When using admin-scope, dialog.Org should be set to service resource owner #1409
Assignees
Labels
bug
Something isn't working
Comments
4 tasks
4 tasks
4 tasks
elsand
added a commit
that referenced
this issue
Nov 26, 2024
…ogs (#1529) ## Description This implements a proper handling of serviceprovider.admin-scope, where the "org"-value for the actual service resource is used instead of always being "digdir". This also maintains the possibility for the admin-scope-wielder to access and update the dialog afterwards. The search-endpoint is however not changed (will only display actually owned dialogs, and requiring search-scope) ## Related Issue(s) - #1409 ## Verification - [x] **Your** code builds clean without any errors or warnings - [x] Manual testing done (required) - [x] Relevant automated test added (if you find this hard, leave it and we'll help out) ## Documentation - [ ] Documentation is updated (either in `docs`-directory, Altinnpedia or a separate linked PR in [altinn-studio-docs.](https://github.com/Altinn/altinn-studio-docs), if applicable) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit ## Release Notes - **New Features** - Added a new property `OwnOrgShortName` to enhance resource information. - Introduced conditional filtering in various query handlers to improve access control based on user roles. - Expanded testing coverage for service owners with admin capabilities. - **Bug Fixes** - Improved error handling for missing organization information in dialog creation. - **Documentation** - Updated test setup to reflect changes in dependencies for dialog creation tests. - **Chores** - Modified API call in tests to retrieve a larger number of dialog items. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
elsand
moved this from Code Review og PR
to Testing / Design QA
in Dialogporten / Arbeidsflate
4 tasks
oskogstad
pushed a commit
that referenced
this issue
Nov 26, 2024
## Description This causes any deserialization exceptions happening when fetching caches to trigger a factory run, instead of bubbling up and hitting the global exception handler. This error was introduced in #1409, which added a non-nullable field to an entity that existed in the distributed cache. ## Related Issue(s) - #1409 ## Verification - [x] **Your** code builds clean without any errors or warnings - [x] Manual testing done (required) - [ ] Relevant automated test added (if you find this hard, leave it and we'll help out) ## Documentation - [ ] Documentation is updated (either in `docs`-directory, Altinnpedia or a separate linked PR in [altinn-studio-docs.](https://github.com/Altinn/altinn-studio-docs), if applicable)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
The admin-scope short circuits the
AuthorizeServiceResourcescheck, such that the calling system can create dialogs for any service resource. This is meant for othter internal writing Altinn integrations, such as correspondence and the Altinn Storage.The
Orgpopulation is however always performed based on the authenticated user, which causes "Digitaliseringsdirektoratet" to be the sender for all correspondence.Reproduction
digdir:dialogporten.serviceprovider.adminExpected behavior
The dialog should have the "Org" field set to "ske"
Actual behavior
The dialog has the "Org" field set to "digdir"
Additional information
If there is additional context that is relevant to include.
The text was updated successfully, but these errors were encountered: