Remove invalid user EIDs and UIDs from bid request #3891
Conversation
| @@ -35,6 +35,8 @@ const ( | |||
| InvalidBidResponseDSAWarningCode | |||
| SecCookieDeprecationLenWarningCode | |||
| SecBrowsingTopicsWarningCode | |||
| InvalidUserEIDsWarningCode | |||
| InvalidUserUIDsWarningCode | |||
There was a problem hiding this comment.
Do these new warning codes match with PBS-Java? We try to keep in sync.
There was a problem hiding this comment.
Can you please help me to get those error codes. Do we have any document or PR to check new warning codes match with PBS-Java.
There was a problem hiding this comment.
As per prebid-server-java/pull/3465, I understand that the same 999 warning code is being used when removing eids arrays. In the Prebid Server Go repository, 999 corresponds to UnknownErrorCode in the error codes reference. Are we intending to use UnknownErrorCode here as well?
In this PR, I introduced InvalidUserEIDsWarningCode (10013) and InvalidUserUIDsWarningCode (10014). If we are okay with a generic error code, we could use UnknownErrorCode (999). However, please confirm whether we want separate error codes for InvalidUserEIDs and InvalidUserUIDs, or if using 999 would suffice.
Kindly provide your input on this.
There was a problem hiding this comment.
As discussed offline, it is ok to have these error codes. No change needed.
| @@ -1,42 +0,0 @@ | |||
| { | |||
There was a problem hiding this comment.
Instead of removing these tests cases, please modify them to prove the new behavior.
| @@ -1296,8 +1296,14 @@ func (deps *endpointDeps) validateUser(req *openrtb_ext.RequestWrapper, aliases | |||
| // Check Universal User ID | |||
| eids := userExt.GetEid() | |||
| if eids != nil { | |||
| eidsValue := *eids | |||
| for eidIndex, eid := range eidsValue { | |||
|
|
|||
There was a problem hiding this comment.
Nitpick; Please remove the leading empty line.
|
|
||
| if len(eidErrors) > 0 { | ||
| errL = append(errL, eidErrors...) | ||
| } |
There was a problem hiding this comment.
Likely fine to keep this logic here for now. We want to separate validation from fixing in the future. We can refactor this new logic along with the rest later. Thoughts @bsardo?
endpoints/openrtb2/auction.go
Outdated
| validEIDs = append(validEIDs, eid) | ||
| } else { | ||
| errorsList = append(errorsList, &errortypes.Warning{ | ||
| Message: fmt.Sprintf("Removed EID with empty UIDs (source: %s)", eid.Source), |
There was a problem hiding this comment.
Please keep with the established error message format. Perhaps something like:
request.user.ext.eids[0] (source: %s) contains only empty uids and is removed from the request
endpoints/openrtb2/auction_test.go
Outdated
| expectedErrorMessages []string | ||
| }{ | ||
| { | ||
| name: "Valid EID with non-empty UID", |
There was a problem hiding this comment.
Go test names cannot contain spaces so they are replaced with a dash character. This makes it hard to locate the failing test based on its name. Recommend using simpler test names like:
one-eid-one-uid-validone-eid-one-uid-emptymany-mixedone-eid-many-uid-empty
The parent test name is within scope so it's easy to locate in source. Please apply this guidance to other tests added in this PR.
endpoints/openrtb2/auction_test.go
Outdated
| t.Run(tc.name, func(t *testing.T) { | ||
| validEIDs, errorsList := validateEIDs(tc.input) | ||
|
|
||
| if len(validEIDs) != len(tc.expected) { |
There was a problem hiding this comment.
Please use testify assert statements where possible. This can be written as follows which will compare the contents instead of just the array lengths, yielding more concrete tests.
assert.ElementsMatch(e, tc.expected, validEIDs)
| expectedValidUIDs: nil, | ||
| expectedErrors: nil, | ||
| }, | ||
| } |
There was a problem hiding this comment.
Please add a test case for a nil input.
|
Hi @Pubmatic-Supriya-Patil, can you please merge with master (no rebase) and resolve conflicts? Thanks! |
|
Thank you for contributing this feature Please address the comments and we will re-review. |
…ver into Fix_3859
HI @bsardo I have updated branch and addressed review comments. |
endpoints/openrtb2/auction.go
Outdated
| for uidIndex, uid := range eid.UIDs { | ||
| if uid.ID == "" { | ||
| return append(errL, fmt.Errorf("request.user.eids[%d].uids[%d] missing required field: \"id\"", eidIndex, uidIndex)) | ||
| } |
There was a problem hiding this comment.
