[PyGrid-0.4.0] Testing Report
victorperezc opened this issue · comments
Victor Perez commented
Description
I've been troubleshooting the deployment and configuration of a PyGrid domain in AWS. Here report all the bugs and unexpected behaviours I could identify.
- Right after deploying the domain I hit
POST /users
to create an Owner (owner@openmined.org). I could login with that user and make requests. Worked fine from the UI. - Then, I hit
GET /setup
and got a400
saying there was no existing initial setup. - I called
POST /setup
and send by the fields user, password and node_name. Got200
. - I then realised that the
POST /setup
had also created another user (owner@openmined.com) , which was also set with role Owner. This means that I had two distinct user accounts with Owner roles. - I went ahead and call again
POST /setup
with the same arguments to see what happens when I try to run the initial setup when already exists. It created another user with the same email and Owner. I then had two accounts under the same email address and all of them Owner. - I called again
POST /users
and try to create another Owner account. I got403
How to Reproduce
- Deploy to AWS
- Follow the notes by order and hit the endpoints
Expected Behaviour
Notes on what I understand is a bug on the above:
- I should get
403
when trying to create a User ( whatever role is ) before the initial setup has been undergo - The Initial Setup created an Owner user ( this is fine ) even though there already existed an Owner user because of step 1. This bug is caused because of the first bug where we created a user without undergoing the Initial Setup
- Subsequent calls to
POST /setup
shouldn't go through since it already exists. This endpoint might be changed toPUT /setup
to update parameters only. - Two accounts with the same email address shouldn't exist.
Screenshots
Victor Perez commented
Closing this Issue now. Resolved in #829