apigee-edge-drupal
apigee-edge-drupal copied to clipboard
apigee
App Edit Form does not propagate existing scopes after submission
Description
When you edit an app via the App Edit Form, scopes that are existing on the record are cleared out, instead of being saved along with the rest of the form object.
Apigee Info
Apigee X
Steps to Reproduce
Steps to reproduce the behavior:
- Click on the edit form for an app group / app object that has existing scopes defined on it
- Edit some data in the form
- Submit the form
Actual Behavior
The existing scopes have been removed from the object
Expected Behavior
The existing scopes should remain on the object after submitting the edit form
Screenshots
Notes
Somewhere around this code, I believe the code needs to also propagate the scopes: https://github.com/apigee/apigee-edge-drupal/blob/1f0f840cf2595fb2f57bd9729cd07735c0eb3a79/src/Entity/Form/AppEditForm.php#L229
The REST API endpoint for updateAppGroupAppKey by default will remove anything that is not sent in the API call: https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.appgroups.apps.keys/updateAppGroupAppKey
The sample code in the apigee-client-php repo has an example of how to make an edit request like this: https://github.com/apigee/apigee-client-php/blob/bb055ba0287784f345e3b389fc959b954af4f560/examples/create_new_app_with_credential.php#L48-L53
Hi @pmad7954 We have found the issue and cause for it. I have already created a PR for it, It is yet to be tested properly & also all cases needs to be checked with it. Once it is done, I will share here the patch to test at your end too.
You want to propogate both scope and variables too of Credentials ?
Currently I see everytime a APIProduct is updated, a empty array of scope is updated which overrrides the current value.
You can follow this PR to check the new changes.
Thanks!
Hi @kedarkhaire,
Yes, you're correct.
You want to propogate both scope and variables too of Credentials ?
hi @kedarkhaire , @dvmorris ,
Any update on this PR? https://github.com/apigee/apigee-edge-drupal/pull/1176 🤔 It’s critical for us.
Hi @dsam0162 I will update the PR soon with all checks, currently it is impacting other places also, solving those pointers. Thanks!
hi @kedarkhaire,
Could you please provide an ETA when the fixes will be available?
Thanks
Hi @dsam0162 Currently the file which we are using to update the credentialKey is common for both Apigee Edge and X organizations, and the parent key to update the changes for scope are different, this puts us in a delay to make the changes as the solution is not clear here considering both type of organizations. We will update here asap once the solution is ready. Thanks!
Hi @dsam0162 @pmad7954 @dvmorris ,
Two PRs are created to resolve the issue one in apigee-edge-drupal and one in apigee-client-php.
Could you please add the patch for appigee-edge and patch for apigee-client-php. Please let us know if any issue is encountered.
Hi @divya-intelli, we applied the patches, but still we're not able to retain the existing scopes after attaching a new product from UI. could you please check?
Hi @dsam0162 ,
Please confirm that scopes exist in credential by following the below steps.
- Enable the apigee_edge_debug module.
- Visit the team app edit page(
teams/{teamname}/apps/{appname}/edit) and check the apiGET /apps/{appId}in Drupal recent log.
Hi @dsam0162 ,
After enabling apigee_edge_debug module, could you share the debug log ie API call/responses that happen after replicating issue, we can see why this issue is happening. If there is any sensitive info, you can modify/sanitize it before posting it. You can also send it directly to me, my email is on my profile page. We don't need the actual private data, you can change all personally identifiable information to other values, and strip out any internal IPs/URLs.
hi @divya-intelli, I've shared the requested information with @dvmorris Hope you receive them and let me know if there's any update.
Hi @dsam0162 , Thank you for sharing the logs.
I tried to replicate the same flow and scope data with the patch. The patch works as expected. When ApiProduct is added, the patch updates the scope by calling a post api after ApiProduct is added. This way the scope data is retained.
Can you confirm that both the patches are applied?
Patches:
https://patch-diff.githubusercontent.com/raw/apigee/apigee-edge-drupal/pull/1179.patch
https://patch-diff.githubusercontent.com/raw/apigee/apigee-client-php/pull/422.patch
hi @divya-intelli , I've checked the individual files after applying patch as well, its modified. Is there a way I can undo the last applied patches and re-apply again? Also, could you please share me the POST request endpoint which is trigged to update the scopes, so I can identify if it is included in the apigee_edge_debug module logs.
Hi @dsam0162 ,
You will have to apply patch on a clean source code. How are you trying to apply the patch?
Post request for scope POST https://apigee.googleapis.com/v1/{name=organizations/*/appgroups/*/apps/*/keys/*} with scope data in request.
hi @divya-intelli, we apply the patch to a clean code. I only see one request like that, and it also doesn't contain scopes.
This is the body {"apiProducts":["ddd-api-v123"]} in that request.
FYI : The URL you mentioned seems not supporting data residency. We use the format CONTROL_PLANE_LOCATION-apigee.googleapis.com for other usages of Apigee APIs. In other requests of Drupal debug logs also I see the host is set correctly with control plane.