►
From YouTube: BE Pairing - 20230224 - Discussing permission testing
Description
In this session we discuss testing permission changes. We also talk about a contribution that looks to adding an anchor to an email link.
00:00 - Permission discussions and brainstorm
36:01 - Review adding system note anchor to email
B
C
So
let
me
share
you
think
I'll
do
my
full
desktop
and
then
make
this
full
screen.
So
it's
big
okay.
So
this
is
the
issue.
I
wrote
it
up,
so
there
might
be
a
missed
context
here,
but
we'll
talk
through
it.
So
this
is
the
summary.
Sometimes
we
want
to
make
permissions
check
changes
in
the
gitlab
code
base.
We
don't
want
a
behavioral
change
right.
C
We
just
want
to
refactor,
and
currently
we
pretty
much
just
rely
on
people
being
very
familiar
with
how
our
permissions
work
and
hoping
we
have
really
good
tests
covered
when
we
do
this,
which
it
can
be
challenging
to
do
right,
because
we
do
permissions
checks
in
web
controllers.
Api
controllers
views
they're
everywhere.
So,
if
you're
missing
testing
at
any
level,
you
could
cause
a
regression
which,
in
the
world
of
permissions,
is
not
ideal,
because
permissions
are
a
key
security
feature.
C
B
I
will
say
this
is
very
relevant
to
a
maintainer
review
that
I
got
recently.
That
I
was
like.
Please
explain
to
me.
Help
me
understand
so
I
can
know
this
way
because
I
don't
know
anything
yeah
I'm,
like
I,
don't
know
what
this
permission
check
does:
I'm,
not
sure
what
these
two
you're
changing.
You
know,
I
I,
remember
reviewing
them
being
like
this
thing
is
changing
to
this
one.
They
don't
seem
related.
B
B
To
ask
the
questions
to
be
like:
please
help
me
make
sure
that
someone
has
vetted
this.
That
knows
what
I
mean
besides
you,
because
obviously
like
I'm
assuming
they're,
making
a
change,
they
know
the
permissions,
but
I
just
want
to,
like
you
know,
yeah
I
think
I
wanted
another
set
of
eyes
that
weren't
just
mine,
yeah.
C
Absolutely
and
we
have
so
like
and
then
in
our
Docs
and
our
rules
and
permissions
dogs
like
I
as
a
member
of
the
off
team
heavily
on
this
table,
but
this
table
is
human
generated.
So
we
don't
have
any
guarantees
that,
like
you
know,
we
don't
guarantees
in
terms
of.
We
believe
that
our
documentation
is
accurate,
but
there
are
cases
where
this
does
not
100
reflect
reality
or
there's
an
edge
case
that
that
is
not
reflected
in
this
simple
table,
and
so
like
Terry
was
saying
it's
not
always
straightforward.
C
C
they're,
23
footnotes
on
like
and
this
and
this.
So
it's
a
lot
oh
and
the
other
thing
I
was
going
to
mention-
is
that,
like
there
aren't
necessarily
permissions
that
are
named
like
there's,
not
a
permission
called
manage,
terraform
State,
necessarily
so.
Mapping
like
the
code
Concepts
and
the
like
conceptual
pieces
is
not
a
one-to-one.
So
it's
like
super
complicated.
C
C
So
our
permissions
engine
is
declarative
policy,
which
is
a
gem
that
we
maintain
and
declarative
policy
basically
takes
in
two
objects:
they'll
take
in
like
user
and
a
project,
and
then
you
can
call
policy
debug
on
a
specific
permission
like
read
Pipeline,
and
it
will
tell
you
all
of
the
step,
the
checks
that
it
runs
and
the
outcome
enabled
true
or
prevented,
enabled
true
or
prevented
true.
So
in
this
case
you
could
really
go
line
by
line
and
say
like.
Why
was
this
enabled
and
you
can
like
walk
yourself
through
the
code?
C
So
we
have
this
under
the
hood.
So
what
we
could
do
say
we
wanted
to
do
a
refactor
and
I.
Think
I
have
an
example
down
here:
yeah,
okay,
so
say
we
wanted
to
change.
