Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mutliple Observation in API Endpoint "/api/policy-hub/policy-content #57

Open
mkanal opened this issue Feb 28, 2024 · 1 comment
Open

Mutliple Observation in API Endpoint "/api/policy-hub/policy-content #57

mkanal opened this issue Feb 28, 2024 · 1 comment
Assignees
@jjeroch
Labels
bug Something isn't working

Comments

@mkanal
Copy link

mkanal commented Feb 28, 2024
edited
Loading

Reference:

Observation 1:

Requesting API Endpoint "/api/policy-hub/policy-content" Membership Key with invalid Value.

Endpoint: /api/policy-hub/policy-content
Request body

{
    "PolicyType": "Usage",
    "ConstraintOperand": "And",
    "Constraints": [
        {
            "Key": "Membership",
            "Operator": "Equals",
            "Value": "XXXXXX"
        }
    ]
}

Current Behavior

Response contains valid rightOperand="active",

"odrl:and": [
                    {
                        "leftOperand": "Membership",
                        "operator": "eq",
                        "rightOperand": "active"
                    }
                ]

Expected Behavior

Instead of correcting the constraint, an error was expected with details addressing the incorrect value.

Remark:

Is this a misunderstanding of the functionality of the endpoint the behavior correctly?

Observation 2:

Requesting API Endpoint "/api/policy-hub/policy-content " "Key": "FrameworkAgreement.traceability" and invalid value

Endpoint: /api/policy-hub/policy-content
Request body

{
    "PolicyType": "Usage",
    "ConstraintOperand": "And",
    "Constraints": [
        {
            "Key": "FrameworkAgreement.traceability",
            "Operator": "Equals",
            "Value" : "active:28.0"
        }
    ]
}

Current Behavior

 "@type": "Offer",
        "@id": "....",
        "permission": {
            "action": "use",
            "constraint": {
                "odrl:and": [
                    {
                        "leftOperand": "FrameworkAgreement.traceability",
                        "operator": "eq",
                        "rightOperand": "@FrameworkAgreement.traceability-Version"
                    }
                ]
            }
        }
    },
    "attributes": [
        {
            "key": "@FrameworkAgreement.traceability-Version",
            "possibleValues": [
                "active:1.0",
                "active:1.1",
                "active:1.2"
            ]
        }
    ]

Expected Behavior

Instead of providing an attribute list with possible Values, an error was expected with details addressing an incorrect value.

Remark:

Is this a misunderstanding of the functionality of the endpoint, the behavior correctly?

Observation 3:

Requesting API Endpoint "/api/policy-hub/policy-content " "Key": "BusinessPartnerNumber" and invalid Value

{
    "PolicyType": "Usage",
    "ConstraintOperand": "And",
    "Constraints": [
            {
            "Key": "BusinessPartnerNumber",
            "Operator": "Equals",
            "Value": "BPNL00000003"
        }

As expected, an 400 with error description is returned

{
    "type": "https://tools.ietf.org/html/rfc7231#section-6.5.1",
    "title": "One or more validation errors occurred.",
    "status": 400,
    "errors": {
        "value": [
            "The provided value BPNL00000003 does not match the regex pattern ^BPNL[\\w|\\d]{12}$ (Parameter 'value')"
        ]
    },
    "errorId": "5134512d-0eae-4cec-ad53-4a249f013269",
    "details": []
}

Observation 4:

Requesting API Endpoint "/api/policy-hub/policy-content " "Key": "purpose" and no value

Endpoint: /api/policy-hub/policy-content
Request body

{
    "PolicyType": "Usage",
    "ConstraintOperand": "And",
    "Constraints": [
           {
            "Key": "purpose",
            "Operator": "Equals"
        }

    ]
}

Current Behavior

{
    "content": {
        "@context": [
            "https://www.w3.org/ns/odrl.jsonld",
            {
                "cx": "https://w3id.org/catenax/v0.0.1/ns/"
            }
        ],
        "@type": "Offer",
        "@id": "....",
        "permission": {
            "action": "use",
            "constraint": {
                "odrl:and": [
                    {
                        "leftOperand": "purpose",
                        "operator": "eq",
                        "rightOperand": "{dynamicValue}"
                    }
                ]
            }
        }
    }
}

Expected Behavior

Instead of {dynamicValue} values valid values are expected. In case calling {{baseUrl}}/api/policy-hub/policy-types?useCase=Traceability the purpose is well-defined

 {
        "technicalKey": "purpose",
        "type": [
            "Usage"
        ],
        "description": "",
        "useCase": [
            "Traceability"
        ],
        "attribute": [
            {
                "key": "Static",
                "value": "ID Trace 3.1"
            }
        ],
        "technicalEnforced": false
    }

Observation 5:

What is the purpose of "technicalEnforced": false /true? What impact has this regarding a business, app?

Observation 6:

Endpoint: /api/policy-hub/policy-content
Request body

{
    "PolicyType": "Usage",
    "ConstraintOperand": "And",
    "Constraints": [
           {
            "Key": "purpose",
            "Operator": "Equals",
            "Value": "By accepting this policy you have to pay 1K BC"
        }

    ]
}

Current Behavior

{
    "PolicyType": "Usage",
    "ConstraintOperand": "And",
    "Constraints": [
           {
            "Key": "purpose",
            "Operator": "Equals",
            "Value": "By accepting this policy you have to pay 1K BC"
        }

    ]
}

Expected Behavior`

Error message with http status code 400 that value is not allowed. Only "ID Trace 3.1" is allowed.

Observation 7:

Why namespace is only used for logicalOperand Or and And ?

image
@mkanal mkanal added the bug Something isn't working label Feb 28, 2024
@jjeroch
Copy link
Contributor

jjeroch commented Mar 10, 2024
edited
Loading

@mkanal thanks for the input.

  • Observation 1: 50:50....as we spoke last week; yes the endpoint is not supposed to get used to validate an policy rule; instead this endpoint creates the correct policy rule/template. However still I agree that we should ideally provide a different feedback
  • Observation 2: same as above - Unexpected response for POST policy-content - Purpose #68
  • Observation 3: yes that looks good/better
  • Observation 4: will recheck it
  • Observation 5: It informs you whether this policy is automatically validated. If the value is 'true', it indicates that the requesting customer compliance of that policy will get validated as part of the communication between the connectors. Please let me know if you have any suggestions for better wording.
  • Observation 6: thanks; thats an defect; we will fix it asap - Unexpected response for POST policy-content - Purpose #68
  • Observation 7: this will completely change with 24.05.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jjeroch jjeroch

Labels
bug Something isn't working
Projects
Portal
Status: IN PROGRESS
Milestone
No milestone
Development

No branches or pull requests
4 participants
@evegufy @jzbmw @jjeroch @mkanal