Skip to content

♻️ Refactor and Upgrade Users Repository including users_secrets split 🗃️ #8124

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 47 commits into from
Jul 21, 2025
Merged

♻️ Refactor and Upgrade Users Repository including users_secrets split 🗃️ #8124

merged 47 commits into from
Jul 21, 2025

Conversation

@pcrespov
Copy link
Member

@pcrespov pcrespov commented Jul 17, 2025
edited
Loading

What do these changes do?

This PR refactors and upgrades the users repository, impacting the users, users_pre_registration, and introducing the new users_secrets table.

Highlights on pytest_simcore.helpers.postgres_users

pytest_simcore.helpser.postgres_tools.insert_and_get_row_lifespan implements a test data factory pattern for creating database fixtures with proper relationship handling. Now we specialized to create users in the database:

  1. Creates related test data: Uses faker factories (random_user, random_user_secrets) to generate realistic test data for both users and users_secrets tables
  2. Maintains referential integrity: Ensures the user secret record correctly references the created user via user_id=user["id"]
  3. Manages lifecycle: Uses AsyncExitStack to properly clean up both database records when the context exits
  4. Returns combined data: Yields a merged dictionary containing user data plus the password hash from the secrets table

The function follows the insert-and-get pattern using insert_and_get_row_lifespan for each table, which:

  • Inserts the row with generated data
  • Returns the inserted row data (including auto-generated PKs)
  • Automatically cleans up on context exit

This is commonly used in pytest fixtures to create temporary, isolated test data for users that gets automatically cleaned up after each test.

Related issue/s

How to test

cd packages/postgres-database
make install-dev
pytest -vv tests/test_*user*.py

cd services/web/server
make install-dev
pytest -vv tests/unit/test_*user*.py

Dev-ops

None

@pcrespov pcrespov self-assigned this Jul 17, 2025
@pcrespov pcrespov added a:webserver webserver's codebase. Assigning the area is particularly useful for bugs a:database associated to postgres service and postgres-database package a:director-v2 issue related with the director-v2 service labels Jul 17, 2025
@codecov
Copy link

codecov bot commented Jul 17, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 75.20325% with 61 lines in your changes missing coverage. Please review.

Project coverage is 88.11%. Comparing base (f1c60a8) to head (1d9a6c1).
Report is 1 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #8124      +/-   ##
==========================================
- Coverage   88.22%   88.11%   -0.11%     
==========================================
  Files        1890     1889       -1     
  Lines       72631    72677      +46     
  Branches     1277     1274       -3     
==========================================
- Hits        64076    64038      -38     
- Misses       8174     8262      +88     
+ Partials      381      377       -4
Flag Coverage Δ
integrationtests 64.17% <44.59%> (-0.08%) ⬇️
unittests 86.73% <75.20%> (-0.11%) ⬇️
Components Coverage Δ
pkg_aws_library 93.93% <ø> (ø)
pkg_celery_library 87.34% <ø> (ø)
pkg_dask_task_models_library 79.62% <ø> (ø)
pkg_models_library 93.15% <ø> (ø)
pkg_notifications_library 85.26% <ø> (ø)
pkg_postgres_database 88.02% <77.65%> (-0.20%) ⬇️
pkg_service_integration 70.17% <ø> (ø)
pkg_service_library 71.53% <100.00%> (+0.04%) ⬆️
pkg_settings_library 90.45% <ø> (ø)
pkg_simcore_sdk 85.05% <ø> (-0.06%) ⬇️
agent 93.81% <ø> (ø)
api_server 93.02% <ø> (ø)
autoscaling 95.88% <ø> (ø)
catalog 92.34% <ø> (ø)
clusters_keeper 99.13% <ø> (ø)
dask_sidecar 92.37% <ø> (ø)
datcore_adapter 97.94% <ø> (ø)
director 76.14% <ø> (ø)
director_v2 91.06% <100.00%> (+0.04%) ⬆️
dynamic_scheduler 96.27% <ø> (ø)
dynamic_sidecar 90.09% <ø> (+0.01%) ⬆️
efs_guardian 89.76% <ø> (ø)
invitations 91.44% <ø> (ø)
payments 92.60% <ø> (ø)
resource_usage_tracker 92.65% <ø> (ø)
storage 86.44% <ø> (-0.21%) ⬇️
webclient ∅ <ø> (∅)
webserver 88.23% <71.83%> (-0.36%) ⬇️

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update f1c60a8...1d9a6c1. Read the comment docs.

