Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(api) Enrich statements (including with authority) and enforce authority when querying #405

Closed
wants to merge 16 commits into from
Closed

(api) Enrich statements (including with authority) and enforce authority when querying #405

wants to merge 16 commits into from

Conversation

Leobouloc
Copy link
Contributor

WORK IN PROGRESS (do not review)

Purpose

Description...

Proposal

Description...

  • enrich statements with id, timestamp, stored, authority
  • update existing tests to replace equality assertions by equivalency assertions
  • write new tests checking that statements are properly enriched
  • add configuration option for mandatory Authority option
  • update changelog

Leobouloc and others added 14 commits July 25, 2023 16:08
@Leobouloc
💥(cli) add mandatory "agent" field to credentials
1453e7d 
In link with #288 , we need a mechanism to assign an "Agent" (in the sense of
the xAPI specification) to a user (to later be able to infer the "Authority"
field when writing a statement). It was proposed to add the "agent"
representation as a field in the user credentials, which is what is implemented
here. There is no contraint as to which of the 4 valid IFI's must be used.

BREAKING: New users must now include an agent field
It affects both Basic HTTP and OpenIdConnect authentication methods.
@Leobouloc
✨(api) add "mine" option to fetch statements with matching authority
a5d2571 
In link with #288 , we need a mechanism to fetch statements by authority.
It has been decided that the GET /statements endpoint will implement a mine
option (not in xAPI specification), which is used to return only the
statements for which the "authority" field matches the "agent" field of
the current user (stored in credentials since #342, or given through token
claims).
With future implementation of permissions, it is expected that the use of mine
option will be made mandatory for users of the API that do not have full read
access. The idea behind this is to make any filtering obvious to the user
("explicit is better than implicit"). This commit adds mine by fetching user
"agent" field and querying using a new database query field.
@Leobouloc
💥(cli) rename fetch & push to read & write
118401f 
Rename `fetch` & `push` to `read` & `write` in cli for
consistency with the new backend syntax.
@Leobouloc @jmaupetit
Update CHANGELOG.md
387ffe1 
Co-authored-by: Julien Maupetit <[email protected]>
@Leobouloc
🚧(api) wip
4a7e6c5
@Leobouloc
🚧(api) added migration guide
0a72bae
@Leobouloc
Merge branch 'rename-cli-fetch-push' of github.com:openfun/ralph into…
f0edf09 
… rename-cli-fetch-push
@Leobouloc
🚧(api) added migration guide
d3af039
@Leobouloc
🚧(api) wip
fad3e37
@Leobouloc
🚧(api) wip
586eb57
@Leobouloc
🚧(api) wip
c2bc109
@Leobouloc
🚧(api) working enrichment of statements and existing tests
522fdc1
@Leobouloc
🚧(api) fixed bug in cli
1061da4
@Leobouloc
🚧(api) fixed wrong tests
d66752e
@Leobouloc Leobouloc changed the base branch from master to alpha/4.0.0 August 1, 2023 16:57
@Leobouloc Leobouloc added the WIP label Aug 1, 2023
@Leobouloc Leobouloc self-assigned this Aug 1, 2023
Base automatically changed from alpha/4.0.0 to master August 2, 2023 15:46
@Leobouloc
Copy link
Contributor Author

Scope of this PR is too large. See the intermediate PR:

#410

@Leobouloc Leobouloc closed this Aug 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@Leobouloc Leobouloc

Labels
WIP
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Leobouloc