Feature/instansdelegering api put and delete#2522
Open
howieandersen wants to merge 9 commits intomainfrom
Open
Feature/instansdelegering api put and delete#2522howieandersen wants to merge 9 commits intomainfrom
howieandersen wants to merge 9 commits intomainfrom
Conversation
instance-level delegations with filtering by party, resource, and instance. Key changes: - Add InstanceIds and IncludeInstances properties to ConnectionQueryFilter - Create ConnectionQueryInstance model for instance query results - Add Instances collection to ConnectionQueryExtendedRecord - Implement LoadInstancesByKeyAsync joining with AssignmentInstance table - Add ResourceId filtering to scope instances to specific resources - Implement GetResourceInstances service method in ConnectionService - Add MapConnectionsToInstancePermissions helper for DTO mapping - Implement GetInstances controller endpoint with validation Uses existing AssignmentInstance table as the data source for instance delegations, following the pattern of Connection view for querying.
…ailed permission breakdown for direct and indirect access paths. Key changes: - Add GetInstanceRightsToOthers/FromOthers methods to IConnectionService - Implement GetInstanceRights query method in ConnectionService - Create AssignmentInstanceQueryResult model for instance delegation queries - Query AssignmentInstance table with Direct, KeyRole, and Hierarchy patterns - Add GetInstanceRights controller endpoint with all required parameters - Return ExtInstanceRightDto with DirectRights and IndirectRights arrays - Follow established patterns from GET /resources/rights endpoint Queries support filtering by party relationships and handle access through key roles and entity hierarchy as per acceptance criteria.
…elegations Implements endpoint for delegating rights to specific instances using InstanceRight and InstanceRule models with URN types for isolated instance authorization.
Implements delegation check for instance-specific rights. Returns which rights the authenticated user can delegate to others for a given instance. - Added InstanceCheckDto response model with Resource, Instance, and Rights - Added InstanceDelegationCheck method to IConnectionService/ConnectionService - Activated CheckInstance controller endpoint with required party, resource, and instance parameters - Reuses existing delegation check logic for packages, roles, resources, and access lists
Implements update (replace) operation for instance-specific rights delegation. Unlike POST which adds rules, PUT replaces all existing rules with new ones. - Added UpdateInstance method to IConnectionService/ConnectionService - Calls InstanceDelegationCheck for instance-specific validation - Uses TryWriteInstanceDelegationPolicyRules with ignoreExistingPolicy: true - Activated UpdateInstanceRights controller endpoint with required parameters
Implements deletion of instance-specific rights delegations. Removes only direct delegations between parties for a specific instance, leaving inherited delegations via key roles intact. - Added RemoveInstance method to IConnectionService/ConnectionService - Clears policy rules before removing AssignmentInstances record - Fixed route to DELETE /resources/instances (was incorrectly /resources) - All parameters (party, from, to, resource, instance) are required
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Adding functionality for instance delegation to Enduser API ConnectionsController with the following new endpoints:
Related Issue(s)
To be merged in this PR:
PUT /connections/resources/instances/rights- Update instance right delegationDELETE /connections/resources/instances- Remove instance delegationVerification
Documentation