From 5d492a9e019034c5c1a6dfacfbe12b81ea9a6228 Mon Sep 17 00:00:00 2001 From: Ivan Fraixedes Date: Fri, 1 Dec 2023 17:02:14 +0100 Subject: [PATCH] satellite/admin/back-office: Don't send project ID The project ID must never be sent out from the server because old projects used that ID as salt for creating access grants. We must always expose the public ID and the server must retrieve the ID when the public ID is sent in to the server and needs it for performing some DB queries. Change-Id: I4a9d94049ef84f578b62907827d6c09dfd1db4db --- satellite/admin/back-office/users.go | 4 ++-- satellite/admin/back-office/users_test.go | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/satellite/admin/back-office/users.go b/satellite/admin/back-office/users.go index a0060cac6..46569ab01 100644 --- a/satellite/admin/back-office/users.go +++ b/satellite/admin/back-office/users.go @@ -35,7 +35,7 @@ type User struct { // StorageUsed, BandwidthUsed, and SegmentUsed are nil if there was // an error connecting to the Redis live accounting cache. type ProjectUsageLimits struct { - ID uuid.UUID `json:"id"` + ID uuid.UUID `json:"id"` // This is the public ID Name string `json:"name"` StorageLimit int64 `json:"storageLimit"` StorageUsed *int64 `json:"storageUsed"` @@ -87,7 +87,7 @@ func (s *Service) GetUserByEmail(ctx context.Context, email string) (*User, api. usageLimits := make([]ProjectUsageLimits, 0, len(projects)) for _, project := range projects { usage := ProjectUsageLimits{ - ID: project.ID, + ID: project.PublicID, Name: project.Name, } diff --git a/satellite/admin/back-office/users_test.go b/satellite/admin/back-office/users_test.go index 3babd9de3..42972a682 100644 --- a/satellite/admin/back-office/users_test.go +++ b/satellite/admin/back-office/users_test.go @@ -100,10 +100,10 @@ func TestGetUser(t *testing.T) { BandwidthLimit: &bandwidthLimit, SegmentLimit: &segmentLimit, } - projects = append(projects, proj) - _, err := consoleDB.Projects().Insert(ctx, proj) + proj, err := consoleDB.Projects().Insert(ctx, proj) require.NoError(t, err) + projects = append(projects, proj) _, err = consoleDB.ProjectMembers().Insert(ctx, user.ID, proj.ID) require.NoError(t, err) @@ -153,7 +153,7 @@ func TestGetUser(t *testing.T) { for i, info := range user.ProjectUsageLimits { proj := projects[i] name := proj.Name - require.Equal(t, proj.ID, info.ID, name) + require.Equal(t, proj.PublicID, info.ID, name) require.Equal(t, name, info.Name, name) require.EqualValues(t, *proj.StorageLimit, info.StorageLimit, name) require.EqualValues(t, *proj.BandwidthLimit, info.BandwidthLimit, name)