Question about data persistence in Dataverse
30 views
Skip to first unread message
Frédéric Maguin
Mar 22, 2021, 10:24:50 AM3/22/21
to Dataverse Dev
Hello Dataverse developpers,
I have a "small" question regarding data persistence in Dataverse.
Some context first. For one of our project, we are using Dataverse 5.3 with ORCID authentication. During our tests, we came across the issue https://github.com/IQSS/dataverse/issues/4356
Not a big problem technically. When a user is deleted, the token created in the table oauth2tokendata is not deleted before, raising an error on the constraint fk_oauth2tokendata_user_id.
We could live with it but, planning to go into production, we would prefer to delete users right from the API in case we would have to.
In order to fix it, I've started my journey in the source code of Dataverse and the pointers related to development for the project.
I managed to write a first fix, successfully working in our test environment but I still have a question before proposing the solution.
The fix would be in edu.harvard.iq.dataverse.authorization.AuthenticationServiceBean.removeAuthentictedUserItems() where entries related to a user in other tables like userbannermessage and fileaccessrequests are deleted.
This method is called from edu.harvard.iq.dataverse.api.Admin.deleteAuthenticatedUser() where the exception is actually raised.
The methods in removeAuthentictedUserItems() called to delete the entries are using SQL queries (eg. deletePendingAccessRequests()). But I noticed the exception raised is coming from EclipseLink. And the ORM is used in edu.harvard.iq.dataverse.authorization.AuthenticationServiceBean.deleteAuthenticatedUser(), the service called from the API. I also notice a CRUD class OAuth2TokenDataServiceBean is available for mapping this table but does not implement a delete method.
So, finally :), should I rather being using the ORM for persistence in that case or is it ok to follow what has been done in removeAuthentictedUserItems() with SQL queries ?
Thank you for your feedback.
Frédéric
I have a "small" question regarding data persistence in Dataverse.
Some context first. For one of our project, we are using Dataverse 5.3 with ORCID authentication. During our tests, we came across the issue https://github.com/IQSS/dataverse/issues/4356
Not a big problem technically. When a user is deleted, the token created in the table oauth2tokendata is not deleted before, raising an error on the constraint fk_oauth2tokendata_user_id.
We could live with it but, planning to go into production, we would prefer to delete users right from the API in case we would have to.
In order to fix it, I've started my journey in the source code of Dataverse and the pointers related to development for the project.
I managed to write a first fix, successfully working in our test environment but I still have a question before proposing the solution.
The fix would be in edu.harvard.iq.dataverse.authorization.AuthenticationServiceBean.removeAuthentictedUserItems() where entries related to a user in other tables like userbannermessage and fileaccessrequests are deleted.
This method is called from edu.harvard.iq.dataverse.api.Admin.deleteAuthenticatedUser() where the exception is actually raised.
The methods in removeAuthentictedUserItems() called to delete the entries are using SQL queries (eg. deletePendingAccessRequests()). But I noticed the exception raised is coming from EclipseLink. And the ORM is used in edu.harvard.iq.dataverse.authorization.AuthenticationServiceBean.deleteAuthenticatedUser(), the service called from the API. I also notice a CRUD class OAuth2TokenDataServiceBean is available for mapping this table but does not implement a delete method.
So, finally :), should I rather being using the ORM for persistence in that case or is it ok to follow what has been done in removeAuthentictedUserItems() with SQL queries ?
Thank you for your feedback.
Frédéric
Philip Durbin
Mar 22, 2021, 10:44:56 AM3/22/21
to datave...@googlegroups.com
Hi Frédéric,
First, thanks for jumping into the code! That issue #4356 should be fixed by https://github.com/IQSS/dataverse/pull/7629 (currently in review) and I just linked them together so that merging the pull request will close the issue. At first I used a native query to remove the OAuth data but then switched to a cascade (all in the same pull request). You can see the change from one to the other here: https://github.com/IQSS/dataverse/commit/8afbf5e
I hope this helps. If there are other issues you're thinking about working on, please let us know and we'll be happy to guide you.
Thanks,
Phil
--
You received this message because you are subscribed to the Google Groups "Dataverse Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dataverse-de...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dataverse-dev/d38ed1b8-513f-4087-bada-f360e88b2576n%40googlegroups.com.
--
Philip Durbin
Software Developer for http://dataverse.org
http://www.iq.harvard.edu/people/philip-durbin
Software Developer for http://dataverse.org
http://www.iq.harvard.edu/people/philip-durbin
Frédéric Maguin
Mar 22, 2021, 11:09:00 AM3/22/21
to Dataverse Dev
Hello Phil,
Thank you for the super fast answer and for the pointer to the pull request. Will have a look at it in order to see more how Dataverse works.
Sure, I will follow the group as we are more and more using Dataverse on our side.
Best,
Frédéric
Thank you for the super fast answer and for the pointer to the pull request. Will have a look at it in order to see more how Dataverse works.
Sure, I will follow the group as we are more and more using Dataverse on our side.
Best,
Frédéric
Reply all
Reply to author
Forward
0 new messages