Read
build
to
read
pipeline,
for
whatever
reason
we're
doing.
A
refactor
like
Terry
is
in
an
MR
review
and
someone's
doing
this
refactor,
and
we
want
to
compare
like
the
outcome
of
these
two
permissions
checks.
C
We
could
build
something
like
this.
This
is
this
little
proof
of
concept.
Where
you
basically
say
what
is
the
project,
because
this
is
a
permission
check
on
a
project?
So
what
is
the
project
visibility?
What
is
the
role
of
the
user
and
like
is
this
allowed
for
this
user
I
only
am
using
Anonymous
user
guest
and
reporter
here
you
could
also
pass
in
developer
or
owner
admin
and
then
basically,
this
Compares
and
through
each.
C
C
Let
me
see
if
I
even
thought
of
any
oh
yeah,
like
I,
I,
didn't
think
of
any
specific
edge
cases
here,
but
I
know
they're
there.
That's
why
our
policy
classes
are
so
large
because
we're
doing
all
these
other
checks
on
you
know
is
these
are
blocked
or
so
anyways.
That's
an
initial
idea.
Any
reactions,
thoughts.
A
C
B
I
was
looking
for
one
that
you
might
be
able
to
use
I'm,
not
sure
if
you've
got
if
you've
run
into
it
before,
but
there's
like
policy
contexts
that
are
written
for
group
and
projects
like
we
use
these
in
some
of
the
elastic
search
tests.
Were
these,
like
these
permission
tables
for
the
reporter
feature,
like
the
file
that
I
link
to
you
has
if.
B
C
B
A
B
A
B
C
B
B
C
C
B
A
C
A
A
I
think
but
I
think
it's.
You
know
it's
a
good
point
that
it's
a
good
point,
that,
with
different
permissions,
different
factors
are
going
to
be
at
play
and
so
you're
going
to
kind
of
always
want
all
the
permutations
of
whatever
factors
you
plug
and
play
there
so
it'd
be
interesting
to
like
have
declared
ahead
of
time.
A
These
are
the
project
visibility
factors
it
has
to
be
public
internal
private.
These
are
the
role
factors
like
these
are
all
the
possible
values
for
all
the
different
factors,
but
then
I
declare
as
a
developer.
I
just
declare
these
are
the
only
ones
that
would
evaluate
to
yes,
all
the
other
ones
evaluate
to
false
or
something
so.
A
C
B
B
B
B
B
A
B
B
B
You're
supposed
to,
when
you
add
a
new
worker,
that's
it
important.
Okay,
I,
don't
say
all
of
them
are
like
that.
There's
I,
don't
know
if
there's
a
cop
now
but
before
I
wouldn't
have
mention
it
during
Mr.
Reviews
like
this
is
missing
the
test
for
it:
okay,
okay,
I'm,
not
sure
if
there
are
workers
but.
A
Regarding
the
the
goal
of
testing,
if
this
is
a
pure
refactor,
so
we
do
have
in
our
developer
guide
something
about
pending
tests.
Have
you
ever
used
or
looked
into
pinning
tests?
No,
like
I,
think
it's
like
pen,
like
you,
pin
to
something?
Yes?
Yes,
yes,
yes,
painting
tests
yeah.
So
this
is.
These
are
tests
that,
if
you're
doing
a
pure
refactor,
it's
tests
suggests
to
test
the
refactor
that
you
don't
commit
to
master.
A
A
You
make
the
change
and
then
you
can
revert
the
pinning
tests
but
to
just
test,
and
then
you
revert
moving
the
pinning
test,
because
it's
not
the
kind
of
thing
you'd
want
to
check
into
Master,
because
it's
not
really
helpful
to
us,
but
you
just
end
up
reverting
the
the
reverting
whatever
remove
the
pinning
topic
and
running
it
to
just
to
assert.
Oh
yeah,
this
was
a
peer
refactor.
A
We
have
some
like
examples
of
Mrs.
That
kind
of
did
this
because
we
were
from
the
front
end
perspective.
