Project

Profile

Help

Issue #3117

jwt_secret field in the API is confusing

Added by daviddavis almost 2 years ago. Updated 6 months ago.

Status:
CLOSED - WONTFIX
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
Start date:
Due date:
Severity:
2. Medium
Version:
Platform Release:
Blocks Release:
OS:
Backwards Incompatible:
No
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
QA Contact:
Complexity:
Smash Test:
Verified:
No
Verification Required:
No
Sprint:

Description

@bizhang and I were a bit confused about how the jwt_secret is functioning in the API. It looks like if JWT_ALLOW_SETTING_USER_SECRET is true and DEBUG is true, I can view the field in the API for users. However, if DEBUG is false, I can never view the field. And also, if JWT_ALLOW_SETTING_USER_SECRET is true, I can write to the field regardless of what DEBUG is.

I wonder if (A) we can simplify this logic by eliminating the separate code path around DEBUG. I think this is also beneficial for testing purposes. And (B) I am wondering if the behavior around being able to write jwt_secret but not view it is intentional/correct.

I think this may be a refactor task. Feel free to set the tracker as such. Marking this as a bug because I am not entirely it's not a bug and I am hoping for some feedback.

History

#1 Updated by daviddavis almost 2 years ago

  • Description updated (diff)

#2 Updated by dalley almost 2 years ago

  • Triaged changed from No to Yes

#3 Updated by bizhang almost 2 years ago

  • Tags Pulp 3 added

#4 Updated by daviddavis almost 2 years ago

  • Tags Pulp 3 MVP added

#5 Updated by daviddavis almost 2 years ago

  • Status changed from NEW to CLOSED - WONTFIX

Closing since we're removing JWT functionality from the MVP.

#6 Updated by dkliban@redhat.com over 1 year ago

  • Sprint/Milestone set to 3.0

#7 Updated by bmbouter 6 months ago

  • Tags deleted (Pulp 3, Pulp 3 MVP)

Please register to edit this issue

Also available in: Atom PDF