Skip to content

[SYNPY-1244] Clarify docstrings with delete_permissions function and recursive behavior #1202

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
May 14, 2025
Merged

[SYNPY-1244] Clarify docstrings with delete_permissions function and recursive behavior #1202

merged 3 commits into from
May 14, 2025

Conversation

BryanFauble
Copy link
Member

Problem:

  • The docstring for the recursive flag implied incorrect behavior of the function when used in conjunction with include_container_content

Solution:

  • Update docstring and examples to clarify behavior
  • Raise a ValueError exception when falling into a situation that will cause no actions to be taken

Testing:

  • Verified updated behavior and unit test

@BryanFauble
Refactor delete_permissions logic to enforce include_container_conten…
827f8d6 
…t with recursive flag and update unit tests for validation
@BryanFauble
reorder args
65c4827
@BryanFauble BryanFauble requested a review from GiaJordan May 14, 2025 18:59
@BryanFauble BryanFauble requested a review from a team as a code owner May 14, 2025 18:59
@SageGJ SageGJ requested review from SageGJ and removed request for GiaJordan May 14, 2025 19:36
SageGJ
SageGJ reviewed May 14, 2025
View reviewed changes
synapseclient/models/mixins/access_control.py
Comment on lines +344 to +349
if recursive and not include_container_content:
raise ValueError(
"When recursive=True, include_container_content must also be True. "
"Setting recursive=True with include_container_content=False has no effect."
)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a consideration from a ux perspective:
Had it been clarified that setting recurive=True and include_container_content=False wouldn't have deleted any of the access controls (but that it still iterates through the project and displays the folders), as I user I would have appreciated having the functionality to do a dry run and see everything that would have had access controls removed before actually doing so. @BryanFauble What are your thoughts on not halting execution and rather adjusting the messaging displayed in the case of this combination of parameters? Granted it doesn't look like files themselves are displayed in the current messaging?

[WARNING] Failed to delete ACL for entity syn66520312: 403 Client Error: Cannot restore inheritance for resource which has no parent.
[syn66520312:acc_control_test]: Syncing Project from Synapse.                                                                                                                                                                                         
Syncing from Synapse:   0%|                                                                                                                                                                                                | 0.00/1.00 [00:00<?, ?B/s]
[syn66520313:temp folder]: Syncing Folder from Synapse.                                                                                                                                                                                               
Syncing from Synapse:   0%|

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[WARNING] Failed to delete ACL for entity syn66520312: 403 Client Error: Cannot restore inheritance for resource which has no parent.

This message only shows because you cannot delete the ACL for projects.

Had it been clarified that setting recurive=True and include_container_content=False wouldn't have deleted any of the access controls (but that it still iterates through the project and displays the folders)

This was not clarified, and in the code it would have just skipped over these entries.

as I user I would have appreciated having the functionality to do a dry run and see everything that would have had access controls removed before actually doing so. @BryanFauble What are your thoughts on not halting execution and rather adjusting the messaging displayed in the case of this combination of parameters?

This is a great idea! I created this follow-up ticket https://sagebionetworks.jira.com/browse/SYNPY-1604 to accomplish this ask. We can do quite a bit to make this easier for folks to understand the ACL structure of their project and implications of running the delete.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay that all makes sense, thanks! @BryanFauble

thomasyu888
thomasyu888 approved these changes May 14, 2025
View reviewed changes
Copy link
Member

@thomasyu888 thomasyu888 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔥 LGTM - Thanks for the clarification + catching this case and dry run idea both!

@BryanFauble BryanFauble merged commit 1ed5b6e into develop May 14, 2025
28 checks passed
@BryanFauble BryanFauble deleted the synpy-1244-corrections-to-docs branch May 14, 2025 23:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SageGJ SageGJ SageGJ left review comments

@thomasyu888 thomasyu888 thomasyu888 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@BryanFauble @thomasyu888 @SageGJ