#metabrainz

Mr_Monkey: Hello!

Hi akhilesh

Mr_Monkey: Thanks for feedback on proposal, I wish to discuss related things!

Well shoot :)

Why we need auth for API in BB, In BB. MB needs when require to handle submit request as https://chatlogs.metabrainz.org/brainzbot/metab... reosarevok said

for now

Mr_Monkey ^

Oh no. DST.

europe has entered the room

alastairp: more like europe has left the room, given the recent vote :p

well, the important parts of europe are still here

did David get back to you?

Not yet

But I assume he has more stuff to do too

akhilesh: Maybe make it a secondary goal. I think having the auth mechanism in place would allow for some flexibility, for example with our rate-limiting policy, and for future POST endpoints.

I mean, MB wants to eventually require auth for everything FWIW

(and tokens)

Mr_Monkey: You mean optional goal, if we will have remaining?

Correct.

But it will require some schema changes because we should not varify every request by sending one more request to MB. Mr_Monkey

for token I think

may be for client id and client secret also

amCap1712: My workmake has given me this article to use ViewPager for ArtCover slider. I have not read it yet, but here it is: https://joebirch.co/2019/02/22/exploring-the-vi...

Mr_Monkey: like https://critiquebrainz.org/profile/applications/ for authentication of api clients, and token will be used to authenticate the user if request is submit type

akhilesh: We'll definitely be using MB to authenticate rather than store tokens ourselves. I'll leave it to the pros to think about how to implement it for the various MetaBrainz projects. Having the mechanism in place for an auth request to MB would be a good first step. I'm thinking for example in the near future using the API to submit user collections .

Mr_Monkey: When we will implement submit user collection, Think if we will store token of that user at MB and if the user will not be registered at BB, then MB verify that user correct, but BB will not know that user. Then how will handle that situation?

Mr_Monkey: LB aslo store user token in LB database like https://listenbrainz.org/profile/

May I clear to you?

akhilesh: the BB web server currently uses tokens from MB validated by a passport strategy (https://github.com/LordSputnik/passport-musicbr...) and checking the user with its own editor table. I think that would work for the API as well (as a first step)

[musicbrainz-server] reosarevok opened pull request #987 (master…MBS-10087): MBS-10087: Convert doc pages to React https://github.com/metabrainz/musicbrainz-serve...

MBS-10087: Convert doc pages to React https://tickets.metabrainz.org/browse/MBS-10087

Here's the BB auth: https://github.com/bookbrainz/bookbrainz-site/b...

Is there someone here who is experience on creating dockerfile ??

Mr_Monkey: ok, I am thinking about it.

cyna: yvanzo perhaps

Cyna: what for?

I'm trying to make work easy by dockerizing musicbrainz-server

I've made great progress but have some issues to face

I've created dockerfile for both musicbrainz-server and the db to be used and created builds for the same

problem here is whenever I bind mount a directory its replacing the original contents in the container with the empty folder on my machine path specified

Is there a way to prevent the over writing due to superiority ?

Isn't there already a docker version of mbs?

there is musicbrainz-docker if you are speaking of it

its weird working with that setup... It has a lot built into it

Cyna: what's your final goal? why do you want musicbrainz in docker?

I want to be able to work on any machine by just deploying the container as to what docker is meant for

are you working on musicbrainz-server?

My current setup is using docker but its a bit complex for someone who has no experience in working with one, so Im trying to make it much easier

yes

what folder are you connecting as a volume?

the behaviour that you describe is correct for how docker works, there are a few solutions depending on your need

I found a solution using docker volumnes

*volumes

I hope it works

Do you use docker-compose?

Or is it a single Dockerfile?

I'm planning to once my dockerfile is set up

[musicbrainz-server] anirudhjain75 opened pull request #988 (master…convert): convert delete.tt in admin attributes https://github.com/metabrainz/musicbrainz-serve...

Cyna: I agree musicbrainz-docker is not suitable for development at the moment, but it is planned to.

I'll work on it seperately

cant take it as a gsoc project as its not one

I mean, GSoC projects can be agreed upon if something is considered useful and wanted enough and it fits as one

I know nothing about docker though so I have no idea if it'd be an option

It’s not an option for GSoC and I already started working on it but it is stalled at the moment.

