This change implements account activation using OTP code. Based on
whether this activation method is activated, signup will generate a
6-digit code and send it via email. A new endpoint is added to validate
this code and activate the user's account and log them in.
Issue: #6428
Change-Id: Ia78bb123258021bce78ab9e98dce2c900328057a
Test was flaky because we asserted if we have 15 classes:
6 email (for each used (!!!) nodes)
6 last_net (for each used (!!!) nodes)
1 wallet
1 country ("HU")
1 empty value
But there was a very low chance to use only 5 nodes, out of the 6 (RS.Success=5, RS.Total=6).
In that specific case, we had only 12 classes, as we didn't see all the used emails, as we iterated over the used nodes only (and one node was not used).
https://github.com/storj/storj/issues/6549
Change-Id: I66882d5fa9b0d5f5b2397ea856494037972d4b81
This inserts additional information provided in error messages from
Hubspot into the Go error that is eventually logged out.
Before, we would see the a generic "sending event failed" log.
With this change, we will see more detailed information in the log, such
as a list of required fields that were not submitted.
Change-Id: I24da0646bca62f459377abe6281403020fb54c49
This change adds a search field to the new admin UI through which user
email addresses may be submitted. If the email belongs to a verified
user, the client will be redirected to the Account Details page which
is populated with the user's information.
Resolves#6469Resolves#6475
Change-Id: Icbf3cb3f8374f2764e73a523f111c5ecf3d06569
Inject the middleware code after the query and path parameters parsing
because in the case that a middleware needs to execute a more expensive
logic, it isn't executed if there are malformed or missing parameters.
Change-Id: I883ade8ee42d25accb153c78d9f583d883730d6a
Added new optional '--aggregate' flag for billing.generate-invoices and billing.prepare-invoice-records commands to toggle invoice items aggregation.
Added new explicit command billing.create-aggregated-project-invoice-items which should be used after preparing aggregated invoice records (in cases when invoice generation happens step-by-step).
Change-Id: I04fc0110be5263edb959306d5314a4a1a8eec3ba
This change adds an endpoint to the back office API that returns user
info based on email address.
References #6503
Change-Id: Ib48d30b0b6c6862887b3f8114f50538b3deca57b
Add a README document with some general API guidelines that we wrote in
a Slack canvas to discuss them.
Change-Id: Iec933edeb7622b78a98155512b25267d12879837
If the API description or version is empty, don't print out in the docs
a placeholder for them.
In commit bcde51138d a space between the
placeholder and description was removed because it was printing a
trailing space if the description was empty, but that introduced another
bug, which is not adding the space when the description is empty.
This commit fixes the bug, no printing the placeholder if the
description is empty, otherwise print it with the corresponding blank
space in between the placeholder and the description.
Change-Id: I19c92c3dd7dfb38b8b2a43821bafc726ffad59d7
Fix a case where it was possible to create a delete marker when only
pending object was present.
The solution is not pretty, but we have a TODO note to cleanup the
precommit code, so let's fix the bug first.
Change-Id: I0ab66d745443c9dccbf29ef32389dd912b2d9caf
The API generator doesn't have a way to customize each Go handler
endpoint unless that the Go generator is modified.
This commit adds a way to customize each endpoint injecting instances of
types that implement an interface (Middleware) that return the code to inject.
To show how it works, the commit get rid of the 2 fields that we used to
customize the authentication request with the logic that the
satellite/console/consoleweb/consoleapi needs and replace the hardcoded
customization using this new way to customize handlers.
This new way should allow to hook the satellite/admin/back-office
authorization into the handlers using a Middleware implementation.
Change-Id: I894aa0026b30fa2f4a5604a6c34c22e0ed582e2b
The code to get daily storage usage is a little confusing. There is a
portion of the query which looks like it is trying to sum the storage
for buckets by each day, but it doesn't work. There is also a section
which sums the buckets by reading the returned rows, but it assumes that
the rows are ordered by the date, which they are not. This results in
the potential for multiple entries for the same day being created: one
for each bucket. The UI doesn't know about this, so the entries for the
same day overwrite each other and result in the appearance of less
stored data on the graph.
To fix it, don't group by bucket and allow the query to sum the buckets
together.
Change-Id: Id3ec25238e6e6346b93b10f834bdc9c70023f1e1
This change adds a new column to the user table, which will hold a
random code for account activation. And another to hold the signup
request ID as another layer of verification.
Issue: #6428
Change-Id: Icd46cb5d8fc76102264d599aca27686cd8b2e84e
Currently we have large set of nodes that are already disqualified and
we are not sending bloom filters to them. The issue is that we are still
generating filters for them while garbage collection process. Even if
we have only segment with one piece which was stored on this node. This
consumes additional memory and processing powers.
