-
Notifications
You must be signed in to change notification settings - Fork 81
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Metadata forms: List of Attached Forms #1652
Metadata forms: List of Attached Forms #1652
Conversation
Number of attached entities per version
All done |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor Comment on Theme(s)
One Bug Found (described below)
Bug when updating an already attached metadata form with a boolean value...
-
If there already exists an attached MF with a boolean value and I have a new MF Form version still with the same boolean value
- When I click edit - the fields get carried over to new version
- These field values are from
AttachedMetadataForm.fields
property returned fromlistAttachedMetadataForms
API and the values are returned as strings - Meaning a boolean value is returned as
'false'
-
If I keep the boolean value as is and try to save this new version of the attached form I get an error
(builtins.TypeError) Not a boolean value: 'false' [SQL: INSERT INTO boolean_attached_metadata_form_field ("attachedFormUri", "fieldUri", value) VALUES (%(attachedFormUri)s, %(fieldUri)s, %(value)s)] [parameters: [{'value': 'false', 'attachedFormUri': 'XXX', 'fieldUri': 'XXXX'}]]
- Believe something is going on with boolean returned as string ++`JSON.stringify(field.value)` used before running `createAttachedMetadataForm`
- Looking at Lambda event the value comes in as `"\"false\""` which then gets loaded as `'false'` after json.loads(xxx) and then this string throws the error because not bool type
Ultimately, I get left with an error and 2 attached metadata forms of 2 different versions because createAttachedMetadataForm
is also not cleaning up the pre-existing one due the error
frontend/src/modules/Metadata_Forms/components/MetadataFormAttachedEntities.js
Outdated
Show resolved
Hide resolved
bugs with attachement and values resolved |
import { SET_ERROR } from '../../../globalErrors'; | ||
import React, { useEffect, useState } from 'react'; | ||
import { useDispatch } from 'react-redux'; | ||
import { useClient } from '../../../services'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should be using global imports instead of relative imports for services and globalErrors
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Although this is not part of this PR, in this file some global imports are referenced as relative imports. globalErros, services, design
return new_form | ||
new_form = None | ||
try: | ||
new_form = AttachedMetadataFormService.create_attached_metadata_form(uri=uri, data=data) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if AttachedMetadataFormService.create_attached_metadata_form is only called here and internally we can remove the permission check from it and make it an internal function to save some calls to the db
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's for future
? '#e6e6e6' | ||
: 'white' | ||
selectedAttachedForm.uri === attachedForm.uri && | ||
theme.palette.action.selected |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nice!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: some names do not follow the structure for UI components: renderedMetadataForm and metadataAttachment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
left some nit comments
ruff is failing because the action is always using the latest version which 0.9.3. If you force your local version to this it will give you the same issues |
### Feature or Bugfix - Refactoring ### Detail New ruff version removes double quotes. Check #1652 (comment) ### Relates ### Security Please answer the questions below briefly where applicable, or write `N/A`. Based on [OWASP 10](https://owasp.org/Top10/en/). - Does this PR introduce or modify any input fields or queries - this includes fetching data from storage outside the application (e.g. a database, an S3 bucket)? - Is the input sanitized? - What precautions are you taking before deserializing the data you consume? - Is injection prevented by parametrizing queries? - Have you ensured no `eval` or similar functions are used? - Does this PR introduce any functionality or component that requires authorization? - How have you ensured it respects the existing AuthN/AuthZ mechanisms? - Are you logging failed auth attempts? - Are you using or adding any cryptographic features? - Do you use a standard proven implementations? - Are the used keys controlled by the customer? Where are they stored? - Are you introducing any new policies/roles/users? - Have you used the least-privilege principle? How? By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Feature or Bugfix
Detail
Relates
Security
Please answer the questions below briefly where applicable, or write
N/A
. Based onOWASP 10.
fetching data from storage outside the application (e.g. a database, an S3 bucket)?
eval
or similar functions are used?By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.