The GET events endpoint should give an error message if a request provide filter values for both subject and alternative subject

[SandGrainOne]

Description

It's currently possible to filter out all events by providing conflicting values in the subject and alternative subject filter parameters. A relatively simple remedy would be to give an error message if both parameters have a value. It should not be necessary to give both as there are already a built in assumption that the two values points to the same legal entity. Just by different identifiers.

Tasks

• [x] Implement a validation check of parameters and give a 400 respons when both values are defined
  • [x] AppController
  • [x] EventsController
• [x] Unit tests
• [x] Review
• [x] Manual test

Acceptance Criterias

• [x] The Get App Events endpoint gives a 400 respons when both subject and Alternativesubject is given as parameters.
• [x] The GET (generic) Events endpoint gives a 400 respons when both subject and Alternativesubject is given as parameters.

[acn-sbuad]

Testing in AT23.

App

Url: {{EventsBaseUri}}app/ttd/apps-test?size=5&after=1&party=50012356 Header: person:123455 Response:

{
  "type": "https://tools.ietf.org/html/rfc9110#section-15.5.1",
  "title": "Bad Request",
  "status": 400,
  "detail": "Only one of 'Party' or 'Person' can be defined.",
  "traceId": "00-5d75cae18adac09045536df91c62e501-7f0229ceb700dcbe-00"
}

Events

Url: {{EventsBaseUri}}events?resource=urn:altinn:resource:altinnapp_ttd_apps-test&after=0&subject=urn:testing Header: ("Altinn-AlternativeSubject", "267"); Response:

{
  "type": "https://tools.ietf.org/html/rfc9110#section-15.5.1",
  "title": "Bad Request",
  "status": 400,
  "detail": "Only one of 'subject' or 'alternativeSubject' can be defined.",
  "traceId": "00-e10baf1739713b18a702478bd0e35722-f19b7cc9e992421f-00"
}

[acn-sbuad]

regression tests running green after bug fix