We
were
converting
Hamel
pages
to
view,
so
this
works
great
because
it
would
just
take
a
huge
HTML
snapshot
of
the
handle
page
and
then
a
huge
HTML
snapshot
of
the
few
page
and
we'll
compare
the
two
okay
and.
A
And
they're
not
emergency
right.
So
then
we
just
remove
it
right
after
that,
and
so
whenever
we
want
to
run
it
just
revert
whatever
removed
it
or
we
could
share
it
whatever
you
want
to
do
it,
but
you
showed
that
debug
command
and
that's
really
interesting
like
and
so
that
could
actually
be
used
as
a
pinning
test
of
let's
debug
this
policy
and
dips
it
with
the
debug
of
the
other
policy,
and
if
the
diffs
are
the
same,
then
this
was
a.
A
C
No,
but
it's
really
helpful
because
it
reminds
me
of
how
sometimes,
if
my
Spidey
Sense
tells
me
that
some,
like
I'm,
reviewing
an
MR
and
there
are
tests
added
but
I'm
like
I,
don't
know
if
these
are
really
testing
the
change.
I'll
check
out
the
Mr
and
comment
out
the
code
changes
and
see
if
the
tests
still
pass
and
if
they
do
I'm
like
oh,
these
aren't
these.
C
A
That
is,
that
is,
that
is
related
a
little
bit
as
well,
so
I
think
what
would
be
cool,
namely
just
thinking
of
we
find
ourselves
needing
to
refactor
policies.
Maybe
there
is
a
script
that
could
introduce
the
kind
of
tests
we
just
wouldn't
check
in,
but
it's
the
test
that
just
gives
some
Assurance.
This
was
a
peer
refactor
and
a
debug
statement
is
like
yeah.
That's
that's
that
can
traditionally
be
used
in
like
pinning
tests
in
the
back
end.
C
A
Yeah,
that's
really
cool
I
mean
that's
a
great
that's
a
great
output
from
as
like
a
code
reviewer.
If
I'm
wanting
to
know
some
of
the
superior
factor,
I
was
like.
Oh
there's,
no
diff,
that's
pretty
good
confidence,
and
if
there
is
a
diff,
it's
like
okay.
This
is
the
kind
of
thing
you
need
to
look
at.
This
is
this.
Is.
C
C
A
Yeah
yeah
and
that's
what
we
did
in
some
of
those
other
pinning
test.
Examples
was
like
okay:
let's
do
this
with
feature
flags
on
off,
so
we
create
like
a
whole
bunch
of
snapshots
and
there's.
Usually,
though,
some
sort
of
like
in
a
perfect
world,
everything
would
match,
and
so
so
then
there's
also
a
set
of
like
we
can
clean
up
this.
These,
like
white
space,
kind
of
noise
or
whatever
so
like
then
there's
sometimes
stuff.
You
can't
get
it
towards
perfectly
green,
but
it's
perfect.
It's
it's!
A
C
And
you
mentioned
plot
one
point:
scientist
I
was
curious
to
ask
if
either
of
you
had
to
use
scientists
the
thing
that
I
thought
was
really
funny.
Excuse
me
was
the
example
they
give
is
you're
trying
to
change
what
you
handle
permissions
in
a
large
web.
App
I'm,
like
oh
I,
think
this
library
was
developed
when
somebody
had
the
exact
same
problem
that
I
have.
C
We
were
using
this
at
my
last
job.
It's
it's
more
of
the
tested
and
prod
mentality
right.
You
actually
push
the
change
to
production
and
then
it
runs
both
code
paths
and
if
you
only
use
like
the
old
code
path,
but
if
there's
ever
a
difference
in
what
the
old
and
the
new
evaluate
to.
In
that
case,
we
were
just
like.
We
were
like
throwing
an
error,
because
we
had
pretty
high
confidence
with
the
refactor.
A
B
A
B
C
So
yeah
this
came
up
in
another
issue
where
somebody
was
asking
about
using
scientists
for
something
else.
Thanks
Charlie
and
somebody
mentioned.
