Closed elsand closed 3 weeks ago
Issues
4 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
@coderabbitai full review
[!CAUTION]
Review failed
The pull request is closed.
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?
Description
This implements a authorized-parties based approach to list/search authorization, which should scale better than the current approach.
This builds on the syncronization of data from RR, which contains a map of subjects (role codes and eventually access packages) and resources. This data is persisted in Dialogporten DB, and used as a cache.
A new predicate builder
PrefilterAuthorizedDialogs
replacesWhereUserIsAuthorizedFor
, and constructs a SQL manually in order to propertly handle the new propertySubjectsByParties
inDialogSearchAuthorizationResult
, which is a dict of party->subjects. Each of the roles grant access to a list of resources.This also removes legacy system users, as they cannot be authorized this way (not possible to get a list of parties from Authorization APIs for a legacy system user).
Related Issue(s)
42
Verification
Documentation
docs
-directory, Altinnpedia or a separate linked PR in altinn-studio-docs., if applicable)Summary by CodeRabbit
New Features
Bug Fixes
Documentation
Chores