HTTP API: secrets infrastructure #1166
No reviewers
Labels
No Label
Benchmarking and Performance
HTTP Storage Protocol
Nevow Removal
Python 3 Porting
not-for-merge
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: tahoe-lafs/tahoe-lafs#1166
Loading…
Reference in New Issue
No description provided.
Delete Branch "3848.http-api-start-immutables"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Fixes https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3848
Part of review should be validating this matches documented behavior in the HTTP protocol spec.
Coverage increased (+0.03%) to 95.71% when pulling
58a71517c1on 3848.http-api-start-immutables intobc8889f32fon master.@ -24,40 +28,95 @@ from cbor2 import dumpsfrom .server import StorageServerthis should probably use
timing_safe_compare(or however we call it here) I think, or clients may be able to learn the correct swissnum.@ -24,40 +28,95 @@ from cbor2 import dumpsfrom .server import StorageServerGood point, done.
Thanks. A few comments inline. Please at least address the comments about docstrings, the rest are optional. Then merge (unless you want another review).
@ -372,0 +372,4 @@There are also, for some endpoints, secrets sent via ``X-Tahoe-Authorization`` headers.If these are:1. Missing.A couple lines above the text says "If credentials are not presented ... the request receives a 401". That should be updated, I suppose.
Looks like this is no longer a TODO?
@ -14,36 +14,217 @@ if PY2:from future.builtins import filter, map, zip, ascii, chr, hex, input, next, oct, open, pow, round, super, bytes, dict, list, object, range, str, max, min # noqa: F401This might be a good place to use Hypothesis
This test might benefit from Hypothesis. Hypothesis can generate zero to three secrets and the test can verify they round-trip through an encoder/decoder pair.
Likewise, Hypothesis would help here - generate sets of required secrets and different sets of secrets to provide and make just have a single
assertRaises.I'd probably use Hypothesis here but it's a bit more tedious since it requires a strategy for all those not-a-valid-secret cases (although if you lean on
assumethen that isn't necessarily much work, but it's slower at runtime).Avoiding Hypothesis, I'd make a separate test method for each case so you can see which cases fail from one run.
This would be a nice testtools Fixture.
@ -372,0 +372,4 @@There are also, for some endpoints, secrets sent via ``X-Tahoe-Authorization`` headers.If these are:1. Missing.I think it's correct? There are three scenarios:
@ -372,0 +372,4 @@There are also, for some endpoints, secrets sent via ``X-Tahoe-Authorization`` headers.If these are:1. Missing.Oh, indeed. I mixed up swissnum with additional secrets.
Still, do we want "missing swissnum" to be a 400, like "missing other secrets" is? I guess "401" is conventional for a missing "Authorization" header... 🤷
@ -372,0 +372,4 @@There are also, for some endpoints, secrets sent via ``X-Tahoe-Authorization`` headers.If these are:1. Missing.In theory none of these error code should happen in real world.
@ -14,36 +14,217 @@ if PY2:from future.builtins import filter, map, zip, ascii, chr, hex, input, next, oct, open, pow, round, super, bytes, dict, list, object, range, str, max, min # noqa: F401Decided to just split it up.