.py:39:4: R0903: Too few public methods (0/2) (too-few-public-methods)
alws/schemas/test_repository_schema.py:52:4: E0213: Method 'tests_dir_validator' should have "self" as first argument (no-self-argument)
alws/schemas/test_repository_schema.py:63:4: E0213: Method 'tests_dir_validator' should have "self" as first argument (no-self-argument)
alws/schemas/test_repository_schema.py:3:0: W0611: Unused field_serializer imported from pydantic (unused-import)

-----------------------------------
Your code has been rated at 5.61/10
Black report 
--- alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py	2024-06-13 01:19:15.100047+00:00
+++ alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py	2024-06-13 01:20:05.867211+00:00
@@ -3,10 +3,11 @@
 Revision ID: e952dc755f9d
 Revises: 07dad1dc5105
 Create Date: 2024-05-24 15:58:53.153438
 
 """
+
 from alembic import op
 import sqlalchemy as sa
 from sqlalchemy.dialects import postgresql
 
 # revision identifiers, used by Alembic.
@@ -16,149 +17,254 @@
 depends_on = None
 
 
 def upgrade():
     # ### commands auto generated by Alembic - please adjust! ###
-    op.create_table('test_repository_role_mapping',
-    sa.Column('test_repository_id', sa.Integer(), nullable=False),
-    sa.Column('role_id', sa.Integer(), nullable=False),
-    sa.ForeignKeyConstraint(['role_id'], ['user_roles.id'], name='fk_test_repositories_role_mapping_role_id', ondelete='CASCADE'),
-    sa.ForeignKeyConstraint(['test_repository_id'], ['test_repositories.id'], name='fk_test_repositories_role_mapping_product_id', ondelete='CASCADE'),
-    sa.PrimaryKeyConstraint('test_repository_id', 'role_id')
-    )
-    op.alter_column('build_releases', 'status',
-               existing_type=sa.INTEGER(),
-               nullable=False)
-    op.alter_column('build_tasks', 'mock_options',
-               existing_type=postgresql.JSONB(astext_type=sa.Text()),
-               nullable=False)
-    op.alter_column('builds', 'mock_options',
-               existing_type=postgresql.JSONB(astext_type=sa.Text()),
-               nullable=False)
-    op.alter_column('builds', 'released',
-               existing_type=sa.BOOLEAN(),
-               nullable=False)
-    op.alter_column('builds', 'cancel_testing',
-               existing_type=sa.BOOLEAN(),
-               nullable=False)
-    op.alter_column('gen_key_tasks', 'status',
-               existing_type=sa.INTEGER(),
-               nullable=False)
-    op.alter_column('new_errata_packages', 'errata_record_id',
-               existing_type=sa.TEXT(),
-               nullable=False)
-    op.alter_column('new_errata_packages', 'platform_id',
-               existing_type=sa.INTEGER(),
-               nullable=False)
-    op.alter_column('new_errata_references', 'errata_record_id',
-               existing_type=sa.TEXT(),
-               nullable=False)
-    op.alter_column('new_errata_references', 'platform_id',
-               existing_type=sa.INTEGER(),
-               nullable=False)
-    op.alter_column('platforms', 'module_build_index',
-               existing_type=sa.INTEGER(),
-               nullable=False)
-    op.alter_column('repositories', 'debug',
-               existing_type=sa.BOOLEAN(),
-               nullable=False)
-    op.alter_column('sign_keys', 'name',
-               existing_type=sa.TEXT(),
-               nullable=False)
-    op.alter_column('sign_keys', 'keyid',
-               existing_type=sa.VARCHAR(length=16),
-               nullable=False)
-    op.alter_column('sign_keys', 'fingerprint',
-               existing_type=sa.VARCHAR(length=40),
-               nullable=False)
-    op.alter_column('sign_keys', 'public_url',
-               existing_type=sa.TEXT(),
-               nullable=False)
-    op.alter_column('sign_keys', 'inserted',
-               existing_type=postgresql.TIMESTAMP(),
-               nullable=False)
-    op.alter_column('sign_tasks', 'status',
-               existing_type=sa.INTEGER(),
-               nullable=False)
-    op.add_column('test_repositories', sa.Column('permissions', sa.Integer(), nullable=False))
-    op.add_column('test_repositories', sa.Column('owner_id', sa.Integer(), nullable=True))
-    op.add_column('test_repositories', sa.Column('team_id', sa.Integer(), nullable=True))
-    op.create_foreign_key('test_repositories_owner_id_fkey', 'test_repositories', 'users', ['owner_id'], ['id'])
