search

Altinn / altinn-storage

Altinn platform microservice for handling instance storage
2 stars 3 forks source link

Support system user in all products #470

Closed olebhansen closed 1 month ago

olebhansen commented 3 months ago

Description

Relevant Authentication-tasks: https://github.com/Altinn/altinn-authentication/issues/200 https://github.com/Altinn/altinn-authentication/issues/331

See more doc at: https://docs.altinn.studio/nb/authentication/what-do-you-get/systemuser/ https://docs.altinn.studio/nb/authentication/guides/systemauthentication-for-apiproviders/ https://docs.altinn.studio/nb/authentication/guides/systemauthentication-for-systemproviders/

Storage: Storage must accept API calls with only the system user in the context, not a user-id. Instance-events must propagate "something else"

Other products: analyze if change is needed (varsel not in scope due to being a service owner service) (profil not in scope - having no profile is a valid and expected case... maybe :-) ...check how "/current" behaves )

Apps has a dependency (soft) on this in how calls behave and/or they mus avoid calls in certain cases. If storage is not working, this is a priority. (TBD - link relevant epics/stories)

Questions: Is it possible to extract the system name form the context?

need to re-work tests

Assumption: We continue to do an exchange from Maskinporten to Altinn Token.

In scope

No response

Out of scope

support Maskinporten-tokens directly. Issue: Org-check needs to be re-written (and possibly org must be added to/from the Maskinporten claim.

Additional Information

No response

Tasks

- [ ] https://github.com/Altinn/altinn-storage/issues/471
- [ ] https://github.com/Altinn/altinn-events/issues/576
- [ ] https://github.com/Altinn/altinn-profile/issues/172
- [ ] https://github.com/Altinn/altinn-pdf/issues/67
olebhansen commented 1 month ago

Closing. Continued as epic in https://github.com/Altinn/team-core-private/issues/71