Skip to content

Use project UUID#69293

Merged
alex-m-brown merged 40 commits into
stagingfrom
use-project-uuid
Jan 13, 2026
Merged

Use project UUID#69293
alex-m-brown merged 40 commits into
stagingfrom
use-project-uuid

Conversation

@alex-m-brown

@alex-m-brown alex-m-brown commented Nov 4, 2025
edited
Loading

Copy link
Copy Markdown
Contributor

This is the third PR in a series of PRs to migrate our existing channel token system for projects to unique identifiers. This PR starts using UUIDs to identify projects, while continuing to support legacy channel tokens. To decrease risk, the change is locked behind a DCDO flag project-uuid-in-url

Links

Testing story

Tested on an adhoc: https://adhoc-use-project-uuid-studio.cdn-code.org

  • Manually verified UUIDs are used to identify both standalone and "in-course" projects
    • New
    • Edit
    • Share
    • Remix
    • Delete
  • Can still access projects using channel tokens
  • New unit tests to ensure both identification methods are valid
  • Turning DCDO flag on enables uuids in urls
  • Turning DCDO flag back off disables uuids in urls

Follow-up work

Now that we're using UUIDs, we need to work towards getting rid of channel tokens
3. Backfill project UUIDs (#69294)
4. Update the UUID column to be non-null
5. Eventually completely remove old channel token support

Privacy and Security

This PR is the third step in further securing our projects.

@alex-m-brown alex-m-brown changed the base branch from staging to add-uuid-to-projects November 4, 2025 15:13
@alex-m-brown alex-m-brown changed the base branch from add-uuid-to-projects to staging November 4, 2025 20:11
@alex-m-brown alex-m-brown changed the base branch from staging to add-uuid-to-projects November 4, 2025 20:11
This was referenced Nov 6, 2025
Merged
Merged
Base automatically changed from add-uuid-to-projects to staging November 21, 2025 01:37
@alex-m-brown alex-m-brown marked this pull request as ready for review November 21, 2025 01:43
@alex-m-brown alex-m-brown requested a review from a team November 21, 2025 19:41
unlox775-code-dot-org
unlox775-code-dot-org reviewed Nov 21, 2025
View reviewed changes
Comment thread shared/middleware/helpers/storage_id.rb
unlox775-code-dot-org
unlox775-code-dot-org approved these changes Nov 21, 2025
View reviewed changes

@unlox775-code-dot-org unlox775-code-dot-org left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks safe from a security perspective. I don't know the code enough to approve it's stability.

I did leave a comment on function structure. This looks great overall!!

@sureshc sureshc mentioned this pull request Dec 3, 2025
Merged
2 tasks
@alex-m-brown alex-m-brown changed the base branch from staging to staging-next December 11, 2025 20:09
@alex-m-brown alex-m-brown changed the base branch from staging-next to staging December 15, 2025 15:42
@alex-m-brown alex-m-brown requested a review from a team December 15, 2025 22:02
unlox775-code-dot-org
unlox775-code-dot-org requested changes Jan 5, 2026
View reviewed changes
Comment thread dashboard/legacy/test/middleware/helpers/test_projects.rb
Comment thread shared/middleware/helpers/storage_id.rb
Hamms
Hamms approved these changes Jan 9, 2026
View reviewed changes

@Hamms Hamms left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! I have one question and one suggestion for simplification, but neither are blocking.

Thanks for all the care and caution you've put into this! I'm excited for us to take the next step

Comment thread shared/middleware/helpers/storage_id.rb
raise ArgumentError, "`encrypted` must be a string" unless encrypted.is_a? String

if uuid?(encrypted)
project = Projects.table.where(uuid: encrypted).first || Project.find_by(uuid: encrypted)

@Hamms Hamms Jan 9, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it worth extracting this to a helper method somewhere? Would also make for a nice spot to put a comment explaining some of the strangeness around this whole Sequel-inside-Rails pattern we've got here

@alex-m-brown alex-m-brown Jan 12, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I attempted this, but was getting a test error on drone I couldn't replicate locally. I don't want to get stuck on this, so I will go ahead and merge without and revisit separately.

Comment thread lib/dynamic_config/dcdo.rb Outdated
@alex-m-brown alex-m-brown merged commit c223503 into staging Jan 13, 2026
6 checks passed
@alex-m-brown alex-m-brown deleted the use-project-uuid branch January 13, 2026 15:24
@drizco drizco mentioned this pull request Jan 14, 2026
Merged
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@unlox775-code-dot-org unlox775-code-dot-org unlox775-code-dot-org approved these changes

@Hamms Hamms Hamms approved these changes

@sureshc sureshc Awaiting requested review from sureshc

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@alex-m-brown @Hamms @unlox775-code-dot-org @artem-vavilov