Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Integration][Snyk] - Validation to Prevent Fetching Non Existent Users #1098

Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Open

[Integration][Snyk] - Validation to Prevent Fetching Non Existent Users #1098

wants to merge 10 commits into from

Conversation

PeyGis
Copy link
Contributor

@PeyGis PeyGis commented Oct 24, 2024

Description

What - Customers had the impression that the integration was bringing data from other organizations that were not specified during the installation process. The particular cause of concern was the Snyk API that enriches the project data with the importer and owner details. It is possible that an importer or the owner of the Snyk project have left the organization. In this instance, when we query the API, we will get 404, which is expected. But the fact that the customer sees an API call to the owners new organization makes it appear that the integration is pulling data from other org.

Why -

How - Added validation to prevent the integration from making attempts to fetch users from other organisation instead of the ones provided to the integration

Type of change

Please leave one option from the following and delete the rest:

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • New Integration (non-breaking change which adds a new integration)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Non-breaking change (fix of existing functionality that will not change current behavior)
  • Documentation (added/updated documentation)

All tests should be run against the port production environment(using a testing org).

Core testing checklist

  • Integration able to create all default resources from scratch
  • Resync finishes successfully
  • Resync able to create entities
  • Resync able to update entities
  • Resync able to detect and delete entities
  • Scheduled resync able to abort existing resync and start a new one
  • Tested with at least 2 integrations from scratch
  • Tested with Kafka and Polling event listeners
  • Tested deletion of entities that don't pass the selector

Integration testing checklist

  • Integration able to create all default resources from scratch
  • Resync able to create entities
  • Resync able to update entities
  • Resync able to detect and delete entities
  • Resync finishes successfully
  • If new resource kind is added or updated in the integration, add example raw data, mapping and expected result to the examples folder in the integration directory.
  • If resource kind is updated, run the integration with the example data and check if the expected result is achieved
  • If new resource kind is added or updated, validate that live-events for that resource are working as expected
  • Docs PR link here

Preflight checklist

  • Handled rate limiting
  • Handled pagination
  • Implemented the code in async
  • Support Multi account

Screenshots

Include screenshots from your environment showing how the resources of the integration will look.

API Documentation

Provide links to the API documentation used for this integration.

@PeyGis PeyGis requested a review from a team as a code owner October 24, 2024 17:29
@github-actions github-actions bot added size/S and removed size/M labels Oct 24, 2024
Tankilevitch
Tankilevitch approved these changes Oct 24, 2024
View reviewed changes
Copy link
Contributor

@Tankilevitch Tankilevitch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lets add a test for that

integrations/snyk/snyk/client.py
async def _get_user_details(self, user_reference: str | None) -> dict[str, Any]:
if (
not user_reference
): ## Some projects may not have been assigned to any owner yet. In this instance, we can return an empty dict
return {}
user_id = user_reference.split("/")[-1]

## The user_reference is in the format of /rest/orgs/{org_id}/users/{user_id}. Some users may not be associated with the organization that the integration is configured with. In this instance, we can return an empty dict
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
## The user_reference is in the format of /rest/orgs/{org_id}/users/{user_id}. Some users may not be associated with the organization that the integration is configured with. In this instance, we can return an empty dict
# The user_reference is in the format of /rest/orgs/{org_id}/users/{user_id}. Some users may not be associated with the organization that the integration is configured with. In this instance, we can return an empty dict

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Tankilevitch Tankilevitch Tankilevitch approved these changes

Assignees
No one assigned
Labels
size/S
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@PeyGis @Tankilevitch