search

thesentinelproject / threatwiki_node

Threatwiki - genocide risk tracking and visualization platform to help monitor communities at risk of genocide around the world
Other
63 stars 25 forks source link

The 'Comment' field is not saving or loading up in the Datapoint form. #99

Closed abhishekbh closed 10 years ago

abhishekbh commented 10 years ago

Recreate:

  1. Create a datapoint
  2. Fill out a comment
  3. Hit save
  4. Open the same datapoint
  5. Comment will be empty

Tested in local development environment and everything seems to work okay there. Were there any changes that went on prod that were not registered in the git repo?

Kenya SOC

jeromegv commented 10 years ago

Prod is the same as GitHub but comment field is hidden for someone not logged in the API (in theory, for privacy) and always shows on dev, so I guess there's a bug with how it's being handled when someone is logged (it should show but it doesn't).

On Sep 20, 2013, at 18:00, Abhishek Bhatnagar notifications@github.com wrote:

Recreate:

  1. Create a datapoint
  2. Fill out a comment
  3. Hit save
  4. Open the same datapoint
  5. Comment will be empty

Tested in local development environment and everything seems to work okay there. Were there any changes that went on prod that were not registered in the git repo?

Kenya SOC

— Reply to this email directly or view it on GitHubhttps://github.com/thesentinelproject/threatwiki_node/issues/99 .

abhishekbh commented 10 years ago

Cool, checking it out. Going to emulate prod env on dev.

Abhishek Bhatnagar

On Fri, Sep 20, 2013 at 4:04 PM, Jérôme Gagnon-Voyer < notifications@github.com> wrote:

Prod is the same as GitHub but comment field is hidden for someone not logged in the API (in theory, for privacy) and always shows on dev, so I guess there's a bug with how it's being handled when someone is logged (it should show but it doesn't).

On Sep 20, 2013, at 18:00, Abhishek Bhatnagar notifications@github.com wrote:

Recreate:

  1. Create a datapoint
  2. Fill out a comment
  3. Hit save
  4. Open the same datapoint
  5. Comment will be empty

Tested in local development environment and everything seems to work okay there. Were there any changes that went on prod that were not registered in the git repo?

Kenya SOC

— Reply to this email directly or view it on GitHubhttps://github.com/thesentinelproject/threatwiki_node/issues/99 .

— Reply to this email directly or view it on GitHubhttps://github.com/thesentinelproject/threatwiki_node/issues/99#issuecomment-24847245 .

abhishekbh commented 10 years ago

Interesting. We're not loading up the middleware wile accessing any component of the API. Hence everyauth is not being loaded for the API at all.

The condition on adding on comment requires session.loggedIn to be true, but this is only set in everyauth.

So basically, every check of if (req.session.auth.loggedIn) in the API is failing.

This is causing minor bits of trouble like the issue above.

Working on a fix, though this is a long term API Authentication issue. In the short run, we can pass in the everyauth object manually into the API and have the user session validated via that.

I'm going to explore the long term fix first, if that doesn't work, will just do the latter. Open to suggestions of course.

Abhishek Bhatnagar

On Fri, Sep 20, 2013 at 4:06 PM, Abhishek Bhatnagar abhishekbh@gmail.comwrote:

Cool, checking it out. Going to emulate prod env on dev.

Abhishek Bhatnagar

On Fri, Sep 20, 2013 at 4:04 PM, Jérôme Gagnon-Voyer < notifications@github.com> wrote:

Prod is the same as GitHub but comment field is hidden for someone not logged in the API (in theory, for privacy) and always shows on dev, so I guess there's a bug with how it's being handled when someone is logged (it should show but it doesn't).

On Sep 20, 2013, at 18:00, Abhishek Bhatnagar notifications@github.com wrote:

Recreate:

  1. Create a datapoint
  2. Fill out a comment
  3. Hit save
  4. Open the same datapoint
  5. Comment will be empty

Tested in local development environment and everything seems to work okay there. Were there any changes that went on prod that were not registered in the git repo?

Kenya SOC

— Reply to this email directly or view it on GitHubhttps://github.com/thesentinelproject/threatwiki_node/issues/99 .

