ADR: Option to restrict group's ancestry in deep to show only direct parents
Status
-
Proposed -
Trialing -
Under review -
Approved -
Retired
Context & Scope
Currently there is no option to restrict group's ancestry in deep to show only direct parents, but it is nice to have one because the full group output is too verbose in some cases.
We are proposing a new optional parameter directParentsOnly for this purpose
Trade-off Analysis
We need such a parameter to have more REST API convenience and flexibility here.
Decision
Create a new optional boolean parameter directParentsOnly (in the ListGroupOnBehalfOfApi controller) to get all groups created in the partition.
@GetMapping("/members/{member_email}/groups")
@PreAuthorize("@authorizationFilter.hasAnyPermission('" + AppProperties.OPS + "', '" + AppProperties.ADMIN + "')")
public ResponseEntity<ListGroupResponseDto> listGroupsOnBehalfOf(@PathVariable("member_email") String memberId,
@RequestParam(name="type", required = false) String type,
@RequestParam(name="appid", required = false) String appId,
@RequestParam(value = "directParentsOnly", required = false) boolean directParentsOnly) {
Example pseudocode:
when requesting a list of Groups which are a User's membership:
curl -L -X GET '<env-base-url>/api/entitlements/v2/members/<user-email>/groups?type=NONE&directParentsOnly=true' \
-H 'data-partition-id: osdu' -H 'Authorization: Bearer <token>'
when requesting a list of Groups which are a Group's ancestry:
curl -L -X GET \
'<env-base-url>/api/entitlements/v2/members/<group-name>@<data-partition-id>.<domain>/groups?type=NONE&directParentsOnly=true' \
-H 'data-partition-id: osdu' -H 'Authorization: Bearer <token>'