Conversation
zebot
added
the
ok-to-test
fisx
force-pushed
the
WPB-0000-consolidate-brig_galley-api-access-effects-from-spar-into-wire-subsystems
branch
3 times, most recently
from
ec57f74 to
2368e57
Compare
There was a problem hiding this comment.
Pull request overview
This PR consolidates Spar’s Brig/Galley API access effects by migrating the effect definitions + RPC interpreters into wire-subsystems, and updates Spar to use Wire.BrigAPIAccess / Wire.GalleyAPIAccess throughout.
Changes:
- Removed Spar-local
Spar.Sem.BrigAccess/Spar.Sem.GalleyAccess(and their HTTP interpreters) and switched Spar to thewire-subsystemsequivalents. - Added/extended
Wire.BrigAPIAccessandWire.GalleyAPIAccesswith SCIM/SAML- and team-member-related operations, plus RPC implementations. - Updated Spar unit + integration tests, and adjusted build files (
.cabal,default.nix) and changelog.
Reviewed changes
Copilot reviewed 30 out of 30 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| services/spar/test/Test/Spar/Scim/UserSpec.hs | Updates unit tests to use BrigAPIAccess mock instead of Spar.Sem.BrigAccess. |
| services/spar/test/Test/Spar/Saml/IdPSpec.hs | Switches mocks to BrigAPIAccess/GalleyAPIAccess; enables required feature config mock defaults. |
| services/spar/test-integration/Util/Core.hs | Moves getAccount import to Wire.BrigAPIAccess. |
| services/spar/test-integration/Test/Spar/Scim/UserSpec.hs | Updates integration tests to call Wire.BrigAPIAccess functions. |
| services/spar/test-integration/Test/Spar/Intra/BrigSpec.hs | Adjusts delete-user test to match new deleteUser return type/behavior. |
| services/spar/test-integration/Test/Spar/APISpec.hs | Updates integration test calls from old Brig effect to Wire.BrigAPIAccess. |
| services/spar/src/Spar/Sem/Utils.hs | Removes obsolete HTTP runner utilities after migrating to RPC interpreters in wire-subsystems. |
| services/spar/src/Spar/Sem/GalleyAccess/Http.hs | Deletes Spar-local Galley HTTP interpreter (migrated to wire-subsystems). |
| services/spar/src/Spar/Sem/GalleyAccess.hs | Deletes Spar-local Galley effect (migrated to wire-subsystems). |
| services/spar/src/Spar/Sem/BrigAccess/Http.hs | Deletes Spar-local Brig HTTP interpreter (migrated to wire-subsystems). |
| services/spar/src/Spar/Sem/BrigAccess.hs | Deletes Spar-local Brig effect (migrated to wire-subsystems). |
| services/spar/src/Spar/Scim/User.hs | Rewires SCIM user logic to use Wire.BrigAPIAccess / Wire.GalleyAPIAccess. |
| services/spar/src/Spar/Scim/Auth.hs | Switches SCIM token/auth logic to new access effects + BrigApp helpers. |
| services/spar/src/Spar/Scim.hs | Updates SCIM API effect constraints to BrigAPIAccess/GalleyAPIAccess. |
| services/spar/src/Spar/Intra/Galley.hs | Removes Spar-local Galley client module (now handled via wire-subsystems RPC). |
| services/spar/src/Spar/Intra/BrigApp.hs | Adds Spar-specific helpers (ensureReAuthorised, permission checks, SSO enabled check) using wire-subsystems effects. |
| services/spar/src/Spar/Intra/Brig.hs | Removes Spar-local Brig client module (now handled via wire-subsystems RPC). |
| services/spar/src/Spar/CanonicalInterpreter.hs | Updates canonical interpreter stack to interpret BrigAPIAccess/GalleyAPIAccess via wire-subsystems RPC. |
| services/spar/src/Spar/App.hs | Updates core Spar logic to depend on BrigAPIAccess/GalleyAPIAccess. |
| services/spar/src/Spar/API.hs | Updates API handlers to use BrigAPIAccess/GalleyAPIAccess and BrigApp helper functions. |
| services/spar/spar.cabal | Removes Spar-local modules and adds needed deps for updated tests (data-default). |
| services/spar/default.nix | Adds data-default dependency for Spar tests/build. |
| libs/wire-subsystems/wire-subsystems.cabal | Adds cookie dependency (needed by Brig RPC SSO cookie parsing). |
| libs/wire-subsystems/test/unit/Wire/MockInterpreters/GalleyAPIAccess.hs | Extends mock interpreter to acknowledge new Galley operations. |
| libs/wire-subsystems/src/Wire/GalleyAPIAccess/Rpc.hs | Implements RPC handlers for UpdateTeamMember and IsEmailValidationEnabledTeam. |
| libs/wire-subsystems/src/Wire/GalleyAPIAccess.hs | Adds new Galley effect constructors for team-member update and email-validation feature check. |
| libs/wire-subsystems/src/Wire/BrigAPIAccess/Rpc.hs | Adds RPC implementations for SCIM/SAML-related Brig operations migrated from Spar. |
| libs/wire-subsystems/src/Wire/BrigAPIAccess.hs | Extends Brig effect with SCIM/SAML user-management operations migrated from Spar. |
| libs/wire-subsystems/default.nix | Adds cookie dependency for wire-subsystems build. |
| changelog.d/5-internal/WPB-0000-consolidate-brig_galley-api-access-effects-from-spar-into-wire-subsystems | Adds changelog entry for the consolidation. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
fisx
changed the title
fisx
force-pushed
the
WPB-0000-consolidate-brig_galley-api-access-effects-from-spar-into-wire-subsystems
branch
2 times, most recently
from
9bb61f3 to
198c84d
Compare
battermann
left a comment
battermann
left a comment
There was a problem hiding this comment.
There is at least one place where error handling is different from before. E.g. cases of 4xx now lead to 500, which is a contract change, and therefore a breaking API change. We should carefully check this for each endpoint. I think this mostly applies to where there was a rethrow before.
fisx
force-pushed
the
WPB-0000-consolidate-brig_galley-api-access-effects-from-spar-into-wire-subsystems
branch
from
198c84d to
9e4cb9d
Compare
battermann
left a comment
battermann
left a comment
There was a problem hiding this comment.
There are still places where we return generic 500 instead of forwarding 4xx errors. I commented on some, but I haven't checked all endpoints.
fisx
force-pushed
the
WPB-0000-consolidate-brig_galley-api-access-effects-from-spar-into-wire-subsystems
branch
from
074fdb6 to
3e19572
Compare
| if statusCode resp == 200 | ||
| then Just <$> parseResponse @TeamMember "galley" resp | ||
| else | ||
| if statusCode resp == 404 | ||
| then pure Nothing | ||
| else rethrow "galley" resp |
There was a problem hiding this comment.
This was replaced by the GalleyAPIAccess operation which already existed before.
However the GalleyAPIAccess operation behaves slightly different: if status is 200 it parses the response and returns Nothing in any other case. But here, Nothing is only returned if status is 404 otherwise the error/status is re-thrown. so other 4xx errors are no longer fowarded.
There was a problem hiding this comment.
this is so confusing!
But I think this is fine...? Wire.GalleyAPIAccess.getTeamMember does not rethrow, but it throws (see last line). So I would argue this is close enough. Keeping the weird shape of two semnatically equivalent internal errors does not justify making GalleyAPIAcess more complicated by adding another method, or adding a parameter to the existing one.
let me know if you disagree.
There was a problem hiding this comment.
I don't know. The function where this was replaced is called by many API handlers. The difference really is that non 2xx/404 errors like 403, 409, 429, etc. that come from galley are no longer forwarded to the client/caller, but instead these clients will see a generic 500 error. Since this is a SCIM API, I don't know if this makes a difference for SCIM clients e.g.? It would also be good to preserve the old behavior for better diagnostics.
| method GET | ||
| . paths ["i", "teams", toByteString' tid, "features", "sso"] | ||
| unless (statusCode resp == 200) $ | ||
| rethrow "galley" resp |
There was a problem hiding this comment.
Same as above, the GalleyAPIAccess does not propagate 4xx
There was a problem hiding this comment.
same as above: getFeatureConfigForTeam has expect2xx hooked into the request.
fisx
force-pushed
the
WPB-0000-consolidate-brig_galley-api-access-effects-from-spar-into-wire-subsystems
branch
from
3e19572 to
ff15480
Compare
fisx
force-pushed
the
WPB-0000-consolidate-brig_galley-api-access-effects-from-spar-into-wire-subsystems
branch
from
ff15480 to
2c681b8
Compare
battermann
left a comment
battermann
left a comment
There was a problem hiding this comment.
I left a comment, please consider it before merging.
https://wearezeta.atlassian.net/browse/WPB-20053
Checklist
changelog.d