odd-platform icon indicating copy to clipboard operation
odd-platform copied to clipboard

Published 20 hours ago verified publisher icon opendatadiscovery

Call of external resource https://ditro.io/policy.json leads to warnings

Open csebille opened this issue 2 years ago • 5 comments

Hi,

First of all, thanks for developing this great platform that I'm discovering since yesterday. It has a lot of the features I need and I really enjoy using it !

Describe the bug The warning strict mode: missing type "array" for keyword "items" at "https://ditro.io/policy.json#/allOf/0/then/properties/permissions" (strictTypes) appears three times in the console when trying to create a new policy

Set up I run ODD with the Docker image. It's the latest one and ODD version in the help menu is 0.8.0

Steps to Reproduce

  1. Go to Management => Policies => Create Policy

Expected behavior I expect the platform to use only local files because when I try to access the resource https://ditro.io/policy.json I've got an Access Denied error. I suppose it's the cause of the warning

Best Regards, Christophe

csebille avatar Dec 07 '22 15:12 csebille

Hi, Christophe. Thank you for kind words, we really appreciate it!

We are using json schema for policy validations, you can check it here: https://github.com/opendatadiscovery/odd-platform/blob/main/odd-platform-api/src/main/resources/schema/policy_schema.json

As you can see https://ditro.io/policy.json is just an id of document, and we don't use any external files. We will check why these warnings are happening, but you can not worry about them.

Best, Damir

damirabdul avatar Dec 07 '22 16:12 damirabdul

Hey @csebille! That's kind of you, thank you!

To add to Damir's answer (thank you btw) — did I understand correctly that you're trying to create a policy, but it doesn't work? If so, it seems like the policy is malformed and our JSON schema we use for validation tells you about that.

If you'd attach here a policy you are trying to create (masking all sensitive data ofc, if there's any), we could figure this out together.

Also, we have this piece of docs that may help you: https://docs.opendatadiscovery.org/configuration-and-deployment/enable-security/authorization/policies

BTW, doesn't UI tell you that your policy is wrong before you click on Save button?

Please don't hesitate to ask us anything, we'll wait for your response

DementevNikita avatar Dec 07 '22 17:12 DementevNikita

Ok, we've discussed internally and recreated the issue. It seems like that a policy is successfully created, but with some warnings from validator.

@csebille we'll let you know once it's fixed

DementevNikita avatar Dec 07 '22 17:12 DementevNikita

Hi Damir and Nikita,

Thanks for your answer and for the investigation. When I've discovered Swagger some years ago, I became an openapi enthusiast and now thanks to your platform, I become a OpenDataDiscovery enthusiast ;)

Christophe

csebille avatar Dec 09 '22 08:12 csebille

hey @csebille, thank you for these kind words!

DementevNikita avatar Dec 19 '22 18:12 DementevNikita