-    op.create_foreign_key('test_repositories_team_id_fkey', 'test_repositories', 'teams', ['team_id'], ['id'])
-    op.alter_column('user_actions', 'name',
-               existing_type=sa.VARCHAR(length=100),
-               nullable=False)
-    op.alter_column('user_roles', 'name',
-               existing_type=sa.VARCHAR(length=100),
-               nullable=False)
+    op.create_table(
+        'test_repository_role_mapping',
+        sa.Column('test_repository_id', sa.Integer(), nullable=False),
+        sa.Column('role_id', sa.Integer(), nullable=False),
+        sa.ForeignKeyConstraint(
+            ['role_id'],
+            ['user_roles.id'],
+            name='fk_test_repositories_role_mapping_role_id',
+            ondelete='CASCADE',
+        ),
+        sa.ForeignKeyConstraint(
+            ['test_repository_id'],
+            ['test_repositories.id'],
+            name='fk_test_repositories_role_mapping_product_id',
+            ondelete='CASCADE',
+        ),
+        sa.PrimaryKeyConstraint('test_repository_id', 'role_id'),
+    )
+    op.alter_column(
+        'build_releases', 'status', existing_type=sa.INTEGER(), nullable=False
+    )
+    op.alter_column(
+        'build_tasks',
+        'mock_options',
+        existing_type=postgresql.JSONB(astext_type=sa.Text()),
+        nullable=False,
+    )
+    op.alter_column(
+        'builds',
+        'mock_options',
+        existing_type=postgresql.JSONB(astext_type=sa.Text()),
+        nullable=False,
+    )
+    op.alter_column(
+        'builds', 'released', existing_type=sa.BOOLEAN(), nullable=False
+    )
+    op.alter_column(
+        'builds', 'cancel_testing', existing_type=sa.BOOLEAN(), nullable=False
+    )
+    op.alter_column(
+        'gen_key_tasks', 'status', existing_type=sa.INTEGER(), nullable=False
+    )
+    op.alter_column(
+        'new_errata_packages',
+        'errata_record_id',
+        existing_type=sa.TEXT(),
+        nullable=False,
+    )
+    op.alter_column(
+        'new_errata_packages',
+        'platform_id',
+        existing_type=sa.INTEGER(),
+        nullable=False,
+    )
+    op.alter_column(
+        'new_errata_references',
+        'errata_record_id',
+        existing_type=sa.TEXT(),
+        nullable=False,
+    )
+    op.alter_column(
+        'new_errata_references',
+        'platform_id',
+        existing_type=sa.INTEGER(),
+        nullable=False,
+    )
+    op.alter_column(
+        'platforms',
+        'module_build_index',
+        existing_type=sa.INTEGER(),
+        nullable=False,
+    )
+    op.alter_column(
+        'repositories', 'debug', existing_type=sa.BOOLEAN(), nullable=False
+    )
+    op.alter_column(
+        'sign_keys', 'name', existing_type=sa.TEXT(), nullable=False
+    )
+    op.alter_column(
+        'sign_keys',
+        'keyid',
+        existing_type=sa.VARCHAR(length=16),
+        nullable=False,
+    )
+    op.alter_column(
+        'sign_keys',
+        'fingerprint',
+        existing_type=sa.VARCHAR(length=40),
+        nullable=False,
+    )
+    op.alter_column(
+        'sign_keys', 'public_url', existing_type=sa.TEXT(), nullable=False
+    )
+    op.alter_column(
+        'sign_keys',
+        'inserted',
+        existing_type=postgresql.TIMESTAMP(),
+        nullable=False,
+    )
+    op.alter_column(
+        'sign_tasks', 'status', existing_type=sa.INTEGER(), nullable=False
+    )
+    op.add_column(
+        'test_repositories',
+        sa.Column('permissions', sa.Integer(), nullable=False),
+    )
+    op.add_column(
+        'test_repositories', sa.Column('owner_id', sa.Integer(), nullable=True)
+    )
+    op.add_column(
+        'test_repositories', sa.Column('team_id', sa.Integer(), nullable=True)
+    )
+    op.create_foreign_key(
+        'test_repositories_owner_id_fkey',
+        'test_repositories',
+        'users',
+        ['owner_id'],
+        ['id'],
+    )
+    op.create_foreign_key(
+        'test_repositories_team_id_fkey',
+        'test_repositories',
+        'teams',
+        ['team_id'],
+        ['id'],
+    )
+    op.alter_column(
+        'user_actions',
+        'name',
+        existing_type=sa.VARCHAR(length=100),
+        nullable=False,
+    )
+    op.alter_column(
+        'user_roles',
+        'name',
+        existing_type=sa.VARCHAR(length=100),
+        nullable=False,
+    )
     # ### end Alembic commands ###
 
