Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prepare Token Updates for #1054 Compatibility #1056

Merged
merged 1 commit into from
Nov 8, 2024
Merged

Prepare Token Updates for #1054 Compatibility #1056

merged 1 commit into from
Nov 8, 2024

Conversation

minwoox
Copy link
Contributor

@minwoox minwoox commented Nov 8, 2024

Motivation
To ensure smooth compatibility with #1054, the Token structure needs an update to support changes in admin property.

Modifications:

  • Enhanced the Token deserializer to accept both admin and systemAdmin properties, ensuring backward compatibility.
  • Updated MetadataService.updateTokenLevel() to avoid direct access to the admin property.

Result:

@minwoox
Prepare Token Updates for line#1054 Compatibility
d445787 
Motivation
To ensure smooth compatibility with line#1054, the `Token` structure needs an update to support changes in `admin` property.

Modifications:
- Enhanced the Token deserializer to accept both `admin` and `systemAdmin` properties, ensuring backward compatibility.
- Updated `MetadataService.updateTokenLevel()` to avoid direct access to the `admin` property.

Result:
- The `Token` structure now supports the upcoming changes, allowing seamless updates with line#1054.
@minwoox minwoox added this to the 0.71.0 milestone Nov 8, 2024
@minwoox minwoox mentioned this pull request Nov 8, 2024
Merged
ikhoon
ikhoon reviewed Nov 8, 2024
View reviewed changes
server/src/main/java/com/linecorp/centraldogma/server/metadata/MetadataService.java
throw new IllegalArgumentException(
"The token is already " +
(toBeAdmin ? "admin" : "user"));
}
Copy link
Contributor

@ikhoon ikhoon Nov 8, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question) The serialized format of tokens.json seems the same. Did you change to validate this? I am asking because this could override the previous state when multiple updates are performed. For example, one deprecates a token, and another makes this token admin. This may not happen in the real world as the permission is only granted to admins.

Copy link
Contributor Author

@minwoox minwoox Nov 8, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The serialized format of tokens.json seems the same.

That is true except the token now deserializes from both: {"appId": "..", "admin": true, ...} and {"appId": "..", "systemAdmin": true, ...}. This is the preliminary work for #1054.
Let's imagine that we rolling-update with #1054 without this PR. When a new structured token (with systemAdmin) is committed, the old servers will fail to read the token because it cannot recognize systemAdmin property.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I understood that the JSON pointer to /appIds/{appId}/admin should be /appIds/{appId}/systemAdmin when #1054 is merged.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

After this PR gets merged, the JSON pointer does not point /appIds/{appId}/admin anymore. It replaces the whole Token at /appIds/{appId}. 😉

jrhee17
jrhee17 approved these changes Nov 8, 2024
View reviewed changes
Copy link
Contributor

@jrhee17 jrhee17 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 👍 👍

@minwoox minwoox merged commit b199e62 into line:main Nov 8, 2024
10 checks passed
@minwoox minwoox deleted the prework_systemAdmin branch November 8, 2024 07:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ikhoon ikhoon ikhoon approved these changes

@jrhee17 jrhee17 jrhee17 approved these changes

@trustin trustin Awaiting requested review from trustin trustin is a code owner

Assignees
No one assigned
Labels
improvement
Projects
None yet
Milestone
0.71.0
Development

Successfully merging this pull request may close these issues.
3 participants
@minwoox @ikhoon @jrhee17