We're updating the issue view to help you get more done. 

User token sometimes does not have expected agent ACL

Description

Given I am a user
Given I have an agent associated
Given wazo-auth service token has expired
When I create a token for myself
Then I don't have the `agentd` ACLs

Expected: I have the `agentd` ACLs

Technical details:

  • wazo-auth has bound database session with HTTP session

  • wazo-auth does not use HTTP session to create its own token

  • when wazo-auth tries to renew its own token, it does it within the first POST HTTP session and does not commit before the end of the first HTTP session

Solutions:

  • Add /users/me/… endpoints in wazo-agentd and remove fetching data from wazo-auth to wazo-confd, so that wazo-auth does not need a token

  • Commit the new token before actually using it

  • Use free-form metadata on users, so that tokens ACL templates can be filled with other arbitrary data, without having a predefined list fetched in wazo-confd.

Environment

None

Assignee

Pascal Cadotte

Reporter

Sébastien Duthil

Approvers

François Blackburn

Pair

None

Sprint

None

Fix versions

Priority

Medium
Configure