 
 def downgrade():
     # ### commands auto generated by Alembic - please adjust! ###
-    op.alter_column('user_roles', 'name',
-               existing_type=sa.VARCHAR(length=100),
-               nullable=True)
-    op.alter_column('user_actions', 'name',
-               existing_type=sa.VARCHAR(length=100),
-               nullable=True)
-    op.drop_constraint('test_repositories_team_id_fkey', 'test_repositories', type_='foreignkey')
-    op.drop_constraint('test_repositories_owner_id_fkey', 'test_repositories', type_='foreignkey')
+    op.alter_column(
+        'user_roles',
+        'name',
+        existing_type=sa.VARCHAR(length=100),
+        nullable=True,
+    )
+    op.alter_column(
+        'user_actions',
+        'name',
+        existing_type=sa.VARCHAR(length=100),
+        nullable=True,
+    )
+    op.drop_constraint(
+        'test_repositories_team_id_fkey',
+        'test_repositories',
+        type_='foreignkey',
+    )
+    op.drop_constraint(
+        'test_repositories_owner_id_fkey',
+        'test_repositories',
+        type_='foreignkey',
+    )
     op.drop_column('test_repositories', 'team_id')
     op.drop_column('test_repositories', 'owner_id')
     op.drop_column('test_repositories', 'permissions')
-    op.alter_column('sign_tasks', 'status',
-               existing_type=sa.INTEGER(),
-               nullable=True)
-    op.alter_column('sign_keys', 'inserted',
-               existing_type=postgresql.TIMESTAMP(),
-               nullable=True)
-    op.alter_column('sign_keys', 'public_url',
-               existing_type=sa.TEXT(),
-               nullable=True)
-    op.alter_column('sign_keys', 'fingerprint',
-               existing_type=sa.VARCHAR(length=40),
-               nullable=True)
-    op.alter_column('sign_keys', 'keyid',
-               existing_type=sa.VARCHAR(length=16),
-               nullable=True)
-    op.alter_column('sign_keys', 'name',
-               existing_type=sa.TEXT(),
-               nullable=True)
-    op.alter_column('repositories', 'debug',
-               existing_type=sa.BOOLEAN(),
-               nullable=True)
-    op.alter_column('platforms', 'module_build_index',
-               existing_type=sa.INTEGER(),
-               nullable=True)
-    op.alter_column('new_errata_references', 'platform_id',
-               existing_type=sa.INTEGER(),
-               nullable=True)
-    op.alter_column('new_errata_references', 'errata_record_id',
-               existing_type=sa.TEXT(),
-               nullable=True)
-    op.alter_column('new_errata_packages', 'platform_id',
-               existing_type=sa.INTEGER(),
-               nullable=True)
-    op.alter_column('new_errata_packages', 'errata_record_id',
-               existing_type=sa.TEXT(),
-               nullable=True)
-    op.alter_column('gen_key_tasks', 'status',
-               existing_type=sa.INTEGER(),
-               nullable=True)
-    op.alter_column('builds', 'cancel_testing',
-               existing_type=sa.BOOLEAN(),
-               nullable=True)
-    op.alter_column('builds', 'released',
