ROX-18155: pg generic store: Exists

[janisz]

Description

A detailed explanation of the changes in your PR.

Feel free to remove this section if it is overkill for your PR, and the title of your PR is sufficiently descriptive.

Checklist

• Investigated and inspected CI test results
• Unit test and regression tests added
• Evaluated and added CHANGELOG entry if required
• Determined and documented upgrade steps
• Documented user facing changes (create PR based on openshift/openshift-docs and merge into rhacs-docs)

If any of these don't apply, please comment below.

Testing Performed

TODO(replace-me)
Use this space to explain how you tested your PR, or, if you didn't test it, why
you did not do so. Valid reasons include, for example, "CI is sufficient",
"No testable changes". Feel free to attach JSON snippets, curl commands,
screenshots.

In addition to reviewing your code, reviewers must also review your testing
instructions and make sure they are sufficient.

[janisz]

Current dependencies on/for this PR:

• master
  • PR ROX-18155: pg generic store: Exists #6766 👈
    • PR ROX-18155: pg generic store: Count #6767
      • PR ROX-18155: pg generic store: Walk #6768
        • PR ROX-18155: pg generic store: GetAll #6769
          • PR ROX-18155: pg generic store: Get #6770
            • PR ROX-18155: pg generic store: GetByQuery #6771
              • PR ROX-18155: pg generic store: GetIDs #6772
                • PR ROX-18155: pg generic store: GetMany #6773
                  • PR ROX-18155: pg generic store: DeleteByQuery #6774
                  • PR ROX-18155: pg generic store: Delete #6775
                  • PR ROX-18155: pg generic store: DeleteMany #6776
                  • PR ROX-18155: pg generic store: regions #6777
                  • PR ROX-18155: pg generic store: cleanup #6778
                  • PR refactor(pg): remove blank lines #6881
                  • PR ROX-18155: pg generic store: Upsert #6882
                  • PR WIP: chore(deps): upgrade pgx to v5 #6915
                  • PR chore(deps): upgrade pgx to v5 #6916
                  • PR refactor(pg): preallocate memory when copy #6894
                  • PR ROX-18391: cleanup permission checker #6907

This comment was auto-generated by Graphite.

[roxbot]

Images are ready for the commit at 6bddaf3.

To use with deploy scripts, first export MAIN_IMAGE_TAG=4.1.x-286-g6bddaf35c4.

[rhybrillou]

In the case the permission checker denies access to the object, I think a behaviour change is introduced that leaks information about the user allowed scope. I'd rather stick to the old behaviour.

[rhybrillou]

super-nit: field order -> move targetResource and permissionChecker to the end of the list (makes it easier to compare with NewGenericStore and NewGenericStoreWithPermissionChecker)

[rhybrillou]

This changes the behaviour compared to the generated code.
I'd stick to the previous behaviour that returns false, nil, as if the item did not exist, rather than an error that already tells that the item exists. I think from a security point of view, the new behaviour is a data leak.

[janisz]

/retest

[0x656b694d]

Suggested change

	if ok, err := s.permissionChecker.ExistsAllowed(ctx); err != nil {
	return false, err
	} else if !ok {
	return false, nil
	}
	return s.permissionChecker.ExistsAllowed(ctx)

[janisz]

we cannot do that as this does not handle true correctly.

[openshift-ci]

@janisz: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/ocp-4-10-qa-e2e-tests	6bddaf3	link	false	/test ocp-4-10-qa-e2e-tests

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[janisz]

@janisz started a stack merge that includes this pull request via Graphite.

[janisz]

@janisz merged this pull request with Graphite.