— Reply to this email directly or view it on GitHubhttps://github.com/thesentinelproject/threatwiki_node/issues/99#issuecomment-24847245 .

jeromegv commented 10 years ago

Are you sure it's always falling? The routes are also using the same calls, that's what makes the difference between the public visualization and the private ones (ie: Kenya only accessible when logged in.) this part works as far as I know

On Sep 20, 2013, at 19:59, Abhishek Bhatnagar notifications@github.com wrote:

Interesting. We're not loading up the middleware wile accessing any component of the API. Hence everyauth is not being loaded for the API at all.

The condition on adding on comment requires session.loggedIn to be true, but this is only set in everyauth.

So basically, every check of if (req.session.auth.loggedIn) in the API is failing.

This is causing minor bits of trouble like the issue above.

Working on a fix, though this is a long term API Authentication issue. In the short run, we can pass in the everyauth object manually into the API and have the user session validated via that.

I'm going to explore the long term fix first, if that doesn't work, will just do the latter. Open to suggestions of course.

Abhishek Bhatnagar

On Fri, Sep 20, 2013 at 4:06 PM, Abhishek Bhatnagar abhishekbh@gmail.comwrote:

Cool, checking it out. Going to emulate prod env on dev.

Abhishek Bhatnagar

On Fri, Sep 20, 2013 at 4:04 PM, Jérôme Gagnon-Voyer < notifications@github.com> wrote:

Prod is the same as GitHub but comment field is hidden for someone not logged in the API (in theory, for privacy) and always shows on dev, so I guess there's a bug with how it's being handled when someone is logged (it should show but it doesn't).

On Sep 20, 2013, at 18:00, Abhishek Bhatnagar notifications@github.com wrote:

Recreate:

  1. Create a datapoint
  2. Fill out a comment
  3. Hit save
  4. Open the same datapoint
  5. Comment will be empty

Tested in local development environment and everything seems to work okay there. Were there any changes that went on prod that were not registered in the git repo?

Kenya SOC

— Reply to this email directly or view it on GitHubhttps://github.com/thesentinelproject/threatwiki_node/issues/99 .

— Reply to this email directly or view it on GitHub< https://github.com/thesentinelproject/threatwiki_node/issues/99#issuecomment-24847245>

.

— Reply to this email directly or view it on GitHubhttps://github.com/thesentinelproject/threatwiki_node/issues/99#issuecomment-24852786 .

abhishekbh commented 10 years ago

Well it doesn't seem like that the object 'req.session' exists in any of the api calls. The reason is that the api routes are loaded different from the 'route' routes. The latter goes through middleware. (lines 121 - 134 herehttps://github.com/thesentinelproject/threatwiki_node/blob/master/app.js )

However, since we are sending in the app object to the api, we should still be able to find the user's login? It would exist as a child of the app object somewhere.

I might be wrong, but that's how things seem code wise?

Abhishek Bhatnagar

On Fri, Sep 20, 2013 at 6:05 PM, Jérôme Gagnon-Voyer < notifications@github.com> wrote:

Are you sure it's always falling? The routes are also using the same calls, that's what makes the difference between the public visualization and the private ones (ie: Kenya only accessible when logged in.) this part works as far as I know

On Sep 20, 2013, at 19:59, Abhishek Bhatnagar notifications@github.com wrote:

Interesting. We're not loading up the middleware wile accessing any component of the API. Hence everyauth is not being loaded for the API at all.

The condition on adding on comment requires session.loggedIn to be true, but this is only set in everyauth.

So basically, every check of if (req.session.auth.loggedIn) in the API is failing.

This is causing minor bits of trouble like the issue above.

Working on a fix, though this is a long term API Authentication issue. In the short run, we can pass in the everyauth object manually into the API and have the user session validated via that.

I'm going to explore the long term fix first, if that doesn't work, will just do the latter. Open to suggestions of course.

Abhishek Bhatnagar

On Fri, Sep 20, 2013 at 4:06 PM, Abhishek Bhatnagar abhishekbh@gmail.comwrote:

Cool, checking it out. Going to emulate prod env on dev.

Abhishek Bhatnagar

On Fri, Sep 20, 2013 at 4:04 PM, Jérôme Gagnon-Voyer < notifications@github.com> wrote:

Prod is the same as GitHub but comment field is hidden for someone not logged in the API (in theory, for privacy) and always shows on dev, so I guess there's a bug with how it's being handled when someone is logged (it should show but it doesn't).

On Sep 20, 2013, at 18:00, Abhishek Bhatnagar notifications@github.com

wrote:

Recreate:

  1. Create a datapoint
  2. Fill out a comment
  3. Hit save
  4. Open the same datapoint
  5. Comment will be empty

Tested in local development environment and everything seems to work okay there. Were there any changes that went on prod that were not registered in the git repo?

Kenya SOC

— Reply to this email directly or view it on GitHubhttps://github.com/thesentinelproject/threatwiki_node/issues/99

.

— Reply to this email directly or view it on GitHub<

https://github.com/thesentinelproject/threatwiki_node/issues/99#issuecomment-24847245>

.

— Reply to this email directly or view it on GitHub< https://github.com/thesentinelproject/threatwiki_node/issues/99#issuecomment-24852786>

.

— Reply to this email directly or view it on GitHubhttps://github.com/thesentinelproject/threatwiki_node/issues/99#issuecomment-24853229 .

jeromegv commented 10 years ago

I don't know since I'm just answering on mobile and don't see the code (I would need some time to get back into it). As long as you're confident that it's the issue, everyauth has quite lots of doc so it can help you implement changes.

On Sep 20, 2013, at 20:40, Abhishek Bhatnagar notifications@github.com wrote:

Well it doesn't seem like that the object 'req.session' exists in any of the api calls. The reason is that the api routes are loaded different from the 'route' routes. The latter goes through middleware. (lines 121 - 134 here< https://github.com/thesentinelproject/threatwiki_node/blob/master/app.js> )

However, since we are sending in the app object to the api, we should still be able to find the user's login? It would exist as a child of the app object somewhere.

I might be wrong, but that's how things seem code wise?

Abhishek Bhatnagar

On Fri, Sep 20, 2013 at 6:05 PM, Jérôme Gagnon-Voyer < notifications@github.com> wrote:

Are you sure it's always falling? The routes are also using the same calls, that's what makes the difference between the public visualization and the private ones (ie: Kenya only accessible when logged in.) this part works as far as I know

On Sep 20, 2013, at 19:59, Abhishek Bhatnagar notifications@github.com wrote:

Interesting. We're not loading up the middleware wile accessing any component of the API. Hence everyauth is not being loaded for the API at all.

The condition on adding on comment requires session.loggedIn to be true, but this is only set in everyauth.

So basically, every check of if (req.session.auth.loggedIn) in the API is failing.

This is causing minor bits of trouble like the issue above.

Working on a fix, though this is a long term API Authentication issue. In the short run, we can pass in the everyauth object manually into the API and have the user session validated via that.

I'm going to explore the long term fix first, if that doesn't work, will just do the latter. Open to suggestions of course.

Abhishek Bhatnagar

On Fri, Sep 20, 2013 at 4:06 PM, Abhishek Bhatnagar abhishekbh@gmail.comwrote:

Cool, checking it out. Going to emulate prod env on dev.

Abhishek Bhatnagar

On Fri, Sep 20, 2013 at 4:04 PM, Jérôme Gagnon-Voyer < notifications@github.com> wrote:

Prod is the same as GitHub but comment field is hidden for someone not logged in the API (in theory, for privacy) and always shows on dev, so I guess there's a bug with how it's being handled when someone is logged (it should show but it doesn't).

On Sep 20, 2013, at 18:00, Abhishek Bhatnagar notifications@github.com

wrote:

Recreate:

  1. Create a datapoint
  2. Fill out a comment
  3. Hit save
  4. Open the same datapoint
  5. Comment will be empty

Tested in local development environment and everything seems to work okay there. Were there any changes that went on prod that were not registered in the git repo?

Kenya SOC

— Reply to this email directly or view it on GitHubhttps://github.com/thesentinelproject/threatwiki_node/issues/99

.

— Reply to this email directly or view it on GitHub<

https://github.com/thesentinelproject/threatwiki_node/issues/99#issuecomment-24847245>

.

— Reply to this email directly or view it on GitHub<

https://github.com/thesentinelproject/threatwiki_node/issues/99#issuecomment-24852786>

.

— Reply to this email directly or view it on GitHub< https://github.com/thesentinelproject/threatwiki_node/issues/99#issuecomment-24853229>

.

— Reply to this email directly or view it on GitHubhttps://github.com/thesentinelproject/threatwiki_node/issues/99#issuecomment-24853804 .