At this time we will not have empty eid.ID, correct? there is a check for this already in line 1334.
There was a problem hiding this comment.
Also do we need to set "clean" EIDs back to req.User.EIDs?
Something like req.User.EIDs = validEids after the for loop?
Please correct me if I'm wrong. We don't want to fail the entire request if there is at least one invalid EID, correct? Or do we want to drop invalid ones and continue the execution?
If we want to continue the execution - please add this fix and json tests where we validate "clean" user.EIDs and error messages.
There was a problem hiding this comment.
Can we remove if len(eid.UIDs) == 0 { validation also from validateUser function. This is also not possible because validateEids wil return error for emtpy uids. Please provide your suggestions @VeronikaSolovei9
There was a problem hiding this comment.
No no, I didn't ask to delete if len(eid.UIDs) == 0 { - it is needed here. I only asked about if we want to add valid aids to the request. And you fixed this by adding this line: req.User.EIDs = validEids
There was a problem hiding this comment.
Okay. Thanks. Please review PR
…ver into Fix_3859
|
@Pubmatic-Supriya-Patil : Please respond to this comments. |
|
@Pubmatic-Supriya-Patil can you please merge with master? That should resolve the failing validate-merge check. |
…ver into Fix_3859
endpoints/openrtb2/auction.go
Outdated
| for eidIndex, eid := range validEids { | ||
| if eid.Source == "" { | ||
| return append(errL, fmt.Errorf("request.user.eids[%d] missing required field: \"source\"", eidIndex)) | ||
| } | ||
|
|
||
| for uidIndex, uid := range eid.UIDs { | ||
| if uid.ID == "" { | ||
| return append(errL, fmt.Errorf("request.user.eids[%d].uids[%d] missing required field: \"id\"", eidIndex, uidIndex)) | ||
| if len(eid.UIDs) == 0 { | ||
| return append(errL, fmt.Errorf("request.user.eids[%d].uids must contain at least one element or be undefined", eidIndex)) |
There was a problem hiding this comment.
This code fails the request if eids look like this:
"eids": [
{
"source": "uidapi.com",
"uids": [
{
"id": ""
},
{
"id": "id111111"
}
]
},
{
"source": "liveramp.com",
"uids": [
{
"id": "id22222"
}
]
},
{
"source": "", <<< this is the problem
"uids": [
{
"id": "123"
},
{
"id": "1234"
}
]
}
]All eids are added to the valid list, because they have at least one valid id. The last eid doesn't have a source and instead of removing this eid from the list of valid aids - we return fatal error and fail the request with unexpected message:
Invalid request: request.user.eids[0].uids[0] contains empty ids and is removed from the request
Invalid request: request.user.eids[2] missing required field: "source"
Possible fix: move these 2 checks to the validateEIDs function after validateUIDs.
Add message to the error list and don't add this aid to the list of valid eids.
There was a problem hiding this comment.
As per my understanding, the logic for removing invalid IDs is specific to eids. We have retained the existing logic for checking the source. However, it is unclear whether we need to check for an empty source and remove that entry while allowing other valid eids. @VeronikaSolovei9, could you please confirm this scenario and clarify the expected behavior in this case?
There was a problem hiding this comment.
I will ask team about the expected behavior.
There was a problem hiding this comment.
My take is that EID.source is required. IMO, makes sense to remove empty sources.
There was a problem hiding this comment.
The team discussed offline. We're in agreement that if EID.source is invalid we should simply remove the corresponding EID without failing the request. We should also add a warning message.
There was a problem hiding this comment.
Thanks for the update. I’ll incorporate the required changes.
…ver into Fix_3859
endpoints/openrtb2/auction.go
Outdated
| for eidIndex, eid := range validEids { | ||
| if len(eid.UIDs) == 0 { | ||
| return append(errL, fmt.Errorf("request.user.eids[%d].uids must contain at least one element or be undefined", eidIndex)) | ||
| } | ||
| } |
There was a problem hiding this comment.
As discussed offline, we can remove this error.
There was a problem hiding this comment.
Removed
| @@ -35,6 +35,8 @@ const ( | |||
| InvalidBidResponseDSAWarningCode | |||
| SecCookieDeprecationLenWarningCode | |||
| SecBrowsingTopicsWarningCode | |||
| InvalidUserEIDsWarningCode | |||
| InvalidUserUIDsWarningCode | |||
There was a problem hiding this comment.
As discussed offline, it is ok to have these error codes. No change needed.
