gu-who incorrectly reporting that user account is <3 months old
Closed this issue · 4 comments
I get this error when trying to audit an organization:
[info] application - Asked to audit @MYORG
[error] play - Cannot invoke the action, eventually got an error: java.lang.IllegalArgumentException: requirement failed: Organisation @MYORG must have at least one *public* member whose account is over 3 months old
[error] application -
The rest of the traceback is as you would expect for that error message. This is running on Ubuntu Trusty, OpenJDK 1.7, Scala 2.9.2.
Now, the organisation is under 3 months old, but I am the only member of it, and my account dates from 2009. I'm not sure if this is a bug or whether it is intended behaviour with a confusing error message. However, I would suggest that a new organisation shouldn't be seen as an error.
Hi @snim2 - so this checker was put in as a guard against hypothetical denial-of-service attacks against the public demo instance of gu:who at https://gu-who.herokuapp.com/ - the code for the check is here:
https://github.com/guardian/gu-who/blob/3041000b/app/lib/AuditDef.scala#L81-L85
The check doesn't require the organisation to be more that 3 months old, but does require that the organisation has at least one public member. (GitHub allows your membership of an organisation to be 'concealed' or 'public'). Any user account that was over a few months old stood more chance of being legit (ie not being a DOS-attack account).
Organisations can actually add any old random account they want to their org - I could randomly add Linus Torvalds to one of my own organisations if I wanted, without his consent, but he would have to mark his membership as public before anyone could see it, and that would show that he actively wanted to be a member of that org.
So, gu:who wants the account to be both oldish and a public member of the organisation.
Your account is certainly old enough, but you have not publicised your membership of your organisation (whatever it is). I can see only one organisation which you're publicly a member of (@RHOKBrum) on your profile, and I'm guessing that's not the one you're using for your tests? In order to get gu:who to run, you can just publicise your membership of your test organisation, or indeed, just remove the check.
The intended use-case of gu:who is on organisations are basically pretty big and pretty old, where people have lost track of who the heck all the people are. So this check doesn't seem too onerous, and I'd hoped that the error message was kind of self-explanatory, but I will see if I can make it clearer.
Organisation @MYORG must have at least one *public* member whose account is over 3 months old
Actually, I'd really appreciate it if you could suggest a way I could make this message clearer, I think I'm too close to the code to find a way to phrase it better.
Well, for goodness sake. I didn't even know that it was possible to conceal membership of organizations. I guess they hide that sort of gnostic wisdom in docs.
Anyway, I have sent a pull request. I don't have a good dev environment where I am this evening, so I haven't been able to test this, but I think it is more helpful to a novice or unsuspecting user. Also, I don't know what your coding conventions are, so you might want to refactor.
HTH and thanks for responding so quickly.