-               existing_type=sa.BOOLEAN(),
-               nullable=True)
-    op.alter_column('builds', 'mock_options',
-               existing_type=postgresql.JSONB(astext_type=sa.Text()),
-               nullable=True)
-    op.alter_column('build_tasks', 'mock_options',
-               existing_type=postgresql.JSONB(astext_type=sa.Text()),
-               nullable=True)
-    op.alter_column('build_releases', 'status',
-               existing_type=sa.INTEGER(),
-               nullable=True)
+    op.alter_column(
+        'sign_tasks', 'status', existing_type=sa.INTEGER(), nullable=True
+    )
+    op.alter_column(
+        'sign_keys',
+        'inserted',
+        existing_type=postgresql.TIMESTAMP(),
+        nullable=True,
+    )
+    op.alter_column(
+        'sign_keys', 'public_url', existing_type=sa.TEXT(), nullable=True
+    )
+    op.alter_column(
+        'sign_keys',
+        'fingerprint',
+        existing_type=sa.VARCHAR(length=40),
+        nullable=True,
+    )
+    op.alter_column(
+        'sign_keys', 'keyid', existing_type=sa.VARCHAR(length=16), nullable=True
+    )
+    op.alter_column('sign_keys', 'name', existing_type=sa.TEXT(), nullable=True)
+    op.alter_column(
+        'repositories', 'debug', existing_type=sa.BOOLEAN(), nullable=True
+    )
+    op.alter_column(
+        'platforms',
+        'module_build_index',
+        existing_type=sa.INTEGER(),
+        nullable=True,
+    )
+    op.alter_column(
+        'new_errata_references',
+        'platform_id',
+        existing_type=sa.INTEGER(),
+        nullable=True,
+    )
+    op.alter_column(
+        'new_errata_references',
+        'errata_record_id',
+        existing_type=sa.TEXT(),
+        nullable=True,
+    )
+    op.alter_column(
+        'new_errata_packages',
+        'platform_id',
+        existing_type=sa.INTEGER(),
+        nullable=True,
+    )
+    op.alter_column(
+        'new_errata_packages',
+        'errata_record_id',
+        existing_type=sa.TEXT(),
+        nullable=True,
+    )
+    op.alter_column(
+        'gen_key_tasks', 'status', existing_type=sa.INTEGER(), nullable=True
+    )
+    op.alter_column(
+        'builds', 'cancel_testing', existing_type=sa.BOOLEAN(), nullable=True
+    )
+    op.alter_column(
+        'builds', 'released', existing_type=sa.BOOLEAN(), nullable=True
+    )
+    op.alter_column(
+        'builds',
+        'mock_options',
+        existing_type=postgresql.JSONB(astext_type=sa.Text()),
+        nullable=True,
+    )
+    op.alter_column(
+        'build_tasks',
+        'mock_options',
+        existing_type=postgresql.JSONB(astext_type=sa.Text()),
+        nullable=True,
+    )
+    op.alter_column(
+        'build_releases', 'status', existing_type=sa.INTEGER(), nullable=True
+    )
     op.drop_table('test_repository_role_mapping')
     # ### end Alembic commands ###
--- alws/crud/test_repository.py	2024-06-13 01:19:15.104047+00:00
+++ alws/crud/test_repository.py	2024-06-13 01:20:05.920939+00:00
@@ -30,11 +30,10 @@
     UserRole,
 )
 from alws.crud.actions import ensure_all_actions_exist
 