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@pcrespov pcrespov force-pushed the is8060/split_secret_tables branch from dc7c7bb to f217f7e Compare July 17, 2025 20:51
@pcrespov pcrespov added this to the Engage milestone Jul 18, 2025
@pcrespov pcrespov force-pushed the is8060/split_secret_tables branch 2 times, most recently from d0620b8 to 649ab2d Compare July 18, 2025 15:43
@pcrespov pcrespov changed the title WIP: ♻️ Is8060/split secret tables WIP: ♻️ Refactor and Upgrade Users Repository including user_secrets split Jul 21, 2025
@pcrespov pcrespov changed the title WIP: ♻️ Refactor and Upgrade Users Repository including user_secrets split ♻️ Refactor and Upgrade Users Repository including users_secrets split Jul 21, 2025
@pcrespov pcrespov force-pushed the is8060/split_secret_tables branch from d0a0938 to 177de8c Compare July 21, 2025 08:57
@pcrespov pcrespov marked this pull request as ready for review July 21, 2025 08:57
Copilot AI reviewed Jul 21, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR refactors the users repository by extracting user passwords into a new users_secrets table and upgrades the UsersRepo to centralize user management logic. The refactoring includes removing deprecated aiopg dependencies and consolidating user-related fixtures into a centralized helper module.

  • Introduces new users_secrets table with database migration to move password hashes from users table
  • Extends UsersRepo class to use modern async SQLAlchemy patterns and removes legacy aiopg code
  • Consolidates test fixtures using new pytest_simcore.helpers.postgres_users module

Reviewed Changes

Copilot reviewed 55 out of 55 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
packages/postgres-database/src/simcore_postgres_database/models/users_secrets.py New table model for storing user password hashes separately
packages/postgres-database/src/simcore_postgres_database/utils_users.py Major refactor to use async SQLAlchemy and new table structure
packages/pytest-simcore/src/pytest_simcore/helpers/postgres_users.py New helper module for creating user+secrets test fixtures
services/web/server/src/simcore_service_webserver/login/_auth_service.py Updated authentication service to work with new user repository structure
Multiple test files Updates to use new consolidated user fixture patterns

@pcrespov pcrespov enabled auto-merge (squash) July 21, 2025 09:37
@pcrespov pcrespov disabled auto-merge July 21, 2025 09:37
GitHK
GitHK approved these changes Jul 21, 2025
View reviewed changes
Copy link
Contributor

@GitHK GitHK left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks

sanderegg
sanderegg approved these changes Jul 21, 2025
View reviewed changes
Copy link
Member

@sanderegg sanderegg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a bunch. I'm going to not like the conflicts but that is good.
I don't understand why you kept all these fixtures that do the same as create_registered_user. This comes in a subsequent PR?

matusdrobuliak66
matusdrobuliak66 approved these changes Jul 21, 2025
View reviewed changes
Copy link
Collaborator

@matusdrobuliak66 matusdrobuliak66 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@sonarqubecloud
Copy link

sonarqubecloud bot commented Jul 21, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
1 Accepted issue

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@pcrespov pcrespov merged commit 9e99973 into ITISFoundation:master Jul 21, 2025
94 of 96 checks passed
@pcrespov pcrespov deleted the is8060/split_secret_tables branch July 21, 2025 16:25
@pcrespov pcrespov changed the title ♻️ Refactor and Upgrade Users Repository including users_secrets split ♻️ Refactor and Upgrade Users Repository including users_secrets split 🗃️ Jul 21, 2025
@YuryHrytsuk YuryHrytsuk mentioned this pull request Jul 29, 2025
Closed
18 tasks
@matusdrobuliak66 matusdrobuliak66 mentioned this pull request Aug 5, 2025
Closed
88 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@giancarloromeo giancarloromeo giancarloromeo approved these changes

@GitHK GitHK GitHK approved these changes

@sanderegg sanderegg sanderegg approved these changes

@matusdrobuliak66 matusdrobuliak66 matusdrobuliak66 approved these changes

@bisgaard-itis bisgaard-itis Awaiting requested review from bisgaard-itis

@YuryHrytsuk YuryHrytsuk Awaiting requested review from YuryHrytsuk

Assignees

@pcrespov pcrespov

Labels

a:database associated to postgres service and postgres-database package a:director-v2 issue related with the director-v2 service a:webserver webserver's codebase. Assigning the area is particularly useful for bugs

Projects

None yet

Milestone

Engage

Development

Successfully merging this pull request may close these issues.

Rename tables to include _secret if they include secrets that cannot be monitored

5 participants

@pcrespov @giancarloromeo @GitHK @sanderegg @matusdrobuliak66