Merge branch 'master' into improve-efs-2

Author: matusdrobuliak66

.env-devel

@@ -154,7 +154,7 @@ POSTGRES_PORT=5432
 POSTGRES_USER=scu
 
 POSTGRES_READONLY_PASSWORD=readonly
-POSTGRES_READONLY_USER=readonly
+POSTGRES_READONLY_USER=postgres_readonly
 
 
 RABBIT_HOST=rabbit

.gitignore

@@ -181,6 +181,3 @@ tests/public-api/osparc_python_wheels/*
 
 # osparc-config repo files
 repo.config
-
-# scripts resolved with .env s
-services/postgres/scripts/create-readonly-user.sql

.vscode/settings.template.json

@@ -9,11 +9,12 @@
   "files.associations": {
     ".*rc": "ini",
     ".env*": "ini",
+    "*.logs*": "log",
     "**/requirements/*.in": "pip-requirements",
     "**/requirements/*.txt": "pip-requirements",
     "*logs.txt": "log",
-    "*.logs*": "log",
     "*Makefile": "makefile",
+    "*sql.*": "sql",
     "docker-compose*.yml": "dockercompose",
     "Dockerfile*": "dockerfile"
   },

packages/service-library/src/servicelib/aiohttp/rest_middlewares.py

@@ -31,7 +31,11 @@
 from .typing_extension import Handler, Middleware
 
 DEFAULT_API_VERSION = "v0"
-FMSG_INTERNAL_ERROR_USER_FRIENDLY = "We apologize for the inconvenience. Our team has recorded the issue and is working to resolve it as quickly as possible. Thank you for your patience [{}]"
+_FMSG_INTERNAL_ERROR_USER_FRIENDLY_WITH_OEC = (
+    "We apologize for the inconvenience."
+    " Our team has recorded the issue [{error_code}] and is working to resolve it as quickly as possible."
+    " Thank you for your patience"
+)
 
 
 _logger = logging.getLogger(__name__)
@@ -58,7 +62,9 @@ def _process_and_raise_unexpected_error(request: web.BaseRequest, err: Exception
         if isinstance(err, OsparcErrorMixin):
             error_context.update(err.error_context())
 
-        frontend_msg = FMSG_INTERNAL_ERROR_USER_FRIENDLY.format(error_code)
+        frontend_msg = _FMSG_INTERNAL_ERROR_USER_FRIENDLY_WITH_OEC.format(
+            error_code=error_code
+        )
         log_msg = create_troubleshotting_log_message(
             message_to_user=frontend_msg,
             error=err,

packages/service-library/tests/aiohttp/test_rest_middlewares.py

@@ -16,7 +16,7 @@
 from models_library.utils.json_serialization import json_dumps
 from servicelib.aiohttp import status
 from servicelib.aiohttp.rest_middlewares import (
-    FMSG_INTERNAL_ERROR_USER_FRIENDLY,
+    _FMSG_INTERNAL_ERROR_USER_FRIENDLY_WITH_OEC,
     envelope_middleware_factory,
     error_middleware_factory,
 )
@@ -238,7 +238,10 @@ async def test_raised_unhandled_exception(
         # user friendly message with OEC reference
         assert "OEC" in error["message"]
         parsed_oec = parse_error_code(error["message"]).pop()
-        assert FMSG_INTERNAL_ERROR_USER_FRIENDLY.format(parsed_oec) == error["message"]
+        assert (
+            _FMSG_INTERNAL_ERROR_USER_FRIENDLY_WITH_OEC.format(error_code=parsed_oec)
+            == error["message"]
+        )
 
         # avoids details
         assert not error.get("errors")

services/postgres/Makefile

@@ -7,8 +7,8 @@ ifneq (,$(wildcard $(DOT_ENV_FILE)))
 endif
 
 
-.PHONY: scripts/create-readonly-user.sql
-scripts/create-readonly-user.sql: scripts/create-readonly-user.sql.template
-	@echo "Generating SQL script from $<..."
+
+scripts/%.sql: scripts/%.sql.template
+	@echo "Generating SQL script from '$<'..."
 	@envsubst < $< > $@
-	@echo "SQL script generated as $@"
+	@echo "SQL script generated as '$@'"

services/postgres/scripts/.gitignore

@@ -0,0 +1,3 @@
+*
+!.gitignore
+!*.template.*

services/postgres/scripts/remove-readonly-user.sql.template

@@ -0,0 +1,16 @@
+-- Revoke all privileges the user has on the public schema
+REVOKE ALL PRIVILEGES ON SCHEMA public FROM ${POSTGRES_READONLY_USER};
+
+-- Revoke all privileges the user has on tables and sequences in the public schema
+REVOKE ALL PRIVILEGES ON ALL TABLES IN SCHEMA public FROM ${POSTGRES_READONLY_USER};
+REVOKE ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public FROM ${POSTGRES_READONLY_USER};
+
+-- Revoke any future privileges set via ALTER DEFAULT PRIVILEGES
+ALTER DEFAULT PRIVILEGES IN SCHEMA public REVOKE ALL ON TABLES FROM ${POSTGRES_READONLY_USER};
+ALTER DEFAULT PRIVILEGES IN SCHEMA public REVOKE ALL ON SEQUENCES FROM ${POSTGRES_READONLY_USER};
+
+-- Drop the user
+DROP USER ${POSTGRES_READONLY_USER};
+
+-- Listing all users
+SELECT * FROM pg_roles;

services/web/server/src/simcore_service_webserver/users/_handlers.py

@@ -54,7 +54,7 @@ async def wrapper(request: web.Request) -> web.StreamResponse:
             raise web.HTTPNotFound(reason=f"{exc}") from exc
         except MissingGroupExtraPropertiesForProductError as exc:
             error_code = create_error_code(exc)
-            frontend_msg = FMSG_MISSING_CONFIG_WITH_OEC.format(error_code)
+            frontend_msg = FMSG_MISSING_CONFIG_WITH_OEC.format(error_code=error_code)
             log_msg = create_troubleshotting_log_message(
                 message_to_user=frontend_msg,
                 error=exc,

services/web/server/tests/unit/with_dbs/03/test_users.py

@@ -196,7 +196,9 @@ async def test_get_profile_with_failing_db_connection(
 
     resp = await client.get(url.path)
 
-    await assert_status(resp, expected)
+    data, error = await assert_status(resp, expected)
+    assert not data
+    assert error["message"] == "Authentication service is temporary unavailable"
 
 
 @pytest.mark.parametrize(