 
-
 async def get_repositories(
     session: AsyncSession,
     page_number: typing.Optional[int] = None,
     repository_id: typing.Optional[int] = None,
     name: typing.Optional[str] = None,
@@ -47,11 +46,13 @@
         query = (
             select(models.TestRepository)
             .order_by(models.TestRepository.id.desc())
             .options(
                 joinedload(models.TestRepository.packages),
-                joinedload(models.TestRepository.team).joinedload(models.Team.roles),
+                joinedload(models.TestRepository.team).joinedload(
+                    models.Team.roles
+                ),
                 joinedload(models.TestRepository.owner),
                 joinedload(models.TestRepository.roles),
             )
         )
         if name:
@@ -168,27 +169,35 @@
 
 
 def get_team_role_name(team_name: str, role_name: str):
     return f'{team_name}_{role_name}'
 
-async def create_test_repository_role_mapping(session: AsyncSession, team_name: str):
+
+async def create_test_repository_role_mapping(
+    session: AsyncSession, team_name: str
+):
     required_roles = (Contributor,)
     required_actions = (UpdateTest, DeleteTest)
-    role_names = [get_team_role_name(team_name, role.name) for role in required_roles]
+    role_names = [
+        get_team_role_name(team_name, role.name) for role in required_roles
+    ]
 
     existing_roles = (
-        await session.execute(
-            select(UserRole).where(
-                UserRole.name.in_(role_names)
-            ).options(
-                selectinload(UserRole.actions)
+        (
+            await session.execute(
+                select(UserRole)
+                .where(UserRole.name.in_(role_names))
+                .options(selectinload(UserRole.actions))
             )
         )
-    ).scalars().all()
+        .scalars()
+        .all()
+    )
     await ensure_all_actions_exist(session)
-    existing_actions = (await session.execute(
-        select(UserAction))).scalars().all()
+    existing_actions = (
+        (await session.execute(select(UserAction))).scalars().all()
+    )
     actions_to_add = []
     for existing_action in existing_actions:
         for action in required_actions:
             if action.name == existing_action.name:
                 actions_to_add.append(existing_action)
@@ -226,11 +235,13 @@
         raise TestRepositoryError("Test Repository already exists")
 
     repository = models.TestRepository(**payload.model_dump())
 
     team = await get_teams(session, team_id=payload.team_id)
-    repository_roles = await create_test_repository_role_mapping(session, team.name)
+    repository_roles = await create_test_repository_role_mapping(
+        session, team.name
+    )
     repository.team = team
     repository.roles = repository_roles
 
     session.add(repository)
     await session.flush()
@@ -286,13 +297,13 @@
     )
     await session.flush()
 
 
 async def delete_repository(
-        session: AsyncSession,
-        repository_id: int,
-        user: models.User,
+    session: AsyncSession,
+    repository_id: int,
+    user: models.User,
 ):
     db_repo = await get_repositories(session, repository_id=repository_id)
     if not db_repo:
         raise DataNotFoundError(
             f"Test repository={repository_id} doesn`t exist"
--- alws/models.py	2024-06-13 01:19:15.104047+00:00
+++ alws/models.py	2024-06-13 01:20:06.690334+00:00
@@ -950,11 +950,11 @@
     )
     products: Mapped[List["Product"]] = relationship(
         "Product", back_populates="team"
     )
     test_repositories: Mapped[List["TestRepository"]] = relationship(
-         "TestRepository", back_populates="team"
+        "TestRepository", back_populates="team"
     )
     roles: Mapped[List["UserRole"]] = relationship(
         "UserRole",
         secondary=TeamRoleMapping,
         cascade="all, delete",
@@ -1191,11 +1191,13 @@
     packages: Mapped[List["PackageTestRepository"]] = relationship(
         "PackageTestRepository",
         back_populates="test_repository",
         cascade="all, delete",
     )
-    team: Mapped["Team"] = relationship("Team", back_populates="test_repositories")
+    team: Mapped["Team"] = relationship(
+        "Team", back_populates="test_repositories"
+    )
     roles: Mapped[List["UserRole"]] = relationship(
         "UserRole", secondary=TestRepositoryRoleMapping
     )
Isort report 
--- /code/alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:before	2024-06-13 01:19:15.100047
+++ /code/alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py:after	2024-06-13 01:20:07.405355
@@ -5,8 +5,8 @@
 Create Date: 2024-05-24 15:58:53.153438
 
