Closed GeoffreyHuck closed 2 months ago
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 100.00%. Comparing base (
a9f7dc3
) to head (0352163
).
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Some tests are using a score token with an undefined AttemptID and LocalItemID. So for now the parsing and validation of score token works if there is no AttemptID or LocalItemID. But maybe it should fail? Can it happen in reality?
But I don't get how you set the score to the result
entry if the item_id
or attempt_id
is missing, so I cannot see how it may "work". If it is only on the token parsing, that's an internal decision you have to make, but I don't see cases where no having item_id
or attempt_id
makes sense.
the PR closing was a mistake
The unmarshalling now fails if there is no idAttempt
or idLocalItem
, because score tokens
are used only in this service, and they're required for the service to work.
fixes #1079
Remove authentication with
access token
for the servicesaveGrade
. Use either theanswer token
or thescore token
.Also added tests to check:
participant_id
!=user_id
Representation of inputs in the service
The method is the same as the one that was already in use. If the input is
answer token
+score
, we construct ascore token
from it. Then, in the rest of the service, we only use thescore token
to access the inputs. This avoid avoidif/else
depending of whether the input consists ofanswer token
+score
orscore token
.Unmarshalling of
score token
need to use theLocalItemID
The current system checks the signature at the same time of unmarshalling tokens. Problem: we need to use the
LocalItemID
inside thescore token
to know which platform key to use to unmarshal thescore token
itself. So a methodtoken.GetUnsafeFromToken
has been added, to be able to retrieve a parameter inside the token without checking the signature.Unsafe
was added in the name to make sure this method isn't use in wrong situations.Parsing and validation of tokens
The same method that was use to parse and validate the fields
idUser
,idItemLocal
andidAttempt
oftask tokens
and put them in aConverted
sub structure during unmarshalling has been reused foranswer tokens
. This way is more consistent, and we are sure we are dealing with valid information when we access the content of the token.Little uncertainty about score tokens
Some tests are using a
score token
with an undefinedAttemptID
andLocalItemID
. So for now the parsing and validation ofscore token
works if there is noAttemptID
orLocalItemID
. But maybe it should fail? Can it happen in reality?Review
Easier to review all modifications at once as some refactoring were made. But the details of the changes can be seen in commit messages.