Pubmatic-Supriya-Patil
dismissed
VeronikaSolovei9’s stale review
via
74d9c26
| @@ -35,6 +35,6 @@ | |||
| }] | |||
| } | |||
| }, | |||
| "expectedReturnCode": 400, | |||
| "expectedErrorMessage": "Invalid request: request.user.eids[0].uids[0] missing required field: \"id\"\n" | |||
| "expectedReturnCode": 200, | |||
There was a problem hiding this comment.
Can we edit this test on lines 31-336 so that there are no uid objects:
"user": {
"eids": [{
"source": "source1",
"uids": []
}]
}
There was a problem hiding this comment.
Can we add a new JSON test user-eids-empty-uids-removed.json that is similar to the example in the corresponding issue?
[{"source":"a","uids":[{"id":""}, {"id":"id-a"}]}, {"source":"b","uids":[{"id":"id-b"}]}, {"source":"c","uids":[{"id":""},{"id":""}]}]
There was a problem hiding this comment.
The JSON tests here now return 200s so they should be moved out of the invalid-whole directory to some other valid request directory.
There was a problem hiding this comment.
Moved to valid-whole
| "expectedReturnCode": 400, | ||
| "expectedErrorMessage": "Invalid request: request.user.eids[0] missing required field: \"source\"\n" | ||
| "expectedReturnCode": 200, | ||
| "expectedErrorMessage": "request.user.eids[0] missing required field: source" |
There was a problem hiding this comment.
Since all of these JSON test errors are now reported as warnings and since the endpoint JSON test framework does not allow both expectedBidResponse and expectedErrorMessage in a given JSON test, it would be better to use the following approach:
- Add
expectedBidResponseobject - Specify the expected warnings in the
expectedBidResponseobject underext.warnings
| numErrors int | ||
| expectedErrorMessages []string | ||
| }{ | ||
| { |
There was a problem hiding this comment.
Please add the following test cases:
eid-nileid-uid-nilsource-missing
There was a problem hiding this comment.
Added test cases for given scenarios
endpoints/openrtb2/auction_test.go
Outdated
| assert.ElementsMatch(t, tc.expectedValidUIDs, validUIDs, "Valid UIDs mismatch") | ||
| assert.ElementsMatch(t, tc.expectedErrors, errorsList, "Errors mismatch") |
There was a problem hiding this comment.
Nitpick: you can delete the last parameter in these assert statements. t.Run will give the appropriate context should one of these assertions fail.
There was a problem hiding this comment.
Removed last parameter
endpoints/openrtb2/auction.go
Outdated
| if eid.Source == "" { | ||
| return append(errL, fmt.Errorf("request.user.eids[%d] missing required field: \"source\"", eidIndex)) | ||
| errorsList = append(errorsList, &errortypes.Warning{ | ||
| Message: fmt.Sprintf("request.user.eids[%d] missing required field: source", eidIndex), |
There was a problem hiding this comment.
Nitpick: can we change the error message a bit so that all of the messages in this function have similar wording?
request.user.eids[%d] removed due to missing source
endpoints/openrtb2/auction.go
Outdated
| validEIDs = append(validEIDs, eid) | ||
| } else { | ||
| errorsList = append(errorsList, &errortypes.Warning{ | ||
| Message: fmt.Sprintf("request.user.eids[%d] (source: %s) contains only empty uids and is removed from the request", eidIndex, eid.Source), |
There was a problem hiding this comment.
Nitpick: can we change the error message a bit so that all of the messages in this function have similar wording and so it is a bit more concise?
request.user.eids[%d] (%s) removed due to empty uids
endpoints/openrtb2/auction.go
Outdated
| validUIDs = append(validUIDs, uid) | ||
| } else { | ||
| uidErrors = append(uidErrors, &errortypes.Warning{ | ||
| Message: fmt.Sprintf("request.user.eids[%d].uids[%d] contains empty ids and is removed from the request", eidIndex, uidIndex), |
There was a problem hiding this comment.
Nitpick: can we change the error message a bit so that all of the messages in this function have similar wording and so it is a bit more concise?
request.user.eids[%d].uids[%d] removed due to empty ids
endpoints/openrtb2/auction_test.go
Outdated
| expectedEids []openrtb2.EID | ||
| }{ | ||
| { | ||
| description: "Valid user with Geo accuracy", |
There was a problem hiding this comment.
Nitpick: use name instead of description and replace all test case name spaces with underscores
There was a problem hiding this comment.
Updated
…est cases for missing source field
…erver into Fix_3859
This PR solves issue #3859