Transfer route ownership #2887
Transfer route ownership #2887
Conversation
|
Source: f387129 What is y'all's current thinking on this? |
|
@dalvarado - Rebasing to the current |
- permissions for roles based on initial space done - next is permissions based on the target_space Co-authored-by: Michael Oleske <moleske@pivotal.io> Co-authored-by: Alex Rocha <alexr1@vmware.com>
- return 422 if the target space either doesn't exist or you don't have write permissions for target space - next step is to start actually transferring ownership or do request body validation Authored-by: Michael Oleske <moleske@pivotal.io>
Note: This is probably note the right endpoint defintion for this action
current frontrunners are:
PATCH v3/routes/:guid/relationships/space -d { "data": {"guid": "space-2-guid" }}
PATCH /v3/routes/:guid/actioins/transfer_owner -d {"guid": "space-2-guid" }
Co-authored-by: Merric de Launey <mdelauney@pivotal.io>
Co-authored-by: Michael Oleske <moleske@pivotal.io>
Co-authored-by: David Alvarado <alvaradoda@vmware.com>
Co-authored-by: Alex Rocha <alexr1@vmware.com>
Co-authored-by: Alex Rocha <alexr1@vmware.com> Co-authored-by: David Alvarado <alvaradoda@vmware.com> Co-authored-by: Merric de Launey <mdelauney@pivotal.io>
Co-authored-by: Michael Oleske <moleske@pivotal.io> Co-authored-by: Alex Rocha <alexr1@vmware.com>
…mmit. Our tests include checks that ensure `record_route_transfer_owner` doesn't run on exceptions that result in a commit being rolled back. Unfortunately the DB.transaction block does not bubble up `Sequel::RollBack` exceptions themselves--although it does bubble up all other types of exceptions that would result in a failed commit Co-authored-by: Alex Rocha <alexr1@vmware.com> Co-authored-by: Michael Oleske <moleske@pivotal.io>
moleske
force-pushed
the
transfer-route-ownership
branch
from
bfd38ca
to
50527bb
Compare
Co-authored-by: Alex Rocha <alexr1@vmware.com> Co-authored-by: Michael Oleske <moleske@pivotal.io>
I am still unsure if either of these options (or something else?) are more in align with capi's endpoint design. Would love to hear anyone else's opinion. It's worth noting that the current endpoint is PATCH /v3/routes/:guid/transfer_owner -d {"guid": "space-2-guid" } which is almost certainly not correct. |
|
Without thinking about it too deeply, |
|
I would also go for the |
| --- | | ||
| Admin | | ||
| Space Developer | | ||
| Space Supporter | |
There was a problem hiding this comment.
Should a Space Supporter be allowed to perform this action?
There was a problem hiding this comment.
Hmm good question. I think you are right, this falls outside the domain of space supporters
| message = RouteTransferOwnerMessage.new(hashed_params[:body]) | ||
| unprocessable!(message.errors.full_messages) unless message.valid? | ||
|
|
||
| unauthorized! unless permission_queryer.can_manage_apps_in_active_space?(route.space.guid) |
There was a problem hiding this comment.
The check for a suspended org needs to be added as well:
suspended! unless permission_queryer.is_space_active?(route.space.guid)
| target_space = Space.first(guid: message.guid) | ||
| target_space_error = if target_space.nil? || !can_read_space?(target_space) | ||
| 'Ensure the space exists and that you have access to it.' | ||
| elsif !permission_queryer.can_manage_apps_in_active_space?(target_space.guid) | ||
| 'Ensure that you have write permission for the target space.' | ||
| elsif !permission_queryer.is_space_active?(target_space.guid) | ||
| 'The target organization is suspended.' | ||
| end |
There was a problem hiding this comment.
This is very similar with the checks in unshare_route - the only difference I see is that if the target space is not readable, there is a resource_not_found error instead. Can this be changed to be identical and then extracted into a dedicated method?
There was a problem hiding this comment.
started looking at this, still playing around with what making them same looks like. Such as which parts to change in unshare to match transfer or the opposite way. Leaning toward making unshare match transfer rather than transfer match unshare
- pr feedback Authored-by: Michael Oleske <moleske@pivotal.io>
- pr feedback Authored-by: Michael Oleske <moleske@pivotal.io>
- pr feedback - next commit should extract these to a function - consider test organzation as well Co-authored-by: Michael Oleske <moleske@pivotal.io> Co-authored-by: David Alvarado <alvaradoda@vmware.com>
- pr feedback Co-authored-by: Michael Oleske <moleske@pivotal.io> Co-authored-by: David Alvarado <alvaradoda@vmware.com>
- pr feedback Co-authored-by: Michael Oleske <moleske@pivotal.io> Co-authored-by: David Alvarado <alvaradoda@vmware.com>
…ips/space This change ensures the endpoint adheres to the v3 api style guide https://github.com/cloudfoundry/cloud_controller_ng/blob/main/docs/v3_style_guide.md [#182668597] Authored-by: Merric de Launey <mdelauney@pivotal.io>
|
Following along with this to see if/when we might want to support this change in Korifi.
Agreed, goes well with the existing route sharing endpoints. |
Co-authored-by: Merric de Launey mdelauney@pivotal.io
Co-authored-by: Alex Rocha alexr1@vmware.com
Co-authored-by: David Alvarado dalvarado@pivotal.io
Thanks for contributing to cloud_controller_ng. To speed up the process of reviewing your pull request please provide us with:
A short explanation of the proposed change:
An explanation of the use cases your change solves
Links to any other associated PRs
I have reviewed the contributing guide
I have viewed, signed, and submitted the Contributor License Agreement
I have made this pull request to the
mainbranchI have run all the unit tests using
bundle exec rakeI have run CF Acceptance Tests