 """
+import sqlalchemy as sa
 from alembic import op
-import sqlalchemy as sa
 from sqlalchemy.dialects import postgresql
 
 # revision identifiers, used by Alembic.
--- /code/alws/crud/test_repository.py:before	2024-06-13 01:19:15.104047
+++ /code/alws/crud/test_repository.py:after	2024-06-13 01:20:07.413757
@@ -6,22 +6,13 @@
 from sqlalchemy.sql.expression import func
 
 from alws import models
+from alws.crud import user as user_crud
+from alws.crud.actions import ensure_all_actions_exist
 from alws.crud.teams import get_teams
-from alws.errors import DataNotFoundError, TestRepositoryError
-from alws.schemas import test_repository_schema
-from alws.perms.authorization import can_perform
 from alws.errors import (
+    DataNotFoundError,
     PermissionDenied,
-)
-from alws.perms import actions
-from alws.crud import user as user_crud
-from alws.perms.roles import (
-    Contributor,
-    Observer,
-)
-from alws.perms.actions import (
-    UpdateTest,
-    DeleteTest,
+    TestRepositoryError,
 )
 from alws.models import (
     Team,
@@ -29,8 +20,17 @@
     UserAction,
     UserRole,
 )
-from alws.crud.actions import ensure_all_actions_exist
-
+from alws.perms import actions
+from alws.perms.actions import (
+    DeleteTest,
+    UpdateTest,
+)
+from alws.perms.authorization import can_perform
+from alws.perms.roles import (
+    Contributor,
+    Observer,
+)
+from alws.schemas import test_repository_schema
 
 
 async def get_repositories(
--- /code/alws/routers/test_repositories.py:before	2024-06-13 01:19:15.104047
+++ /code/alws/routers/test_repositories.py:after	2024-06-13 01:20:07.431922
@@ -3,13 +3,13 @@
 from fastapi import APIRouter, Depends, HTTPException, status
 from fastapi_sqla import AsyncSessionDependency
 from sqlalchemy.ext.asyncio import AsyncSession
+
+from alws import models
 from alws.auth import get_current_user
 from alws.crud import test_repository
 from alws.dependencies import get_async_db_key
 from alws.errors import DataNotFoundError, TestRepositoryError
 from alws.schemas import test_repository_schema
-from alws import models
-
 
 router = APIRouter(
     prefix='/test_repositories',
--- /code/tests/test_api/test_repositories.py:before	2024-06-13 01:19:15.116047
+++ /code/tests/test_api/test_repositories.py:after	2024-06-13 01:20:07.437786
@@ -2,8 +2,8 @@
 
 import pytest
 
+from alws.models import Product
 from tests.mock_classes import BaseAsyncTestCase
-from alws.models import Product
 
 
 class TestRepositoriesEndpoints(BaseAsyncTestCase):
Bandit report 
Run started:2024-06-13 01:20:08.626812

Test results:
	No issues identified.

Code scanned:
	Total lines of code: 2795
	Total lines skipped (#nosec): 0
	Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
Files skipped (0):

View full reports on the Job Summary page.

javihernandez
javihernandez reviewed Jun 6, 2024
View reviewed changes
Copy link
Member

@javihernandez javihernandez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @amizhen! Great job on your very first contribution to ALBS!
Overall, looks good, but needs some work. I left some review comments, none of them critical but must be addressed.

alws/alembic/versions/e952dc755f9d_add_team_to_test_repos.py
sa.ForeignKeyConstraint(['test_repository_id'], ['test_repositories.id'], name='fk_test_repositories_role_mapping_product_id', ondelete='CASCADE'),
sa.PrimaryKeyConstraint('test_repository_id', 'role_id')
)
op.alter_column('build_releases', 'status',
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to figure out why all these nullable=False are getting introduced in the migration. I bet is a side effect from recent migration to fastapi-sqla. @Korulag, any ideas?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure, when I was experimenting on it, it was not introducing unnecessary nullable=False statements unless it really needed to do so

