Add RegistrarUpdateHistory objects for console changes #2585
Conversation
gbrodman
force-pushed
the
registrarUpdate
branch
from
3145a55 to
dbbcba3
Compare
ptkach
left a comment
ptkach
left a comment
There was a problem hiding this comment.
Reviewed 7 of 13 files at r1, all commit messages.
Reviewable status: 7 of 13 files reviewed, 4 unresolved discussions (waiting on @gbrodman)
core/src/main/java/google/registry/ui/server/console/ConsoleApiAction.java line 267 at r1 (raw file):
} protected void finishAndPersistConsoleUpdateHistory(ConsoleUpdateHistory.Builder<?, ?> builder) {
Do we want to log the response? It'd def be helpful, although might present a separate complexities for when we send sensitive data in response
core/src/main/java/google/registry/ui/server/console/ConsoleEppPasswordAction.java line 59 at r1 (raw file):
new PasswordOnlyTransportCredentials(); private final AuthenticatedRegistrarAccessor registrarAccessor; private final Gson gson;
At this point I wonder if it'd make sense to make gson a part of consoleApiParams?
core/src/main/java/google/registry/ui/server/console/ConsoleEppPasswordAction.java line 118 at r1 (raw file):
.setType(ConsoleUpdateHistory.Type.REGISTRAR_UPDATE) .setRegistrar(updatedRegistrar) .setRequestBody(gson.toJson(eppRequestBody)));
Hmm I'm not so sure about this one - eppRequestBody contains sensitive information and storing it in db as a plain text is...questionable?
core/src/main/java/google/registry/ui/server/console/ConsoleUpdateRegistrarAction.java line 57 at r1 (raw file):
ConsoleUpdateRegistrarAction( ConsoleApiParams consoleApiParams, Gson gson,
Same as others - probably worth making it a part of consoleApiParams, refactoring it out later will be more difficult if this is merged
gbrodman
force-pushed
the
registrarUpdate
branch
from
dbbcba3 to
ba039e4
Compare
gbrodman
left a comment
gbrodman
left a comment
There was a problem hiding this comment.
Reviewable status: 1 of 30 files reviewed, 4 unresolved discussions (waiting on @ptkach)
core/src/main/java/google/registry/ui/server/console/ConsoleApiAction.java line 267 at r1 (raw file):
Previously, ptkach (Pavlo Tkach) wrote…
Do we want to log the response? It'd def be helpful, although might present a separate complexities for when we send sensitive data in response
Yeah, I think it might not be super useful to log the response since we're also saving the state of the entity at that time.
core/src/main/java/google/registry/ui/server/console/ConsoleEppPasswordAction.java line 59 at r1 (raw file):
Previously, ptkach (Pavlo Tkach) wrote…
At this point I wonder if it'd make sense to make gson a part of
consoleApiParams?
Done.
core/src/main/java/google/registry/ui/server/console/ConsoleEppPasswordAction.java line 118 at r1 (raw file):
Previously, ptkach (Pavlo Tkach) wrote…
Hmm I'm not so sure about this one -
eppRequestBodycontains sensitive information and storing it in db as a plain text is...questionable?
yeah, the more I'm thinking about it the more we probably might just want to remove that field from the DB entirely. Probably we could also remove the HTTP method as well (since it's probably not going to be useful)
Thoughts?
core/src/main/java/google/registry/ui/server/console/ConsoleUpdateRegistrarAction.java line 57 at r1 (raw file):
Previously, ptkach (Pavlo Tkach) wrote…
Same as others - probably worth making it a part of
consoleApiParams, refactoring it out later will be more difficult if this is merged
Done.
gbrodman
force-pushed
the
registrarUpdate
branch
from
ba039e4 to
428ac5f
Compare
ptkach
left a comment
ptkach
left a comment
There was a problem hiding this comment.
Reviewed 27 of 29 files at r2.
