feat: NET-3663 add endpoint owners/get#4787
Conversation
tpurschke
changed the title
IsStandardOwner used a Contains("app") substring check, so an external
app id like "MAPP-1" was wrongly classified as a standard owner. Use a
StartsWith("APP") prefix check to match the modelling naming convention
(ModellingManagedIdString), and add a regression test case.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Revert the IsStandardOwner logic change and instead document the existing behaviour: owner type is derived from appIdExternal, "standard" when it contains "app" (case-insensitive), "infrastructure" otherwise. Documented in the endpoint Swagger remarks and the response model. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
tpurschke
changed the title
Elutrixx
left a comment
Elutrixx
left a comment
There was a problem hiding this comment.
Personal Feedback: In my head this is missing a validation layer before data given by the third party is used. This was a problem with my first GetRulesByFilter endpoint that I tried to fix in my newer set of endpoints and has lead to several "bugs" that were simply uncaught validation problems. It CAN be ignored but its debatable wheter it should.
Relevant Feedback
Medium: the name/appId filters do not match the documented wildcard contract. In OwnersController.cs:229-234, BuildLikePattern() converts * and ? but leaves raw % and _ untouched, so a plain search term such as APP_1 behaves like a broader SQL pattern instead of a literal contains search. The controller remarks say only * and ? are wildcards, so % and _ need escaping before _ilike is sent.
Open Questions:
Was this tested on the customer machine? The SQL patterns seem rather intricate to me so it might be useful to check if they work with varying infrastructure as well
|
|
2 participants
Summary
Adds the
/api/owners/getmiddleware endpoint for issue #4778.Changes
Owners endpoint
getOwnersFiltered) and wires it intoOwnerQueries.OwnersControllerwith role restriction toadmin,auditor, andmodeller.nameandappIdExternalusing*and?.x-hasura-editable-ownersJWT claim.showDetails: when omitted/falseonly core fields are returned; whentruethe full owner detail set is returned (GetOwnerResponse).showOnlyActiveState: by default owners whose lifecycle state is inactive are filtered out (owners without a lifecycle state are kept); set tofalseto include inactive-state owners.typeis derived fromappIdExternal:standardwhen the external app id containsapp(case-insensitive),infrastructureotherwise (including owners without an external app id).ownerDetailsfragment andFwoOwnerwith the owner lifecycle state (id,name,active_state).Owner report (
ReportOwners)ExportTestexpectations.Documentation (off topic)
Tests
OwnersControllerTestcovering route/auth metadata, filter variables, wildcard conversion, modeller scoping,showDetails/showOnlyActiveStatebehavior, owner-type classification, and response type mapping.ExportTestandSimulatedUserConfigfor the new owner lifecycle state fields.