feat(bigquery): WIP add samples for access policies #3975
Conversation
- Configure main app.js entry point - Configure viewDatasetAccessPolicy.js file
- Add viewTableOrViewAccessPolicy to the app.js entry point - Configure viewTableOrViewAccessPolicy.js file
|
Here is the summary of changes. You are about to add 2 region tags.
This comment is generated by snippet-bot.
|
product-auto-label
bot
added
api: bigquery
…ataset-access-policy
…ix linting errors
…eOrViewAccess.test.js
…ataset-access-policy
hivanalejandro
changed the title
hivanalejandro
changed the title
| /** | ||
| * View access policies for a BigQuery dataset | ||
| * | ||
| * @param {object} [overrideValues] Optional parameters to override defaults |
There was a problem hiding this comment.
David Cavazos advised in this Python PR Review against Overriding parameters as it may be confusing. Having these things commented out as TODOs and passing them as arguments to the function.
For an example see:
nodejs-docs-samples/compute/createInstance.js
Lines 35 to 52 in 102eaed
| const [metadata] = await dataset.getMetadata(); | ||
|
|
||
| // Shows the Access policy as a list of access entries | ||
| console.log("Access entries:", metadata.access); |
There was a problem hiding this comment.
Based on the conversation with iennae and this Python PR Review it's better to only show one way, not the 'pretty output', and also how to access each parameter.
I have refactored it here, I think it's cleaner:
https://github.com/GoogleCloudPlatform/python-docs-samples/blob/72c9bbc6fea691022105d14b4f152ea4e029c2c7/bigquery/cloud-client/view_dataset_access_policy.py#L38-L43
| sinon.stub(BigQuery.prototype, "dataset").callsFake(bigQueryStub.dataset); | ||
|
|
||
| // Spy on console.log | ||
| consoleLogSpy = sinon.spy(console, "log"); |
There was a problem hiding this comment.
Based on this Python PR Review
Please don't check stdout/stderr directly. This was a very early approach but it's very error prone and results in (Python) flaky tests. If there's something you want to check from the sample, return it from the sample function and check the value here directly.
You may use this pattern instead?
nodejs-docs-samples/compute/test/createInstanceTemplates.test.js
Lines 86 to 89 in 102eaed
| await viewDatasetAccessPolicy({ datasetId }); | ||
|
|
||
| // Verify BigQuery client was called correctly | ||
| assert.ok(consoleLogSpy.calledWith("Access entries:", [sampleAccessEntry])); |
There was a problem hiding this comment.
See my previous comment about checking stdout/stederr
bigquery/cloud-client/app.js
Outdated
|
|
||
| async function main() { | ||
| try { | ||
| const projectId = process.env.GOOGLE_CLOUD_PROJECT; |
There was a problem hiding this comment.
For Python I found that the previous developer was using the client project, instead of this environment variable, as we do for other samples.
As the tests are still passing, I left the client.project instead.
| members: ['user:[email protected]'], | ||
| }, | ||
| ], | ||
| etag: 'CAE=', |
There was a problem hiding this comment.
I haven't seen this etag before, where does it come from?
For instance I know that "ACAB" is a default empty policy (view_table_or_view_access_policy_test.py#L21)
| assert.ok(bigQueryStub.dataset().table.calledWith(params.resourceName)); | ||
|
|
||
| assert.ok( | ||
| consoleLogSpy.calledWith( |
There was a problem hiding this comment.
I don't know if spying on the console is the best practice for tests on Node.
Otherwise, It could be done on the returned object.
| /** | ||
| * View access policies for a BigQuery dataset | ||
| * | ||
| * @param {object} [overrideValues] Optional parameters to override defaults |
There was a problem hiding this comment.
Same comment as for previous samples on object vs Object.
| // Get properties for an AccessEntry | ||
| if (metadata.access && metadata.access.length > 0) { | ||
| console.log(`Details for Access entry 0 in dataset '${datasetId}':`); | ||
| console.log(`Role: ${metadata.access[0].role || 'N/A'}`); |
There was a problem hiding this comment.
Is N/A a good practice for JS? 'undefined' or blank could be more natural for the developer?
| await viewDatasetAccessPolicy({datasetId}); | ||
|
|
||
| // Verify BigQuery client was called correctly | ||
| assert.ok(bigQueryStub.dataset.calledWith(datasetId)); |
There was a problem hiding this comment.
Are these tests run on the API or are they mocked?
There was a problem hiding this comment.
tests are mocked
Description
Add sample for viewing access policy to dataset
Step of Internal: b/394478489
Checklist
npm test(see Testing)npm run lint(see Style)