Reviewable status: 28 of 30 files reviewed, 2 unresolved discussions (waiting on @gbrodman)
core/src/main/java/google/registry/ui/server/console/ConsoleApiAction.java line 267 at r1 (raw file):
Previously, gbrodman wrote…
Yeah, I think it might not be super useful to log the response since we're also saving the state of the entity at that time.
Fair enough
core/src/main/java/google/registry/ui/server/console/ConsoleEppPasswordAction.java line 118 at r1 (raw file):
Previously, gbrodman wrote…
yeah, the more I'm thinking about it the more we probably might just want to remove that field from the DB entirely. Probably we could also remove the HTTP method as well (since it's probably not going to be useful)
Thoughts?
I think we should keep it, but we need to remove any sensitive data before saving manually. I can't think of any generic way to handle this. Can you?
gbrodman
left a comment
gbrodman
left a comment
There was a problem hiding this comment.
Dismissed @ptkach from a discussion.
Reviewable status: 28 of 30 files reviewed, 1 unresolved discussion (waiting on @ptkach)
core/src/main/java/google/registry/ui/server/console/ConsoleEppPasswordAction.java line 118 at r1 (raw file):
Previously, ptkach (Pavlo Tkach) wrote…
I think we should keep it, but we need to remove any sensitive data before saving manually. I can't think of any generic way to handle this. Can you?
I haven't been able to come up with one.
Do you know of any concrete use cases where it could be helpful? If not I'm leaning toward deleting it to make things simpler / smaller
gbrodman
force-pushed
the
registrarUpdate
branch
from
428ac5f to
d27e547
Compare
gbrodman
left a comment
gbrodman
left a comment
There was a problem hiding this comment.
friendly ping
Reviewable status: 25 of 30 files reviewed, 1 unresolved discussion (waiting on @ptkach)
gbrodman
force-pushed
the
registrarUpdate
branch
from
d27e547 to
3cca338
Compare
ptkach
left a comment
ptkach
left a comment
There was a problem hiding this comment.
Reviewed 4 of 4 files at r3.
Reviewable status: 25 of 30 files reviewed, 1 unresolved discussion (waiting on @gbrodman)
core/src/main/java/google/registry/ui/server/console/ConsoleEppPasswordAction.java line 118 at r1 (raw file):
Previously, gbrodman wrote…
I haven't been able to come up with one.
Do you know of any concrete use cases where it could be helpful? If not I'm leaning toward deleting it to make things simpler / smaller
We recently had this issue with user trying to update security settings - ip whitelist and ssl cert, which they claimed had been failing. It's because there was a video of the screen I could tell that the update came through, but it was the email sending what failed, which in turned hanged the request for a while. GCP logs do not store this data and it's not always possible to get users to provide the data that being sent. Speaking of HTTP method - that should also stay we now have 4 methods in Users action.
gbrodman
force-pushed
the
registrarUpdate
branch
from
3cca338 to
c939c9c
Compare
gbrodman
left a comment
gbrodman
left a comment
There was a problem hiding this comment.
Reviewable status: 25 of 30 files reviewed, 1 unresolved discussion (waiting on @ptkach)
core/src/main/java/google/registry/ui/server/console/ConsoleEppPasswordAction.java line 118 at r1 (raw file):
Previously, ptkach (Pavlo Tkach) wrote…
We recently had this issue with user trying to update security settings - ip whitelist and ssl cert, which they claimed had been failing. It's because there was a video of the screen I could tell that the update came through, but it was the email sending what failed, which in turned hanged the request for a while. GCP logs do not store this data and it's not always possible to get users to provide the data that being sent. Speaking of HTTP method - that should also stay we now have 4 methods in Users action.
Fair enough. We can manually sanitize the password data here, and everywhere else the JSON representation of the registrar should prevent us from actually including any password information. How does that sound?
ptkach
left a comment
ptkach
left a comment
There was a problem hiding this comment.
Reviewed 3 of 4 files at r4, 3 of 3 files at r5, all commit messages.
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @gbrodman)
2 participants
This change is