feat(api): authorization extended for soft-delete and suspend #12158
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
product
datahub-cyborg
bot
added
the
needs-review
david-leifker
force-pushed
the
base-authorization-check
branch
from
8b74c9d to
45f00d5
Compare
david-leifker
force-pushed
the
base-authorization-check
branch
from
45f00d5 to
6d03e03
Compare
* fix AspectRetriever behavior with respect to key aspects always returned * Deprecated active boolean in corpUserInfo not supported
david-leifker
force-pushed
the
base-authorization-check
branch
from
6d03e03 to
441003b
Compare
david-leifker
commented
Dec 18, 2024
| @@ -22,7 +22,7 @@ | |||
|
|
|||
| @Getter | |||
| @Builder | |||
| public class EntityServiceAspectRetriever implements CachingAspectRetriever { | |||
| public class EntityServiceAspectRetriever implements AspectRetriever { | |||
There was a problem hiding this comment.
This impl is not caching, corrected interface.
david-leifker
commented
Dec 18, 2024
| * @param aspectRetriever aspect retriever - ideally the SystemEntityClient backed one for caching | ||
| * @return active status | ||
| */ | ||
| public boolean isActive(AspectRetriever aspectRetriever) { |
There was a problem hiding this comment.
Primary logic for evaluation of the actor's state.
david-leifker
commented
Dec 18, 2024
| @@ -177,7 +209,7 @@ public static OperationContext asSystem( | |||
| @Nonnull private final EntityRegistryContext entityRegistryContext; | |||
| @Nullable private final ServicesRegistryContext servicesRegistryContext; | |||
| @Nullable private final RequestContext requestContext; | |||
| @Nullable private final RetrieverContext retrieverContext; | |||
| @Nonnull private final RetrieverContext retrieverContext; | |||
There was a problem hiding this comment.
Due to the importance of this context for actor state validation, it is no longer optional.
| @@ -90,7 +91,7 @@ public Task<EntityResponse> get( | |||
| ? opContext.getEntityAspectNames(entityName) | |||
| : new HashSet<>(Arrays.asList(aspectNames)); | |||
| try { | |||
| return _entityService.getEntityV2(opContext, entityName, urn, projectedAspects); | |||
| return _entityService.getEntityV2(opContext, entityName, urn, projectedAspects, alwaysIncludeKeyAspect == null || alwaysIncludeKeyAspect); | |||
There was a problem hiding this comment.
Rest.li does have default values, but this works too 😄
david-leifker
commented
Dec 18, 2024
| @@ -522,12 +522,12 @@ cache: | |||
| entityAspectTTLSeconds: | |||
| # cache user aspects for 20s | |||
| corpuser: | |||
There was a problem hiding this comment.
Effects the CachingAspectRetriever
david-leifker
commented
Dec 18, 2024
| @@ -1,9 +1,11 @@ | |||
| package io.datahubproject.openapi; | |||
| package io.datahubproject.openapi.config; | |||
There was a problem hiding this comment.
Important relocation here, previously it was not being picked up.
david-leifker
commented
Dec 18, 2024
| @@ -0,0 +1,54 @@ | |||
| package io.datahubproject.openapi.operations.test; | |||
There was a problem hiding this comment.
Added this for smoke-test
david-leifker
commented
Dec 18, 2024
| @@ -490,45 +492,3 @@ def getAccessTokenMetadata(session, token): | |||
| response.raise_for_status() | |||
|
|
|||
| return response.json() | |||
|
|
|||
There was a problem hiding this comment.
Move to common util
david-leifker
commented
Dec 18, 2024
| @@ -0,0 +1,173 @@ | |||
| import os | |||
There was a problem hiding this comment.
Primary test case for the feat.
datahub-cyborg
bot
added
pending-submitter-response
RyanHolstien
approved these changes
Dec 18, 2024
datahub-cyborg
bot
added
pending-submitter-merge
and removed
pending-submitter-response
david-leifker
merged commit 8c724db
into
datahub-project:master
99 of 105 checks passed
5 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
feat(api): authorization extended for soft-delete and suspended
activeboolean flag incorpUserInfonot supportedcorpUserKey,status,corpUserStatus)Checklist