This change is changing logic behind `AllPieceCounts` (renamed to
ActiveNodesPieceCounts) to return piece count for all nodes except disqualified one (even with piece count = 0). With this change we can
modify GC observer to skip nodes that where not returned by
ActiveNodesPieceCounts.
Change-Id: Ic75159135abe535084d8aeee560bb801a4a03e17
This change gives the proper type to TS class fields generated from
nillable Go struct fields. Previously, Go struct fields having a nil
representation ([]Type, *Type, etc.) were translated into TypeScript as
"Type | undefined". This isn't correct because these fields, when nil,
are given the value "null" when marshalled into JSON. This change fixes
this issue by giving these fields the type "Type | null".
Change-Id: I5a1a83eb3810a3cba10895bb2f0f75ca5fd7d1b5
the new bus_factor calculation doesn't make sense with different classes, as we have overlaps.
For example: it can detect a risk if we loose one country and one different subnet (with possible overlap).
It's better to calculate the stat and bus_factor per class (net, country, ...).
It also makes it easier to measure execution time per class.
Change-Id: I7d4d5f7cb811cd50c5831077b43e001908aab96b
For S3 compatibility we should not allow returning pure delete
marker object. If metabase returns delete marker metainfo will
return MethodNotAllowed rpc status.
https://github.com/storj/storj/issues/6522
Change-Id: I89804b2bd22da0e5beec8f106e74b74733e19a52
This reverts commit 2b4f347c33.
Reason for revert: not a zero-downtime migration. We need to deploy the dbx changes before completely dropping the column.
Change-Id: Ic9215650242b7848d54f8a5f863a13bc18b60149
This change adds two new admin endpoints to freeze users for legal
review and to remove them from that state
Issue: storj/storj-private#492
Change-Id: I6c8e3ffcb80375e81e78bc6ecc785c1047328cf7
This change adds an endpoint to the back office API that returns
placement IDs and their locations.
References #6503
Change-Id: I20ee1c82dcb647d6d264317beceeb5e70f7a8e87
Implement the authorization that will hook into each endpoint handler
through a wrapping handler for defining the permissions that each
endpoint requires.
Change-Id: I9c8f12b58f48e849e7ea35f372dddce5c9cfc5b5
For convenience of not having to modify the API generator to contemplate
the path prefix that we are adding to the back office server, we define
the path prefix in a constant than the admin server and the definition
of the API uses to adapt the router and the generated code.
Change-Id: Ic557b0e6e88e930e03647835759bb34e06e8bb48
We decided that we won't use seprate table for handling pending
objects. We need to remove related code.
https://github.com/storj/storj/issues/6421
Change-Id: I442b0f58da75409f725e08e2cd83d29ed4f91ec6
Removed MetadataSize, RepairEgress, AuditEgress fields from usage report because they are not relevant.
Issue:
https://github.com/storj/storj/issues/6498
Change-Id: I8ef7d56bd1b01cdb53cec8c67dd47a6a0e7fa184
This change prevents Go code produced by the API generator from
importing its own package. Previously, we tried to prevent self imports
by skipping import paths whose last segment matched the generated Go
code's package name. However, aliased imports circumvented this.
We now require API definitions to define the Go package path so that we
can compare this with the import path directly.
Change-Id: I7ae7ec5e1a342d2f76cd28ff72d4cd7285c2820a
This change wraps account freeze code in DB transactions to prevent
freeze inconsistencies resulting from errors that happen in the process
of freezing accounts.
Change-Id: Ib67fb30dc33248413d3057ceeac5c2f410f551d5
To be compatible with S3 we need to return 'Method Not Allowed' when
delete marker is requested and to do this libuplnk needs to know about
delete marker. It will be returned only if object version will be
specified.
Change-Id: I288da5566c74e1b4951f7cd249dbf34622b92e91
We decided that we won't use seprate table for handling pending
objects. We need to remove related code.
After this change we still needs to remove related code from metabase.
https://github.com/storj/storj/issues/6421
Change-Id: Idaaa8ae08b80bab7114e316849994be171daf948
PathPrefix is the full path of the subrouter passed to the back office
server when it hooks into another server, in this case, the satellite
admin server.
PathPrefix allows to serve the static assets from the root of the
sub-router when the prefix is stripped before accessing them.
There was a bug where the PathPrefix weren't used and a hard-coded path
was used.
Test passed because the back-office server is hooked into the satellite
admin server with a subrouter with path `/back-office/` which matched
the hard-code value, however, it wouldn't work if that path changed or
it is hooked into another server with a different subrouter path,
despite it was set to PathPrefix.
This commit fixes that bug.
Change-Id: Id4a0d86329eb563b008b3fc6f8eb7b51cbfd2e6f
This change extends the account freeze functionality account for legal
freezes as well. This is a freeze event for accounts to be put on hold
for legal review. It also sets the LegalHold status on the affected
user.
Issue: storj/storj-private#492
Change-Id: I8c733269b5cfb647c840379a6bb033da120c8280