Skip to content
Snippets Groups Projects

Change consent provider backend to graphql

Merged Change consent provider backend to graphql
change-consent-provider-backend-to-graphql into master
Merged Mark requested to merge change-consent-provider-backend-to-graphql into master

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Arie Peterson
  • Arie Peterson
    Arie Peterson @arie started a thread on an old version of the diff
    • consent_provider/db.py 0 → 100644
    13 self._load_remote_user_info()
    14
    15 def _load_remote_user_info(self):
    16 querystring = '''{{
    17 getUser(username: "{0}"){{
    18 email,
    19 applications{{
    20 edges{{
    21 node{{
    22 name
    23 }}
    24 }}
    25 }}
    26 }}}}'''.format(self.username).strip()
    27 result = loads(GRAPHQL_CLIENT.execute(querystring))
    28 if "data" in result:
    • Arie Peterson
      Arie Peterson @arie ·
      Owner

      What happens in False branch, is the User object then not populated? Perhaps it would be good to be more explicit about the failure and throw an exception? Callers of the User constructor will typically want to check for this possibility.

    • Mark
      Mark @mark ·
      Author

      The graphql library will throw a HTTPError exception

         try:
       response = urllib.request.urlopen(req)
       return response.read().decode('utf-8')      
   except urllib.error.HTTPError as e:
       print((e.read()))
       print('')
       raise e

      https://github.com/prisma-labs/python-graphql-client/blob/master/graphqlclient/client.py

      my suggestion would be to catch the error and wirte a logging message that the backend server responded with an error. Im not sure though if the user should be informed that the reason the request was revoked is that there is an internal server error. In that case the exception needs to be raised again and then handled in the app.py, revoking the consent with different message.

      Edited by Mark
    • Arie Peterson
      Arie Peterson @arie ·
      Owner

      I agree with your suggestion, and I do think that it's useful to re-raise the exception and handle it downstream. It will make debugging so much easier.

      Besides that, my actual question was about the missing else to this if. I assume that something has gone seriously wrong if the if is not satisfied, so I think it would be good to do something other than silently returning an empty object – for instance, throwing an exception.

    • Mark changed this line in version 8 of the diff

      changed this line in version 8 of the diff

    • Mark
      Mark @mark ·
      Author

      An exception will now be raised in the constructor of the db.user class. I catch it in the app and write it to stdout (as long as I didn't take care of propper logging that should be fine i think). Instead of raising it there again, the consent request will be rejected with an "internal server error" message. I thought it would be nicer to redirect the user back to the application of origin displaying an error message that may help the user to understand what is going on.

    • Please register or sign in to reply
  • Arie Peterson
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
    • Please register or sign in to reply