hashgraph
[Dry run API] Creation of new users returns all users.
Problem description
I've known about this issue/quirk for a month or so, but I wasn't sure whether it should be "bug worthy" as a priority for the team.
Consider, you have engaged dry mode inside of guardian for a particular policy, every time you create a new user for testing the policy, the return of the function for creating the user returns all of the users in the dry run state.
While at first, this may seem trivial and potentially by design given the context of testing policies before production. There is an issue where there is an N+1 problem where minimising data over the pipe isn't prioritised.
As a developer to potentially extrapolate dry run to the limits of what Guardian can offer, while we don't have control over the direct onchain factors, in terms of using the Hedera network and IPFS we have control over the API.
So, as a user story, I would like to create 1k (then 10k) users or more for a particular dry run to test the policy to its extremes so we can be more confident in the API's ability to scale for "n" users.
Scale in this context is focused on minimising/optimising the amount of data that is processed through the pipe any given stage during the end-to-end workthrough with the API.
This is also related to #3641 as refreshing of the filter state returns or filters related to the filtering of the API itself -- which is also an N+1 problem.
Step to reproduce
Steps to reproduce the behavior:
Either on API or UI:
- Start dry run
- Create a new user
- Log output or read network tab in browser
Expected behavior
- When a user is created (POST) in dry run return a single user
- Rely on the "getUsers" functionality in dry run to get all users
- Add a specific resource "getUser" for dry run to return a single user either by id/index (if I just want to fetch the Administrator)
Screenshots
This is using the authenticated dry run user endpoint for creating new users, after the post it returns back all users, the return should be either an object or an array with a single element.
public function createUser($id): array
{
return $this->httpClient->post("policies/{$id}/dry-run/user");
}
This is the latest test that I have been building out see (https://github.com/dovuofficial/guardian-php-sdk/tree/research/guardian-client):
it('A dry-run policy can create user, with a role, and submit project data -- read data from filter + ensure status', function ($project) {
/**
* 1. Authenticate as registry
*/
$this->helper->authenticateAsRegistry();
/**
* 2. Ensure dry run and (possible) restart state
*/
// $this->policy_mode->dryRun();
// $this->dry_run_scenario->restart();
/**
* 3. Creating a new user in dry run state where a role is assigned.
*/
$users = $this->dry_run_scenario->createUser(); // Returns a list of all users
$user = (object) end($users);
$this->dry_run_scenario->login($user->did);
$this->policy_workflow->assignRole(GuardianRole::SUPPLIER);
/**
* 4. Prepare document
*/
$document = json_decode($project, true);
$uuid = $document['uuid'];
/**
* 5. Send document to the correct tag
*/
$tag = "create_ecological_project";
$this->policy_workflow->sendDocumentToTag($tag, $document);
// TODO: Use the listener logic (This will increase based off of the current resource load on API)
sleep(2);
/**
* 6. As the "Administrator" filter and fetch the valid block
*/
// As standard authority (first in the list of dry run users)
$this->dry_run_scenario->login($users[0]['did']);
// This is stateful in API.
$this->policy_workflow->filterByTag("supplier_grid_filter", $uuid);
$supplier = $this->policy_workflow->dataByTagToBlock("supplier_grid");
/**
* Ensure that the expected uuid matches the filter
*/
expect($supplier->uuid)->toBe($uuid);
/**
* Ensure that the expected status matches state
*/
expect($supplier->getStatus())->toBe("Waiting for approval");
/**
* Later: Reset policy state
*/
// $this->dry_run_scenario->restart();
// $this->policy_mode->draft();
});