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, this seems to be a side-effect of the recent migration to sqlalchemy 2. I checked one by one in production db and all can be safely updated to set nullable to False, but some of them need to be handled:

  • build_tasks.mock_options: these are old builds from 2021 - I'd say that we can update these with an empty {} or, if we don't want to, turn this into nullable=True
  • builds.mock_options: these are old builds from 2021-2022 - I'd say that we can update these with a {'definitions': {}} or, if we don't want to, make it nullable=True
  • builds.cancel_testing - These are builds before the introduction of cancel_testing - can set those without cancel_testing with default value (False)

@Korulag any thoughts? Also, would you like to make these adjustments within this PR? Or do you prefer to create another one?

alws/scripts/albs-gitea-listener/albs-gitea-listener-config.yaml Outdated
@@ -1,12 +1,12 @@
---
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

leave this file untouched

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

up

@javihernandez
Copy link
Member

Regarding the tests failure of tests.test_scripts.test_packages_exporter , it is not related to your changes and it has been fixed in 956257d. All you need to do is to update your code with current master.

maccelf
maccelf requested changes Jun 6, 2024
View reviewed changes
amizhen and others added 11 commits June 7, 2024 02:41
@amizhen
Used almalinux-bs instead of db for general compatibility
7c3593d
@amizhen
Cleaned up print statements
610d571
@amizhen
Reverted changes to albs.conf
fb0ee83
@amizhen
Cleaned up code and implemented PR suggestions
efb9c54
@javihernandez @amizhen
Bump errata2osv from 0.0.3 to 0.0.4 (AlmaLinux#856)
b02aa06 
ALBS is still on Python 3.9 and osv is moving to >3.11

See: google/osv.dev#2281
@Kwaizer @amizhen
Separated packages list in failed errata release
fccc16f
@javihernandez @amizhen
Ensure we get the non-devel module from OVAL data (AlmaLinux#859)
2521a3a 
If the first match in the affected regex search is the devel module, we
fail when trying to map errata packages later.

Fixes: AlmaLinux/build-system#304
@amizhen
Owner_id is required
6fcc1b1
@amizhen
undid changes to gitea-listener that should have been kept local
f7cc64a
@amizhen
Merge remote-tracking branch 'origin/master' into bs-105
b797781 
* origin/master:
  Fix MissingGreenlet in getting new test tasks
  Bump fastapi-sqla from 3.1.2 to 3.3.0
  Bump pylint from 3.2.2 to 3.2.3
  Bump pytest from 8.2.1 to 8.2.2
  Bump pydantic-settings from 2.3.1 to 2.3.2
  Disable expire_on_commit in some interactions with pulp db
  Bump structlog from 24.1.0 to 24.2.0
  Bump pydantic-settings from 2.2.1 to 2.3.1
  Bump pydantic from 2.7.1 to 2.7.3
  Bump sentry-sdk[fastapi] from 2.2.1 to 2.5.1
  Ensure we get the non-devel module from OVAL data (AlmaLinux#859)
  Separated packages list in failed errata release
  Add platform_id in /errata/all/ endpoint (AlmaLinux/build-system#207)
  Bump uvicorn from 0.29.0 to 0.30.1
  Bump errata2osv from 0.0.3 to 0.0.4 (AlmaLinux#856)
@amizhen
Modified tests to be compatable with new repo code
297d9b6
@javihernandez javihernandez mentioned this pull request Jun 12, 2024
Merged
@amizhen amizhen closed this Jun 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@javihernandez javihernandez javihernandez left review comments

@Korulag Korulag Korulag left review comments

@maccelf maccelf maccelf requested changes

@soksanichenko soksanichenko soksanichenko left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add RBAC to the test repositories
6 participants
@amizhen @javihernandez @Korulag @maccelf @soksanichenko @Kwaizer