Ok, so this specific one doesn't fit :)

(in general though, that remains - it's ok to propose something different from the original idea list, as long as we agree it is ok for GSoC)

Yea.. Im working on docker setup for my own

If it works Ill contribute it :)

[musicbrainz-server] reosarevok opened pull request #989 (master…MBS-10090): MBS-10090: Escape id before passing to MediaWiki https://github.com/metabrainz/musicbrainz-serve...

MBS-10090: Loading a doc page containing %3F loads full wikipage html https://tickets.metabrainz.org/browse/MBS-10090

lol "(in case you're wondering, yes, this is what came out of me being like "oh I wonder what will happen if I add a question mark to the URL")"

What can I say. I break shit

seeAlso: https://tickets.metabrainz.org/browse/MBS-10089

MBS-10089: Don't show "named after" relationships on artist works page

reosarevok: yvanzo : How can I authenticate user via postman for submitting request to API sever as in docs at https://beta.musicbrainz.org/doc/Development/XM... ? Could you give an example of real post request so that I can check via postman please?

bitmap, reosarevok: I tagged the most wanted PRs for the next release with milestone, see https://github.com/metabrainz/musicbrainz-serve...;

I won’t review/merge other PRs but contribs, I’m quite busy with JIRA anyway.

Please, please, please, let's merge the relationships code

There's a lot of other stuff that depends on that before it can be worked on

We have been delaying release for too long, I mostly selected PRs which are finishing parts of other already merged issues.

The milestone just points to PRs still missing for release, it is not a restrictive list of what will be released.

Well sure, and I don't really even care that much whether we release the rels thing

Just want it merged to work on top of properly :)

But it doesn’t work at the moment :D

It doesn't? It seemed to work yesterday for me

What broke? (did you flush redis?)

reosarevok & yvanzo : I am waiting to your response, for above msg

akhilesh: sorry, never used postman before and did not find ready example, doc is terribly lacking examples :(

reosarevok: relationship-editor doesn’t load for me at least, and yes I flushed it all.

reosarevok: Yea so I was wondering about those issues with required entity attributes I spoke to you last time

yvanzo: ... sigh, I might have forgotten to check that :p

reosarevok: it seems to be just a small issue though, the rest I checked seems to be fine.

akhilesh, I didn't understand your question. do you want to see what a web service call w/ authorization looks like? or were you asking about how postman works?

Cyna: that is a mess and needs a lot of work, but I don't have the time for it atm. Maybe tomorrow I can try to look

CallerNo6: want to see what a web service call w/ authorization looks like?

sure thanks... I'll try understanding the code base for GSoC project then

reosarevok: while you are waiting for rels PR, you may want to improve ws doc instead ;)

I'm trying to fix a bug with a rels query rn

Unrelated to that PR

CallerNo6: How does I put username and password with api request?

yvanzo, bitmap: am I being dense or is this ultra borked?

what?

Sorry, was getting a link

This does JOIN $target ON $target_id = ${target}.id (L168)

akhilesh, authorization info goes in the header of the request. you can use programs like python's requests to insert it.

But if you have, say, l_artist_artist, that'll just join on entity0 and won't check entity1 at all since $target_id = 'entity0'; in L148

(which would look something like requests.get(url, auth=HTTPDigestAuth('user', 'pass'))

^ unlike query parameters, you don't pass it in the url itself

CallerNo6: Ok, Thanks :)

akhilesh, does that make sense? you could use curl or whatever program makes sense in your context.

yvanzo: is there any way where I can change the path for redis server ? from localhost:6378 to redis:6379 ?

Cyna: yes in lib/DBDefs.pm

I've made changes there

But it didnt work

I composed down, made the changes and composed up

and it doesnt rebuild the images

I’m not sure what you changed and how you compose these, so...

I guess that is the issue

Ill try pruning images and starting the compose again

CallerNo6, yvanzo: One another question, Does MB have any method so that we can verify user with his username and password programmatically? mean without opening GUI like https://beta.musicbrainz.org/login?uri=%2F

akhilesh: well, not really, but you can try reaching https://test.musicbrainz.org/ws/2/collection?ed...

which requires authentication

Means It is necessary to input username and password manually via GUI.

No, you can provide it through http digest.

My aim to authenticate user from BB server without opening any GUI for input username and password. Is it possible?