Uploaded image for project: 'RAML Module Builder'
  1. RAML Module Builder
  2. RMB-366

Anonymizing/Scrubbing Metadata (createdDate, createdByUserId)



    • CP: ready for planning, DevOps: Sprint 95
    • Core: Platform


      The current RMB implementation of metadata (createdDate, createdByUserId, updatedDate, updatedByUserId) resides in RestVerticle.java and the database triggers in metadata.ftl and has these capabilities:

      Removing createdByUserId works (requires an UPDATE command for both created_by and jsonb->'metadata'->>'createdByUserId' though).
      Removing updatedDate works.
      Removing updatedByUserId works.

      Removing only createdDate or removing both createdDate and createdByUserId doesn't work:
      On each subsequent update updatedDate and updateByUserId are written to createdDate and createdByUserId.

      In addition the metadata triggers are implemented in a complicated way using the two extra fields creation_date and created_by. These fields are not needed because the trigger automatically provides these values as OLD.createdDate and OLD.createdByUserId.

      Suggested solution:

      Rewrite the metadata triggers without the extra fields.
      Make createdDate an optional field (currently: required by metadata.schema).
      Allow to remove any of the 4 metadata fields.
      createdDate and createdByUserId remain unset on subsequent updates after they have been deleted.
      Explain how to anonymize/scrub the metadata fields in RMB's README.

      Open question:
      Currently anonymizing/scubbing metadata via the PUT endpoint does not work because RestVerticle overwrites the values.
      Do we want to allow the PUT endpoint to remove some metadata field by allowing a null value in any of the four fields to indicate that the field value should be removed? If yes, should this require special privileges ("metadata.delete")?

      TestRail: Results


          Issue Links



                Unassigned Unassigned
                julianladisch Julian Ladisch
                0 Vote for this issue
                4 Start watching this issue



                  TestRail: Runs

                    TestRail: Cases