Conversation
Signed-off-by: Lee Calcote <lee.calcote@layer5.io>
Summary of ChangesHello @leecalcote, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request establishes the foundational components for a robust role-based access control system. It defines the necessary data structures and API endpoints to manage roles for users, organizations, and teams, enabling granular permission management and integration with keychains. This feature significantly enhances the system's security and administrative capabilities. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces new schema definitions and Go models for roles. The changes are a good step forward, but there is a systematic issue in the new OpenAPI specification files (api.yml and role.yaml) that needs to be addressed. Currently, $ref is used with sibling properties, which is not compliant with the OpenAPI 3.0 specification. This causes the Go code generator (oapi-codegen) to produce duplicated, inlined structs instead of reusing defined types, which undermines the goal of schema reusability and makes the generated code harder to maintain. I've left comments with suggestions on how to fix this using the allOf keyword. After correcting the YAML files, please remember to regenerate the Go models to reflect these changes.
| - roles | ||
| properties: | ||
| page: | ||
| $ref: "../../v1alpha1/core/api.yml#/components/schemas/number" |
There was a problem hiding this comment.
In OpenAPI 3.0, a $ref cannot have sibling properties. This causes oapi-codegen to inline the schema instead of reusing the defined type, leading to code duplication and maintenance issues in the generated Go models. To fix this, you should wrap the $ref in an allOf block when you need to add other properties like x-order.
This issue is present in multiple places in this file (e.g., within RolesPage, RolesKeychainsMapping, UserRoleUpdateRequest, OrganizationWithUserRoles, TeamWithUserRoles). Please apply this allOf fix consistently throughout the file.
allOf:
- $ref: "../../v1alpha1/core/api.yml#/components/schemas/number"| - updated_at | ||
| properties: | ||
| id: | ||
| $ref: ../../v1alpha1/core/api.yml#/components/schemas/uuid |
There was a problem hiding this comment.
Similar to the issues in api.yml, using $ref with sibling properties is not compliant with OpenAPI 3.0. This will cause the code generator to inline the schema instead of reusing it. Please wrap the $ref in an allOf block. This change should be applied to all properties in this file that use $ref with siblings (id, created_at, updated_at, deleted_at).
allOf:
- $ref: ../../v1alpha1/core/api.yml#/components/schemas/uuidThere was a problem hiding this comment.
@copilot why is this not true for other schemas, like that of academy? - https://github.com/meshery/schemas/blob/schemas/role/schemas/constructs/v1beta1/academy/api.yml#L1427-L1428
|
@leecalcote I've opened a new pull request, #550, to work on those changes. Once the pull request is ready, I'll request review from you. |
- Introduced a new file `helpers.go` in the `models/v1beta1/role` package. - Implemented the `EventCategory` method to return the category as "role". - Added a `String` method for JSON representation of the `Role` struct. - Created `ValidateCreate` and `ValidateUpdate` methods for role validation, returning empty validation errors. Signed-off-by: Lee Calcote <lee.calcote@layer5.io>
|
@copilot Follow the naming convention in meshery/schemas README.md use camelCase for property names. |
Signed-off-by: Lee Calcote lee.calcote@layer5.io
The following Golang structs present in the remote provider
server/models/roles.goare missing in explicit definition in this PR:TeamMemberWithRoleUserWithRolePreferenceUsersPageTeamMembersPageUserIDRoleIDThe following helper functions present in the remote provider
server/models/roles.goare not included in this PR: