Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(users): add tenant id reads in user roles #6661

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

feat(users): add tenant id reads in user roles #6661

wants to merge 6 commits into from
+336 −126

Conversation

apoorvdixit88
Copy link
Contributor

@apoorvdixit88 apoorvdixit88 commented Nov 26, 2024
edited
Loading

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

Support tenant id in user roles queries.

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Motivation and Context

Closes #6660

How did you test it?

With tenancy feature flag enabled these changes will be tested when upcoming tenant related PRs from dashboard gets merged.

The current behaviour of user apis should not change. Since hyperswitch has its own tenant id and we don't have tenant_id feature flag enabled for now.
Tested the sanity flows for users. Working as expected.

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible

@apoorvdixit88 apoorvdixit88 added C-feature Category: Feature request or enhancement S-waiting-on-review Status: This PR has been implemented and needs to be reviewed A-users Area: Users labels Nov 26, 2024
@apoorvdixit88 apoorvdixit88 self-assigned this Nov 26, 2024
@apoorvdixit88 apoorvdixit88 requested review from a team as code owners November 26, 2024 09:27
@semanticdiff-com SemanticDiff.com
Copy link

semanticdiff-com bot commented Nov 26, 2024
edited
Loading

Review changes with  SemanticDiff

Changed Files
File Status
  crates/router/src/types/domain/user/decision_manager.rs  59% smaller
  crates/router/src/db/user_role.rs  51% smaller
  crates/diesel_models/src/query/user_role.rs  16% smaller
  crates/router/src/analytics.rs  0% smaller
  crates/router/src/core/user.rs  0% smaller
  crates/router/src/core/user_role.rs  0% smaller
  crates/router/src/db/kafka_store.rs  0% smaller
  crates/router/src/services/authentication.rs  0% smaller
  crates/router/src/utils/user_role.rs  0% smaller

ThisIsMani
ThisIsMani reviewed Nov 26, 2024
View reviewed changes
crates/diesel_models/src/query/user_role.rs Outdated Show resolved Hide resolved
crates/diesel_models/src/query/user_role.rs Outdated Show resolved Hide resolved
crates/router/src/types/domain/user/decision_manager.rs Outdated Show resolved Hide resolved
crates/router/src/types/domain/user/decision_manager.rs Outdated Show resolved Hide resolved
crates/router/src/utils/user_role.rs Outdated Show resolved Hide resolved
racnan
racnan reviewed Nov 26, 2024
View reviewed changes
crates/router/src/analytics.rs
@@ -1864,6 +1864,7 @@ pub mod routes {
.global_store
.list_user_roles_by_user_id(ListUserRolesByUserIdPayload {
user_id: &auth.user_id,
tenant_id: auth.tenant_id.as_ref().unwrap_or(&state.tenant.tenant_id),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If default value if taken for tenant id not being present in auth token, then won't a user be able to access any tenancy if user gets access to a token with tenant_id: None.
Are we ensuring tenant_id will never be null ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tenant_id will always be present in token, i kept it option just for backward compatibility. We will be making it non option after one two deployments.
Also token tenant's id and state tenant id should be same, so we can use any. We are checking for this only in authentication part.
Moreover currently the feature is disabled, so we won't be having different tenancy support.

ThisIsMani
ThisIsMani previously approved these changes Nov 26, 2024
View reviewed changes
tsdk02
tsdk02 previously approved these changes Nov 26, 2024
View reviewed changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@racnan racnan racnan left review comments

@tsdk02 tsdk02 tsdk02 approved these changes

@dracarys18 dracarys18 dracarys18 approved these changes

@ThisIsMani ThisIsMani ThisIsMani left review comments

@jagan-jaya jagan-jaya Awaiting requested review from jagan-jaya

At least 2 approving reviews are required to merge this pull request.

Assignees

@apoorvdixit88 apoorvdixit88

Labels
A-users Area: Users C-feature Category: Feature request or enhancement S-waiting-on-review Status: This PR has been implemented and needs to be reviewed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat(user_roles): support tenant_id reads
5 participants
@apoorvdixit88 @dracarys18 @racnan @tsdk02 @ThisIsMani