Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add new query getOrganizationsByEmailPaginated #172

Open
wants to merge 5 commits into
base: master
Choose a base branch
from

Conversation

vhaalmeida
Copy link
Contributor

What problem is this solving?

This new query will allow to retrieve the users' organizations paginated.
Currently when an user is associated to a big number of organizations is generating a timeout.

This PR should be merged only when this other one is merged: vtex-apps/storefront-permissions#157

How to test it?

Access https://timeoutsfp--jamalstore.myvtex.com/admin/graphql-ide
Run the query below in the b2b-organizations-graphql app

{
  getOrganizationsByEmailPaginated(
    email: "[email protected]",
    page: 1
    pageSize: 25
  ) {
    data {
      id
      clId
     	costId
      orgId
      organizationName
      costCenterName
    }
    pagination {
      page
      pageSize
      total
    }
  }
}

Workspace

Screenshots or example usage:

image

Describe alternatives you've considered, if any.

Related to / Depends on

vtex-apps/storefront-permissions#157

How does this PR make you feel? 🔗

Copy link

vtex-io-ci-cd bot commented Aug 29, 2024

Hi! I'm VTEX IO CI/CD Bot and I'll be helping you to publish your app! 🤖

Please select which version do you want to release:

  • Patch (backwards-compatible bug fixes)

  • Minor (backwards-compatible functionality)

  • Major (incompatible API changes)

And then you just need to merge your PR when you are ready! There is no need to create a release commit/tag.

  • No thanks, I would rather do it manually 😞

@vtex-io-docs-bot
Copy link

Beep boop 🤖

I noticed you didn't make any changes at the docs/ folder

  • There's nothing new to document 🤔
  • I'll do it later 😞

In order to keep track, I'll create an issue if you decide now is not a good time

  • I just updated 🎉🎉

Copy link

github-actions bot commented Aug 29, 2024

Messages
📖 ❤️ Thanks!
📖

🎉 PR additions = 160, PR deletions = 0

Generated by 🚫 dangerJS against 4818d99

Copy link
Contributor

@wender wender left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please run the Lint in the files changed to auto-fix the line-break issues?
If vtex setup don't install all dependencies, you need to run yarn in the root and node folder

@wender wender self-requested a review August 30, 2024 17:12
Copy link

Copy link
Contributor

@wender wender left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Copy link
Contributor

@enzomerca enzomerca left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A general comment: I would try to avoid using session data as much as possible in these new APIs as this would make it harder to use it in a headless scenario and in integrations where the system has no session token to provide on the call. (we can discuss offline if you have any concerns by removing the session token usage/verification)

@@ -40,6 +41,22 @@ export default class StorefrontPermissions extends AppGraphQLClient {
})
}

public getOrganizationsByEmailPaginated = async (
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need this function here and on the storefront-permissions app? (PR)

Can't we query Master Data directly from this app and avoid additional call to another app?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@enzomerca I'm following the same approach of the getOrganizationsByEmail query

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, but we are removing the cyclic dependencies, and this is one of them, and thinking about the domain and context, the storefront shouldn't know about the organization.


if (
(!adminUserAuthToken &&
!checkUserPermission?.permissions.includes('add-sales-users-all')) ||
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why are we checking if the user has add-sales-users-all permission if this is just a getOrganizationsByEmail query?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @enzomerca
Is the same approach of the getOrganizationsByEmail query. If I'm not mistaken this is for the case of a query run through the webstore where there's no admin auth cookie.

return null
})

if (checkUserPermission?.permissions.includes('add-users-organization')) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why are we checking if the user has add-users-organization permission if this is just a getOrganizationsByEmail query?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @enzomerca
Is the same approach of the getOrganizationsByEmail query. If I'm not mistaken this is for the case of a query run through the webstore where there's no admin auth cookie.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why don't you remove it to test? It appears to be a bug or old mistake.

Comment on lines +299 to +307
const orgId =
sessionData?.namespaces?.['storefront-permissions']?.organization
?.value

if (!orgId) {
throw new Error('No permission for getting the organizations')
}

organizationFilters.push(orgId)
Copy link
Contributor

@enzomerca enzomerca Sep 4, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

session will have just one org id, the current logged org, right? and below we are filtering the result to return only the orgs added to organizationsFilters, so the getOrganizationsByEmail would not return all the organizations for the given email in this case, right? (which would not make much sense as this is called getOrganizationsByEmail)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @enzomerca
Is the same approach of the getOrganizationsByEmail query. This is the case for the request from the storefront where there's no admin auth cookie.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@vhaalmeida We would like to avoid old mistakes, and we have a lot of tasks to improve the source code and the B2B suite app implementations. So our advice is to adjust the rules to test.

Comment on lines +310 to +314
if (!(email?.length > 0)) {
email = sessionData?.namespaces?.profile?.email?.value
fromSession = true
}
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the function is named getOrganizationsByEmail but we are allowing the user to not provide an email and get the email from the session. Who ever is going to call this API can do that on their side, right?

I prefer to remove this, make the email a required field and simplify the code.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @enzomerca
Is the same approach of the getOrganizationsByEmail query.

@@ -40,6 +41,22 @@ export default class StorefrontPermissions extends AppGraphQLClient {
})
}

public getOrganizationsByEmailPaginated = async (
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, but we are removing the cyclic dependencies, and this is one of them, and thinking about the domain and context, the storefront shouldn't know about the organization.

return null
})

if (checkUserPermission?.permissions.includes('add-users-organization')) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why don't you remove it to test? It appears to be a bug or old mistake.

Comment on lines +299 to +307
const orgId =
sessionData?.namespaces?.['storefront-permissions']?.organization
?.value

if (!orgId) {
throw new Error('No permission for getting the organizations')
}

organizationFilters.push(orgId)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@vhaalmeida We would like to avoid old mistakes, and we have a lot of tasks to improve the source code and the B2B suite app implementations. So our advice is to adjust the rules to test.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants