synbiohub
synbiohub copied to clipboard
SynBioHub
Auth module
I cannot open any existing private collections.
On Oct 4, 2019, at 11:45 PM, Zach Zundel [email protected] wrote:
@3ach https://github.com/3ach requested your review on: #1019 https://github.com/SynBioHub/synbiohub/pull/1019 Auth module.
— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AA2YH55HGV6PGA2FOUT5RO3QM7BO7A5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFWZEXG43VMVCXMZLOORHG65DJMZUWGYLUNFXW5KTDN5WW2ZLOORPWSZGOUBCMW4I#event-2688863089, or mute the thread https://github.com/notifications/unsubscribe-auth/AA2YH54TYVERUMRLL7LA3ZLQM7BO7ANCNFSM4I5VDFRQ.
Does that mean collections you already had uploaded don't let you view them? I can't get mine to recreate that. I tried switching back to master, uploading a new collection, then switching to the auth branch and I can open it without issue.
Could it be because I use spoofing on my laptop? Might make sure you are using right config variable for graphs
Chris
Sent from my iPhone
On Oct 6, 2019, at 6:34 PM, Zach Zundel [email protected] wrote:
Does that mean collections you already had uploaded don't let you view them? I can't get mine to recreate that. I tried switching back to master, uploading a new collection, then switching to the auth branch and I can open it without issue.
— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub, or mute the thread.
That's probably it. I have uploaded a version which should properly deal with spoofing.
Yep, that fixed it. I will poke around more and see if I can break anything else :-)
On Oct 6, 2019, at 7:39 PM, Zach Zundel [email protected] wrote:
That's probably it. I have uploaded a version which should properly deal with spoofing.
— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AA2YH56EYL4UDM5YONJJDXTQNIWEZA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAOQ5LQ#issuecomment-538775214, or mute the thread https://github.com/notifications/unsubscribe-auth/AA2YH5ZLFIOMNG7S56YPSG3QNIWEZANCNFSM4I5VDFRQ.
The buttons have expanded with names on them. That is all except the back to root collection button. Is this intended? Seems not really an auth related feature.
On Oct 6, 2019, at 6:34 PM, Zach Zundel [email protected] wrote:
Does that mean collections you already had uploaded don't let you view them? I can't get mine to recreate that. I tried switching back to master, uploading a new collection, then switching to the auth branch and I can open it without issue.
— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AA2YH54DGMMCTXD6NBKR5RTQNIOTRA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAOPPUY#issuecomment-538769363, or mute the thread https://github.com/notifications/unsubscribe-auth/AA2YH5YZQLOLSOJDLCE27PDQNIOTRANCNFSM4I5VDFRQ.
Yes I reworked it because I didn’t think a lot of the icons were particularly clear.
Le lun. 7 oct. 2019 à 15:18, cjmyers [email protected] a écrit :
The buttons have expanded with names on them. That is all except the back to root collection button. Is this intended? Seems not really an auth related feature.
On Oct 6, 2019, at 6:34 PM, Zach Zundel [email protected] wrote:
Does that mean collections you already had uploaded don't let you view them? I can't get mine to recreate that. I tried switching back to master, uploading a new collection, then switching to the auth branch and I can open it without issue.
— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub < https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AA2YH54DGMMCTXD6NBKR5RTQNIOTRA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAOPPUY#issuecomment-538769363>, or mute the thread < https://github.com/notifications/unsubscribe-auth/AA2YH5YZQLOLSOJDLCE27PDQNIOTRANCNFSM4I5VDFRQ .
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AAXTGTKM55LFPJXCEJPO3GTQNORSRA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAR2YLA#issuecomment-539208748, or mute the thread https://github.com/notifications/unsubscribe-auth/AAXTGTNIXIJFNPCUSLR4W2LQNORSRANCNFSM4I5VDFRQ .
Hmm, well we should probably change them all if we change them. For that one, you could maybe call it “Return” for return to root collection.
We might also want to separate this though into a separate issue, since it is a separate change.
On Oct 7, 2019, at 11:21 PM, Zach Zundel [email protected] wrote:
Yes I reworked it because I didn’t think a lot of the icons were particularly clear.
Le lun. 7 oct. 2019 à 15:18, cjmyers [email protected] a écrit :
The buttons have expanded with names on them. That is all except the back to root collection button. Is this intended? Seems not really an auth related feature.
On Oct 6, 2019, at 6:34 PM, Zach Zundel [email protected] wrote:
Does that mean collections you already had uploaded don't let you view them? I can't get mine to recreate that. I tried switching back to master, uploading a new collection, then switching to the auth branch and I can open it without issue.
— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub < https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AA2YH54DGMMCTXD6NBKR5RTQNIOTRA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAOPPUY#issuecomment-538769363>, or mute the thread < https://github.com/notifications/unsubscribe-auth/AA2YH5YZQLOLSOJDLCE27PDQNIOTRANCNFSM4I5VDFRQ .
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AAXTGTKM55LFPJXCEJPO3GTQNORSRA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAR2YLA#issuecomment-539208748, or mute the thread https://github.com/notifications/unsubscribe-auth/AAXTGTNIXIJFNPCUSLR4W2LQNORSRANCNFSM4I5VDFRQ .
— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AA2YH54QPGUU7GNBH5JAWLLQNOZADA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAR7XHA#issuecomment-539229084, or mute the thread https://github.com/notifications/unsubscribe-auth/AA2YH55EIBTZFK4XPCVHVALQNOZADANCNFSM4I5VDFRQ.
So put in the new sharing button as just an icon and then expand all the labels in a separate change?
Le lun. 7 oct. 2019 à 16:39, cjmyers [email protected] a écrit :
Hmm, well we should probably change them all if we change them. For that one, you could maybe call it “Return” for return to root collection.
We might also want to separate this though into a separate issue, since it is a separate change.
On Oct 7, 2019, at 11:21 PM, Zach Zundel [email protected] wrote:
Yes I reworked it because I didn’t think a lot of the icons were particularly clear.
Le lun. 7 oct. 2019 à 15:18, cjmyers [email protected] a écrit :
The buttons have expanded with names on them. That is all except the back to root collection button. Is this intended? Seems not really an auth related feature.
On Oct 6, 2019, at 6:34 PM, Zach Zundel [email protected] wrote:
Does that mean collections you already had uploaded don't let you view them? I can't get mine to recreate that. I tried switching back to master, uploading a new collection, then switching to the auth branch and I can open it without issue.
— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub <
https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AA2YH54DGMMCTXD6NBKR5RTQNIOTRA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAOPPUY#issuecomment-538769363
,
or mute the thread <
https://github.com/notifications/unsubscribe-auth/AA2YH5YZQLOLSOJDLCE27PDQNIOTRANCNFSM4I5VDFRQ
.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub < https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AAXTGTKM55LFPJXCEJPO3GTQNORSRA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAR2YLA#issuecomment-539208748 , or mute the thread < https://github.com/notifications/unsubscribe-auth/AAXTGTNIXIJFNPCUSLR4W2LQNORSRANCNFSM4I5VDFRQ
.
— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub < https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AA2YH54QPGUU7GNBH5JAWLLQNOZADA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAR7XHA#issuecomment-539229084>, or mute the thread < https://github.com/notifications/unsubscribe-auth/AA2YH55EIBTZFK4XPCVHVALQNOZADANCNFSM4I5VDFRQ .
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AAXTGTP5KQTAP6WZDFNDYE3QNO3ALA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEASA6LQ#issuecomment-539234094, or mute the thread https://github.com/notifications/unsubscribe-auth/AAXTGTIVT4XZ4BBX57HGNEDQNO3ALANCNFSM4I5VDFRQ .
Yes, sounds good. I would like to think about that a bit more. We do need to come up with a clean design that scales well.
On Oct 8, 2019, at 10:51 PM, Zach Zundel [email protected] wrote:
So put in the new sharing button as just an icon and then expand all the labels in a separate change?
Le lun. 7 oct. 2019 à 16:39, cjmyers [email protected] a écrit :
Hmm, well we should probably change them all if we change them. For that one, you could maybe call it “Return” for return to root collection.
We might also want to separate this though into a separate issue, since it is a separate change.
On Oct 7, 2019, at 11:21 PM, Zach Zundel [email protected] wrote:
Yes I reworked it because I didn’t think a lot of the icons were particularly clear.
Le lun. 7 oct. 2019 à 15:18, cjmyers [email protected] a écrit :
The buttons have expanded with names on them. That is all except the back to root collection button. Is this intended? Seems not really an auth related feature.
On Oct 6, 2019, at 6:34 PM, Zach Zundel [email protected] wrote:
Does that mean collections you already had uploaded don't let you view them? I can't get mine to recreate that. I tried switching back to master, uploading a new collection, then switching to the auth branch and I can open it without issue.
— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub <
https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AA2YH54DGMMCTXD6NBKR5RTQNIOTRA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAOPPUY#issuecomment-538769363
,
or mute the thread <
https://github.com/notifications/unsubscribe-auth/AA2YH5YZQLOLSOJDLCE27PDQNIOTRANCNFSM4I5VDFRQ
.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub < https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AAXTGTKM55LFPJXCEJPO3GTQNORSRA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAR2YLA#issuecomment-539208748 , or mute the thread < https://github.com/notifications/unsubscribe-auth/AAXTGTNIXIJFNPCUSLR4W2LQNORSRANCNFSM4I5VDFRQ
.
— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub < https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AA2YH54QPGUU7GNBH5JAWLLQNOZADA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAR7XHA#issuecomment-539229084>, or mute the thread < https://github.com/notifications/unsubscribe-auth/AA2YH55EIBTZFK4XPCVHVALQNOZADANCNFSM4I5VDFRQ .
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AAXTGTP5KQTAP6WZDFNDYE3QNO3ALA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEASA6LQ#issuecomment-539234094, or mute the thread https://github.com/notifications/unsubscribe-auth/AAXTGTIVT4XZ4BBX57HGNEDQNO3ALANCNFSM4I5VDFRQ .
— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub https://github.com/SynBioHub/synbiohub/pull/1019?email_source=notifications&email_token=AA2YH5ZXBBGHC5FN4M2XVZDQNT6GJA5CNFSM4I5VDFR2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAVXOEY#issuecomment-539719443, or mute the thread https://github.com/notifications/unsubscribe-auth/AA2YH534EYRUYF5TFN4C473QNT6GJANCNFSM4I5VDFRQ.
Testing --
- [x] return to page on manage sharing page doesn't actually return
- [x] spoofing doesn't work on share return to page
- [x] alias doesn't handle spoofing
- [x] needs to show up in shared with me
- [x] too many redirects instead of just not showing
- [x] edit privileges for existing share
- [x] edits don't actually work (shows login in iframe)
throw new ERR_HTTP_HEADERS_SENT('set');
^
Error [ERR_HTTP_HEADERS_SENT]: Cannot set headers after they are sent to the client at ServerResponse.setHeader (_http_outgoing.js:470:11) at ServerResponse.header (/Users/myers/git/synbiohub/node_modules/express/lib/response.js:771:10) at ServerResponse.send (/Users/myers/git/synbiohub/node_modules/express/lib/response.js:170:12) at ServerResponse.json (/Users/myers/git/synbiohub/node_modules/express/lib/response.js:267:15) at ServerResponse.send (/Users/myers/git/synbiohub/node_modules/express/lib/response.js:158:21) at Form.form.on (/Users/myers/git/synbiohub/lib/views/submit.js:105:21) at Form.emit (events.js:187:15) at handleError (/Users/myers/git/synbiohub/node_modules/multiparty/index.js:211:12) at IncomingMessage.onReqAborted (/Users/myers/git/synbiohub/node_modules/multiparty/index.js:190:5) at IncomingMessage.emit (events.js:182:13) at abortIncoming (_http_server.js:444:9) at socketOnClose (_http_server.js:437:3) at Socket.emit (events.js:187:15) at TCP._handle.close (net.js:611:12)
I think I have addressed the comments we found in our earlier review of the auth module. I've also rebased it off master to include the OAuth changes and make it mergeable.
Exception going to shared with me:
error: (node:44876) UnhandledPromiseRejectionWarning: TypeError: Cannot read property 'map' of undefined at Object.getShared (/Users/myers/git/synbiohub/lib/auth/access.js:130:23) at module.exports (/Users/myers/git/synbiohub/lib/views/shared.js:55:29) at process.internalTickCallback (internal/process/next_tick.js:77:7) error: (node:44876) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 2) error: (node:44876) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
Creating a view only share link shows up in the share settings as view/edit/share
When you make public, edit/share permissions should be migrated to the new URI, view permission can be safely removed.
The user whose graph this object is in, should get edit/share permissions granted to that user when an object is made public.
@cjmyers This is ready for your eyes again.
To clear out the auth db, run the following command before starting up SynBioHub:
sqlite3 synbiohub.sqlite 'DELETE FROM auth; DELETE FROM SequelizeMeta WHERE name = "006-ownedby-to-auth.js";'
Yes
On Tue, May 26, 2020 at 3:22 PM cjmyers [email protected] wrote:
Ok, will check this on mine. Is it ready for another test?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/SynBioHub/synbiohub/pull/1019#issuecomment-634286550, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAXTGTPEO7FNMQGFBYYL54TRTQXJJANCNFSM4I5VDFRQ .