Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clarify that our only user role is "admin" and simplify code #13047

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Clarify that our only user role is "admin" and simplify code #13047

wants to merge 5 commits into from

Conversation

mkllnk
Copy link
Member

@mkllnk mkllnk commented Dec 18, 2024

What? Why?

Whenever I needed to make a user account admin in the console I had to type Spree::Role.find_by(name: "admin"). This was unnecessarily long, especially since we don't use any other roles. The database seeding was also adding the "user" role but we never use it. So here are a few steps to simplify this:

  • A new method Spree::Role.admin to access that role easily.
  • Removing the option of the user role from the UI so that people don't wonder what it's for.
  • Simplify code better prepared for getting rid of Spree::Role altogether

Shall we replace Spree::Role.admin with an admin flag on the user?

I would love to hear your thoughts around this. It would replace two database tables with one boolean column on spree_users. I'm sure it would have a positive effect on performance and simplify the code base further. And I think that I could do that in one or two hours.

What should we test?

Specs cover this quite well. We can't test the setup of a new instance. I tested db:reset and ofn:sample_data. So I would suggest a minimal check of the worst case scenario:

  • Sign up as new enterprise user.
  • Verify that you don't have super-admin access.
  • Make that user super-admin. Check.
  • Remove super-admin flag from the user. Check.

Release notes

Changelog Category (reviewers may add a label for the release notes):

  • User facing changes
  • API changes (V0, V1, DFC or Webhook)
  • Technical changes only
  • Feature toggled

The title of the pull request will be included in the release notes.

Dependencies

Documentation updates

@mkllnk
Use plain static value for spree_roles
fa82f80
@mkllnk
Remove unused user role from seeding
a529d95 
We only ever check for the admin role.
@mkllnk
Use only admin role, on demand
a7140d1 
We are now creating the role on demand which removes the need for
seeding it as well.
@mkllnk
Replace has_spree_role? with simpler admin?
54f83b4 
We have only one role, so let's get rid of the unneeded method.

Now we are in a better place to get rid of Spree::Role and replace it
with a simple boolean.
@mkllnk
Leverage Rails' caching when checking for admin
5db8cb4 
The privileges of a user should never change within a request
life cycle. The `spree_roles` association is very small, between 0 and 2
items are quickly searched in memory without the need of additional
database queries.

From memory, I've seen a lot of spree_roles queries in log files per
request. This should reduce it to one.
@mkllnk mkllnk added the user facing changes Thes pull requests affect the user experience label Dec 18, 2024
@mkllnk mkllnk self-assigned this Dec 18, 2024
@mkllnk mkllnk marked this pull request as ready for review December 18, 2024 23:39
dacook
dacook approved these changes Jan 2, 2025
View reviewed changes
Copy link
Member

@dacook dacook left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work, thanks for tidying this up! I've often wondered how much of the roles system we actually need, and you've demonstrated the answer: none!

I guess the reason we've never needed the roles system is because user permissions are based on their enterprise and enterprise permissions.

I can imagine perhaps one day we would want a lesser "admin" role (eg a customer support role that doesn't need to update instance config), but.. if we ever need that we can build it as needed.

Shall we replace Spree::Role.admin with an admin flag on the user?

So my answer is yes; you've already brought us halfway there 👍

app/models/spree/user.rb
@@ -60,7 +60,7 @@ def self.admin_created?

# Checks whether the specified user is a superadmin, with full control of the instance
def admin?
spree_roles.where(name: "admin").any?
spree_roles.any? { |role| role.name == "admin" }
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good solution. I would have simply reached for elvis (@admin ||= ), but this is no more queries, and ensures that if the roles are updated during a request, we get the up-to-date value.

rioug
rioug approved these changes Jan 5, 2025
View reviewed changes
Copy link
Collaborator

@rioug rioug left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice cleanup 🧹

Shall we replace Spree::Role.admin with an admin flag on the user?

Yes we should, there is no point keeping extra complexity just in the off chance we might need it later.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rioug rioug rioug approved these changes

@dacook dacook dacook approved these changes

Assignees

@mkllnk mkllnk

Labels
user facing changes Thes pull requests affect the user experience
Projects
OFN Delivery board
Status: Test Ready 🧪
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mkllnk @dacook @rioug