ADR: New entitlements membership change events

Status

Context & Scope

Many OSDU applications need to react to entitlement’s membership change, feature that is long overdue to be implemented in entitlements service. In addition, assuming almost every other OSDU service relies on entitlements service and cache its data, this notification mechanism could be used to prevent dirty cache scenarios as describe here. The scope of this ADR is the addition of asynchronous pubsub events signalizing the successful operation of the following entitlements service APIs:

DELETE /groups/{group_email}
POST /groups/{group_email}/members
DELETE /groups/{group_email}/members/{member_email}

Trade-off Analysis

The addition of the requested pubsub notification mechanism does not represent a breaking change for any involved API, consequently neither for the consuming applications. It should not introduce any performance degradation either since the event triggering is done asynchronously. Only concerned consuming applications would benefit from this new feature, while it remains completely transparent for others.

Decision

Only at the end of a successful operation, trigger the following events for the given entitlements’ APIs:

DELETE /groups/{group_email}
“entitlementsChangeEvent”: {
   “kind”: “groupDeleted”
   “group”: “<groupName>”
   “user”: “”
   “action”: “”
   “modifiedBy”: “<user identity>”
   “modifiedOn”: “<timestamp>”
}

POST /groups/{group_email}/members
“entitlementsChangeEvent”: {
   “kind”: “groupChanged”
   “group”: “<groupName>”
   “user”: “<user>”
   “action”: “add”
   “modifiedBy”: “<user identity>”
   “modifiedOn”: “<timestamp>”
}

DELETE /groups/{group_email}/members/{member_email}
“entitlementsChangeEvent”: {
   “kind”: “groupChanged”
   “group”: “<groupName>”
   “user”: “<user>”
   “action”: “remove”
   “modifiedBy”: “<user identity>”
   “modifiedOn”: “<timestamp>”
}

Edited Jun 19, 2023 by Thiago Senador