The GitHub Actions job "Build and push images" on texera.git/main has failed. Run started by GitHub user bobbai00 (triggered by bobbai00).
Head commit for run: b9fc0d2c89423ea76ffda3948f9a3688fb4849ce / Seongjin Yoon <[email protected]> fix(backend): allow users with read access level to revoke their own access on shared workflows (#4143) <!-- Thanks for sending a pull request (PR)! Here are some tips for you: 1. If this is your first time, please read our contributor guidelines: [Contributing to Texera](https://github.com/apache/texera/blob/main/CONTRIBUTING.md) 2. Ensure you have added or run the appropriate tests for your PR 3. If the PR is work in progress, mark it a draft on GitHub. 4. Please write your PR title to summarize what this PR proposes, we are following Conventional Commits style for PR titles as well. 5. Be sure to keep the PR description updated to reflect all changes. --> ### What changes were proposed in this PR? <!-- Please clarify what changes you are proposing. The purpose of this section is to outline the changes. Here are some tips for you: 1. If you propose a new API, clarify the use case for a new API. 2. If you fix a bug, you can clarify why it is a bug. 3. If it is a refactoring, clarify what has been changed. 3. It would be helpful to include a before-and-after comparison using screenshots or GIFs. 4. Please consider writing useful notes for better and faster reviews. --> This PR fixes a permission issue where users with READ access to a workflow could not revoke their own access. **Changes:** - Updated `revokeAccess()` method in `WorkflowAccessResource.scala` to allow users to revoke their own access regardless of privilege level (READ or WRITE). - Added owner protection which prevents workflow owners from revoking their own access to avoid orphaned workflows. - Added test cases for the `revokeAccess()` method in `WorkflowAccessResourceSpec.scala`. **Before:** - Backend requires WRITE privilege for self-revocation. - READ users received error when revoking their own access. **After:** - READ users can revoke their own access to a shared workflow (leave shared workflows). - Owners cannot revoke their own access (prevent orphaned workflows). **Demo:** https://github.com/user-attachments/assets/4fa57eb0-9218-4715-bf8d-aec26f039174 ### Any related issues, documentation, discussions? <!-- Please use this section to link other resources if not mentioned already. 1. If this PR fixes an issue, please include `Fixes #1234`, `Resolves #1234` or `Closes #1234`. If it is only related, simply mention the issue number. 2. If there is design documentation, please add the link. 3. If there is a discussion in the mailing list, please add the link. --> Fixes #4141. ### How was this PR tested? <!-- If tests were added, say they were added here. Or simply mention that if the PR is tested with existing test cases. Make sure to include/update test cases that check the changes thoroughly including negative and positive cases if possible. If it was tested in a way different from regular unit tests, please clarify how you tested step by step, ideally copy and paste-able, so that other reviewers can test and check, and descendants can verify in the future. If tests were not added, please describe why they were not added and/or why it was difficult to add. --> Run `sbt "WorkflowExecutionService/testOnly *WorkflowAccessResourceSpec"` **The test cases cover the following scenarios:** - Users with WRITE access can revoke other users' access. - Users with READ access cannot revoke other users' access. - Users can revoke their own access regardless of access level. - Owner's access cannot be revoked by others. - Owner cannot revoke their own access. - Error handling for non-existing users. - Revoking access does not affect other users' access level. - Revoke access of a user who does not have access. ### Was this PR authored or co-authored using generative AI tooling? <!-- If generative AI tooling has been used in the process of authoring this PR, please include the phrase: 'Generated-by: ' followed by the name of the tool and its version. If no, write 'No'. Please refer to the [ASF Generative Tooling Guidance](https://www.apache.org/legal/generative-tooling.html) for details. --> No. Report URL: https://github.com/apache/texera/actions/runs/20839315758 With regards, GitHub Actions via GitBox
