Project

Profile

Help

Task #2635

closed

Determine which fields are mutable on each resource.

Added by jortel@redhat.com almost 8 years ago. Updated over 5 years ago.

Status:
CLOSED - COMPLETE
Priority:
Normal
Assignee:
Category:
-
Sprint/Milestone:
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
Yes
Sprint Candidate:
Yes
Tags:
Sprint:
Sprint 47
Quarter:

Description

Determine which fields are mutable on each resource in pulpcore. This will affect which fields a user can update using the REST API.


Related issues

Related to Pulp - Issue #4313: Username is mutable and can be updated/changed via REST APICLOSED - CURRENTRELEASEttereshcActions
Actions #1

Updated by mhrivnak over 7 years ago

This would be good for a team of 2-3 people to work together.

Actions #2

Updated by amacdona@redhat.com about 6 years ago

  • Tags Pulp 3 RC Blocker added
Actions #3

Updated by ttereshc almost 6 years ago

  • Description updated (diff)
Actions #4

Updated by ttereshc almost 6 years ago

  • Subject changed from Planning: determine which fields are mutable on each resource. to Determine which fields are mutable on each resource.
  • Groomed changed from No to Yes
  • Sprint Candidate changed from No to Yes
Actions #5

Updated by ttereshc almost 6 years ago

Actions #6

Updated by ttereshc almost 6 years ago

  • Status changed from NEW to ASSIGNED
  • Assignee set to ttereshc
  • Sprint set to Sprint 47
Actions #7

Updated by ttereshc almost 6 years ago

  • Description updated (diff)
Actions #8

Updated by ttereshc almost 6 years ago

Criteria

The field should be read_only if it's not supposed to be set or updated by users via any REST API calls.
When unsure, set field to read_only (we can make it writable later. Due to semver we can't do it the other way around).
UPD (from comment#9): If a field should be set by user but should remain immutable, this can be adjusted at the viewset level.

Ways for a field to be a read-only one

  • a field can only be a read-only one
  • nested serializers are read-only by default
  • explicitly set on a serializer read_only=True
  • editable=False or auto_now=True or auto_now=True or any AutoField on a model
  • read_only_fields are specified in Meta class for a serializer
Actions #9

Updated by amacdona@redhat.com almost 6 years ago

Just to be complete, `read_only` is a little different from immutable. Some fields may need to be set, but only during creation time. For one case, ContentUnits are not read-only, but are immutable because their ViewSets do not have have the Update mixin. https://github.com/pulp/pulp/blob/cf30f2e9a77f7ad935184c5cbe58dfad788febc3/pulpcore/app/viewsets/content.py#L90-L93

Another hypothetical case (I don't know of any in our code base) is that some fields may need to be set at creation time, but other fields are update-able. If this is necessary, some custom update code can be created on the ViewSet and/or Serializer to enforce it.

The important takeaway from this comment is that we need to audit more than just the serializers. We need to also check the ViewSets to get the real picture for what is/isn't mutable.

Actions #10

Updated by ttereshc almost 6 years ago

Actions #11

Updated by ttereshc almost 6 years ago

Current state which looks good to me. Any concerns/thoughts are welcome.

All resources have the following read-only attributes:

  • _ href
  • _created
  • _last_updated

Content

read-only:

  • _type

read-write (can be set once, can't be updated - restricted in a viewset):

  • _artifacts

Artifact

read-write:

  • file
  • size
  • all checksums

ContentGuard

read-only:

  • _type

read-write (as per serializer; create/update are not provided by pulpcore, should be done in plugins):

  • name
  • description

Repository

read-only:

  • _versions_href
  • _latest_version_href

read-write:

  • name
  • description

Remote

read-only:

  • _type

read-write:

  • name
  • url
  • validate
  • ssl_validation
  • proxy_url
  • download_concurrency
  • policy

write-only (aka not shown in API responses):

  • ssl_ca_certificate
  • ssl_client_certificate
  • ssl_client_key
  • username
  • password

Publisher

read-only:

  • _type
  • distributions

read-write:

  • name

Exporter

read-only:

  • _type
  • last_export

read-write:

  • name

Distribution

read-only:

  • last_export
  • base_url

read-write:

  • name
  • base_path
  • publisher
  • content_guard
  • publication
  • repository

Publication

read-only:

  • distributions
  • repository_version

read-write:

  • pass_through
  • publisher

RepositoryVersion

read-only:

  • number
  • content_hrefs
  • content_added_hrefs
  • content_removed_hrefs
  • content_summary
  • content_added_summary
  • content_removed_summary

read-write:

  • base_version

write-only:

  • add_content_units
  • remove_content_units

Task/Worker

  • no create/update are allowed
  • all fields are read_only

User

read-write:

  • username

write-only:

  • password
Actions #12

Updated by ttereshc almost 6 years ago

Actions #13

Updated by ttereshc almost 6 years ago

  • Related to Issue #4313: Username is mutable and can be updated/changed via REST API added
Actions #14

Updated by ttereshc almost 6 years ago

  • Status changed from ASSIGNED to CLOSED - COMPLETE

As a result of this task:
- #4313 is created
- ContentGuard duplicated serializers/viewsets removed, publication related code is reorganized into a separate module https://github.com/pulp/pulp/pull/3823

Actions #15

Updated by daviddavis over 5 years ago

  • Sprint/Milestone set to 3.0.0
Actions #16

Updated by bmbouter over 5 years ago

  • Tags deleted (Pulp 3, Pulp 3 RC Blocker)

Also available in: Atom PDF