Oh,
we
have
this
thing
called:
get
love,
experiment
and
apparently
GitHub
experiment
used
to
have
scientists
as
a
dependency
so
like
they
do
similar
stuff,
I.
Think
the
difference
now
I'm,
forgetting
I,
think
the
difference
with
gilab
experiment
is
that
it's
actually
for
like
turning
things
on
like
there's,
not
a
focus
on.
C
Do
these
two
code
paths
evaluate
to
the
same
thing
like
scientists
is
truly,
does
path,
a
and
path.
B
result
in
the
same
thing,
and
you
want
it
to
like,
because
you're
trying
to
do
a
refactor.
So
the
logic
is
the
same,
whereas
gilab
experiment
is
here,
there's
like
a
control
and
then
different
variance
and
the
ideas
that
you're
like
using
all
three.
C
A
The
B
are
I,
think
and
intentional
variable
names
there,
because
I
know
we.
This
is
our
way
of
doing
like
a
b
testing
to
see
what
performs
better
out
in
the
wild,
not
necessarily
what's
acceptable
and
what
can
be
rejected.
It's
just
a
measurement
of
I,
don't
know
for
some
reason.
We
measure
some
sort
of
data
that
comes
out
of
these
experiments.
Yeah.
B
I
feel
like
there's
a
completely
different
end
game
for
the
second
one.
The
git
love
experiment
in
the
future,
like
those
are
two
things
where
the
end
game
is,
there
should
be
something
different
that
happens
like
there's,
no
guarantee
that
both
code
paths
should
result.
In
the
same
end,
so
I
feel
like
that's
like
the
huge
difference,
experiment
or
science.
The
scientist
stuff
seems
like
it's
more
so
for
like
confidence
in
your
code,
refactors.
C
C
But
it
is
yeah
like
get.
A
lot
of
experiment
is
truly
like
you
were
saying
it's
for
running
a
b
tests
of
like
here's,
a
cool,
different
thing:
let's
try
it
for
10
of
users
and
what
we
want.
We
don't
want
to
do
a
cool
different
thing
with
permissions
refactor,
as
we
want
the
boring
old
thing
with
a
new
name.
C
A
C
So
they're
like
well,
we
already
have
something
called
download
vulnerability,
but
I'm,
adding
a
CSV
export,
so
I'm
going
to
create
something
called
download,
vulnerability,
CSV
and
use
that,
because,
like
that's
I,
can
understand
new
things
better
than
I
can
original
things
and
and
I
think
those
cases
will
be
easy
to
condense,
because
when
you
look
at
them,
they'll
just
be
two
things
that
do
the
same
stuff.
I
think
the
other
like
project
policy.
C
A
A
C
C
B
Yeah
I
mean
I
think
just
starting
with
like
I,
don't
know,
I
feel
like
what
I've
done
and
I'm
Paul's
experience
with.
This
is
just
like,
adding
something
using
it
and
then
putting
it
in
the
docs
and
throwing
it
in
as
many
channels
as
you
can
to
like
get
other
people
aware
of
it,
and
your
thing
may
change,
or
it
may
might
like,
grow
or
be
a
little
bit
different.
B
But
it's
like
hard
for
me
to
get
my
head
wrapped
around
like
how
do
you
get
people
to
adopt
a
way
of
doing
things
in
the
code?
The
only
way
I
know
of
is
to
use
them
like
pretty
much
exclusively
yourself
and
then
also
trying
to
like
shout
as
loudly
as
possible
in
all
of
the
different
spots
that
other
developers
might
look
for,
like
coding
examples
of
how
do
I
do
this
yeah.
C
C
Cool
well,
when
I
get
something
up
which
hopefully
will
be
soon
because
I'm
gonna
try
to
just
like
get
something
out
there,
I'll
I'll,
let
you
know-
and
let
me
know
what
you
think
of
my
first
first
dab
at
it,
but
anyways
I.
Can
we
can
move
on
to
something
else?
They've
got
a
lot
of
great
ideas
here,
so
thank
you
you
both.
Can
they
learned
about
pinning.
