From 04071748293c5d4a9a2e4928925f1d578de9cb87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robin=20Hru=C5=A1ka?= Date: Thu, 18 Apr 2024 17:15:26 +0200 Subject: [PATCH 1/4] fix resource initialization --- seacatauth/authz/resource/service.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/seacatauth/authz/resource/service.py b/seacatauth/authz/resource/service.py index 09a59e14..13f4a85e 100644 --- a/seacatauth/authz/resource/service.py +++ b/seacatauth/authz/resource/service.py @@ -137,7 +137,7 @@ async def _ensure_builtin_resources(self): # Update resource description if description is not None and db_resource.get("description") != description: - await self._update(resource_id, description) + await self._update(db_resource, description) async def list(self, page: int = 0, limit: int = None, query_filter: dict = None): @@ -206,9 +206,13 @@ async def update(self, resource_id: str, description: str): resource = await self.get(resource_id) if not await self.is_editable_resource(resource): raise asab.exceptions.ValidationError("Built-in resource cannot be modified") + await self._update(resource, description) + + + async def _update(self, resource: dict, description: str): upsertor = self.StorageService.upsertor( self.ResourceCollection, - obj_id=resource_id, + obj_id=resource["_id"], version=resource["_v"]) assert description is not None @@ -218,7 +222,7 @@ async def update(self, resource_id: str, description: str): upsertor.set("description", description) await upsertor.execute(event_type=EventTypes.RESOURCE_UPDATED) - L.log(asab.LOG_NOTICE, "Resource updated", struct_data={"resource": resource_id}) + L.log(asab.LOG_NOTICE, "Resource updated", struct_data={"resource": resource["_id"]}) async def delete(self, resource_id: str, hard_delete: bool = False): From de30e6a1867ee7a4cf5a1326347d80ce02970995 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robin=20Hru=C5=A1ka?= Date: Thu, 18 Apr 2024 17:24:20 +0200 Subject: [PATCH 2/4] ensure managed_by marker --- seacatauth/authz/resource/handler.py | 3 ++- seacatauth/authz/resource/service.py | 13 +++++++++---- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/seacatauth/authz/resource/handler.py b/seacatauth/authz/resource/handler.py index ea71bef2..e0db683c 100644 --- a/seacatauth/authz/resource/handler.py +++ b/seacatauth/authz/resource/handler.py @@ -4,8 +4,9 @@ import aiohttp.web import asab import asab.web.rest +import asab.exceptions -from seacatauth.decorators import access_control +from ...decorators import access_control # diff --git a/seacatauth/authz/resource/service.py b/seacatauth/authz/resource/service.py index 13f4a85e..ee41a25e 100644 --- a/seacatauth/authz/resource/service.py +++ b/seacatauth/authz/resource/service.py @@ -135,9 +135,11 @@ async def _ensure_builtin_resources(self): await self.create(resource_id, description, is_managed_by_seacat_auth=True) continue - # Update resource description - if description is not None and db_resource.get("description") != description: - await self._update(db_resource, description) + if ( + (db_resource.get("managed_by") != "seacat-auth") + or (description is not None and db_resource.get("description") != description) + ): + await self._update(db_resource, description, is_managed_by_seacat_auth=True) async def list(self, page: int = 0, limit: int = None, query_filter: dict = None): @@ -209,7 +211,7 @@ async def update(self, resource_id: str, description: str): await self._update(resource, description) - async def _update(self, resource: dict, description: str): + async def _update(self, resource: dict, description: str, is_managed_by_seacat_auth=False): upsertor = self.StorageService.upsertor( self.ResourceCollection, obj_id=resource["_id"], @@ -221,6 +223,9 @@ async def _update(self, resource: dict, description: str): else: upsertor.set("description", description) + if is_managed_by_seacat_auth: + upsertor.set("managed_by", "seacat-auth") + await upsertor.execute(event_type=EventTypes.RESOURCE_UPDATED) L.log(asab.LOG_NOTICE, "Resource updated", struct_data={"resource": resource["_id"]}) From a10fe03d93eb6f6292f57a10620dbb045bd3c5c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robin=20Hru=C5=A1ka?= Date: Thu, 18 Apr 2024 17:26:04 +0200 Subject: [PATCH 3/4] update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1b953f58..4b4da5cb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -25,6 +25,7 @@ - Disable special characters in tenant ID (#349, `v24.06-alpha6`) ### Fix +- Fix the initialization and updating of built-in resources (#363, `v24.06-alpha14`) - Better TOTP error responses (#352, `v24.06-alpha10`) - Fix resource editability (#355, `v24.06-alpha9`) - Make FIDO MDS request non-blocking using TaskService (#354, `v24.06-alpha8`) From eb8b88c2cd6c1dfee480842ae50fc7d04eee4e49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robin=20Hru=C5=A1ka?= Date: Thu, 18 Apr 2024 17:26:16 +0200 Subject: [PATCH 4/4] update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4b4da5cb..aafc8767 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ ## v24.06 ### Pre-releases +- `v24.06-alpha14` - `v24.06-alpha13` - `v24.06-alpha12` - `v24.06-alpha11`