Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use presence of org in user claims for conditionally setting read status on instance create #887

Merged
merged 1 commit into from
Nov 14, 2024

Conversation

chrrust
Copy link
Contributor

@chrrust chrrust commented Nov 6, 2024

Description

Uses the presence of org in user claim to conditionally set created instance to read or unread. The problem this tries to solve is when the instance is created by a different org than owns the instance. This is the case for Digital Gravferdsmelding. This project uses Digdir as Maskinporten-tenant, but the apps are owned by Statsforvalteren i Vestfold og Telemark (sfvt).

Related Issue(s)

N/A

Verification

  • Your code builds clean without any errors or warnings
  • Manual testing done (required)
  • Relevant automated test added (if you find this hard, leave it and we'll help out)
  • All tests run green

Documentation

  • User documentation is updated with a separate linked PR in altinn-studio-docs. (if applicable)

@ivarne ivarne added the bugfix Label Pull requests with bugfix. Used when generation releasenotes label Nov 6, 2024
Copy link
Member

@ivarne ivarne left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

This is just about the read status, and the access for cross service owner writes is still regulated by policy.xml

@ivarne ivarne requested a review from martinothamar November 6, 2024 12:27
Copy link
Contributor

@martinothamar martinothamar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmmm I'm not sure I'm comfortable with a behavior change like this. I don't know that no one else relies on the current behavior (or will have their internal workflow impacted in some way)

@ivarne
Copy link
Member

ivarne commented Nov 6, 2024

This is just about the read status of the instance (as shown in Altinn inbox). As long as it is an api call with a service owner token, it should never be marked as read.

@chrrust chrrust force-pushed the chrrust/readstatus branch 4 times, most recently from 79f3699 to 480a01a Compare November 8, 2024 09:34
@chrrust
Copy link
Contributor Author

chrrust commented Nov 14, 2024

Any updates on the review of this?

@ivarne ivarne merged commit c4f86b5 into Altinn:main Nov 14, 2024
10 checks passed
@danielskovli danielskovli changed the title use presence of org in user claims for conditionally setting read status on instance create Use presence of org in user claims for conditionally setting read status on instance create Jan 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bugfix Label Pull requests with bugfix. Used when generation releasenotes
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

4 participants