Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add db-specific error #521

Merged
merged 30 commits into from
Apr 12, 2022
Merged

Add db-specific error #521

merged 30 commits into from
Apr 12, 2022

Conversation

G1gg1L3s
Copy link
Contributor

@G1gg1L3s G1gg1L3s commented Apr 7, 2022
edited
Loading

One of the last PRs added support for type awareness. That allows defining types on values, which would be decrypted and returned from Acra, like string or int. It also added default values field in configs, which allows to specify which value to return, if some error (possibly decryption error) occurs.

This PR adds ability to chose, which action should be performed on (decryption) failure: either to return client specific error, like acra censor already can, or return default value.

Default action, if type awareness is enabled, is "error". The user can specify the "default" case together with a default value.

Checklist

Lagovas
Lagovas reviewed Apr 8, 2022
View reviewed changes
G1gg1L3s added 14 commits April 8, 2022 17:36
@G1gg1L3s
Remove debug logs
35c810c 
oops, sorry ヾ(_ _。)
@G1gg1L3s
Fix typo in comments
f527e68
@G1gg1L3s
Specify which action is unknown in onFail
d95265d
@G1gg1L3s
Log column in every encoding/decoding message
db33488
@G1gg1L3s
Extract AcraCensorBlock msg into separate const
9ac8f40
@G1gg1L3s
Add column field into EncodingError
555809e
@G1gg1L3s
Rename on_fail into response_on_fail
714fae0
@G1gg1L3s
Add ciphertext option for ResponseOnFail
eab1143
@G1gg1L3s
Rename default option into default_value
0697312
@G1gg1L3s
Make default response_on_fail be ciphertext
4558a39 
...unless `default_data_value` is defined. In that case, make it
`default_value`.

Also, fix tests.
@G1gg1L3s
Add integration test for response_on_fail=error
b7ba36d
@G1gg1L3s
Add integration test response_on_fail=ciphertext
ba16e85
@G1gg1L3s
Rename onFail function into encodeOnFail
e39b7dd
@G1gg1L3s
Refactor value encoding
39554d4 
Merge implementations of encodeText and encodeBinary into one
encodeToValue.
@G1gg1L3s G1gg1L3s requested a review from Lagovas April 11, 2022 16:16
Lagovas
Lagovas reviewed Apr 11, 2022
View reviewed changes
Copy link
Collaborator

@Lagovas Lagovas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

finally lgtm. except... can we recognize error message in the python driver's exceptions in integration tests?

encryptor/config/common/encryptedTypes.go Outdated
// `GetResponseOnFail`
ResponseOnFailEmpty ResponseOnFail = ""

// ResponseOnFailCiphertext indicates that raw cip value should be returned
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

never saw cip as short form of ciphertext )) did you see somewhere?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oops, a lil typo :)

decryptor/postgresql/data_encoder_test.go Outdated
setting: &config.BasicColumnEncryptionSetting{
Tokenized: false,
DataType: "int32",
ResponseOnFail: "default_value",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmm, if you added own type for that with constants, maybe we should use them instead of hardcoded values?

Copy link
Contributor Author

@G1gg1L3s G1gg1L3s Apr 11, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hard coded values are more readable, imho. Good tests should be readable - because review from the person is the only way to verify correctness of the tests.
But on the other hand, use of constants makes introducing changes (renames) easier. So, it makes sense. I'll do it

Lagovas
Lagovas reviewed Apr 11, 2022
View reviewed changes
tests/test.py Outdated
self.engine2.execute(
sa.select([self.test_table])
.where(self.test_table.c.id == data['id']))
self.assertIn("encoding error", str(ex))
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
self.assertIn("encoding error", str(ex))
self.assertIn("encoding error", str(ex))

this check doesn't call) because exception raised on previous row)
plus, better to check self.assertEqual(r'encoding error in column "value_str"\n', ex.exception.args[0])

Lagovas
Lagovas approved these changes Apr 12, 2022
View reviewed changes
Copy link
Collaborator

@Lagovas Lagovas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@G1gg1L3s G1gg1L3s merged commit d9450f7 into master Apr 12, 2022
@G1gg1L3s G1gg1L3s deleted the G1gg1L3s/T2515-return-db-specific-error branch April 12, 2022 18:31
@G1gg1L3s G1gg1L3s mentioned this pull request Apr 12, 2022
Merged
@G1gg1L3s G1gg1L3s mentioned this pull request May 4, 2022
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Lagovas Lagovas Lagovas approved these changes

@iamnotacake iamnotacake Awaiting requested review from iamnotacake

@Zhaars Zhaars Awaiting requested review from Zhaars

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@G1gg1L3s @Lagovas