B
B
B
Door,
yeah,
yeah
I'm
sure
it's
probably
there's
a
page
under
like
development
resources
that
has
a
huge
list
of
things,
because
the
one
that
I've
noticed
from
my
team-
that's
like
not
anywhere,
but
there
it's
listed
there.
It's
just
it's
hard
to
find.
If
you
don't
already
know
what
you're
looking
for
I
would
have
never
found
that
pinning
testing
you
either
have
to
like
somehow
find
it
on
the
one
page
where
it's
linked
or
know
to
search
or.
A
C
A
Don't
know
if
I
don't
know
if
it's
always
been
like
that,
but
maybe
it
has
I
felt
like
though
we
had
something
also
pointing
to
this
guide
as
well,
but
I
I.
Don't
so
long
ago,
I,
don't
remember
yeah
the
pinning
test
idea.
I
read
about
in
a
really
really
great
book
called
working
effectively
with
Legacy
code,
which.
C
A
Know
but
it
was,
it
was
a
fantastic
book
because
it's
like
all
about
writing
test
harnesses
and
weird
code
bases,
those
really
cool,
yeah
well
I'm
game,
for
we
can.
We
can
try
to
code
some
sort
of
spec
helper
thing
based
on
what
we
were
just
talking
about,
or
we
can
jump
on
Lee
Lee's
issue
that
they
mentioned.
A
B
A
B
B
A
B
B
B
C
Well,
I
was
gonna,
say:
I
I
feel
like
what
happened
here
or
like
so
we
don't
have
access
to
the
note
itself
in
the
mailer
method,
so
the
mailer
method
has
the
issue
and
the
recipient,
but
it
doesn't
it's
not
currently
aware
of
the
system.
No,
so
what
Winnie
did,
which
is
clever,
is
get
all
the
system
notes
find
the
last
one
and
just
assume:
that's
it
I
think
we
I
think
we
can
build
a
system
with
more
confidence.
I
think
we
need
to
pass
the
system
note
in
when
this
email
is
sent.
B
B
A
B
A
B
But
I
think
there
must
be
some
disconnect
in
terms
of
yeah
I.
Don't
know
he
was
like
it
doesn't
work
consistently
that
the
note
that
it's
linked,
I,
guess
whatever
this
is
doing-
is
not
always
consistently
lacking
like
linking
to
the
correct
note.
Maybe
when
you
change
your
Milestone
or
reassign
an
issue
or.
B
A
A
B
A
A
We
reassigned
the
issue
if
I
click
view
it
on
gitlab.
Are
we
really
anticipating
going
to
the
system?
Note
that
says
something
get
reassigned
or
is
just
going
to
the
issue:
sufficient
I'm
really
not
sure
so.
I
I,
I
I
was
kind
of
hoping,
like
maybe
there's
a
pre-existing
issue
here,
so
we
can
get
more
context
of
what's
the
actual
problem,
we're
trying
to
solve.
B
C
A
A
B
A
A
So
but
I
mean
it's
email
is
such
a
shared
thing
that
it's
kind
of
I
think
technically
it
belongs
to
plan,
but
I
don't
know
so
I'd
be
really
curious.
If
they'll
get
plans,
ux
opinion
on.
Do
we
want
to
link
to
the
system
note
here,
but
with
that
I,
don't
I,
think
I.
Think
the
I
think
what
you
said.
Jesse
is
like
yeah,
sorting
it
and
then
getting.
The
last
note
isn't
going
to
be
reliable
because
these
run
off
of
like
some
sort
of
sidekick
job.
It's
not
these
emails
aren't
sent.
A
A
C
C
A
C
C
Yes,
also
a
Counterpoint
to
what
I
previously
said,
just
looking
at
the
screenshots
in
the
Mr
I
now
realize
that,
like
the
issue
is
linked
in
the
body,
but
this
the
anchor
link
was
just
added
in
the
footer,
so
it's
not
changing
the
main
body
of
the
email
like
I
guess.
I
can
see
the
value
of
being
taken
like
having
the
option
to
see
the
note
system.
Note
assuming
it
was
the
correct
one.
Yeah.