Entitlements merge requestshttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests2024-03-22T11:13:34Zhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/642Added oid validation for azure2024-03-22T11:13:34ZDeepa KumariAdded oid validation for azureAdded OID validation for Azure, below scenarios covered with the help of https://community.opengroup.org/osdu/platform/system/lib/cloud/azure/os-core-lib-azure/-/merge_requests/340
Issue: https://community.opengroup.org/osdu/platform/se...Added OID validation for Azure, below scenarios covered with the help of https://community.opengroup.org/osdu/platform/system/lib/cloud/azure/os-core-lib-azure/-/merge_requests/340
Issue: https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/issues/166
1. Group
2. Default Service principal Client ID/OID, multiple service principal's in environment
3. User
4. All validations are behind feature flag and apply to User type of node being added from entitlements.
Common code changes:
1. Only integration tests where overriding member to be added was necessary, so stubbed it additional default members inside ConfigurationService class, and tests referring from there, instead of direct hardcoded values
Azure:
1. Added other validations for integration tests, uncovered from common scenarios, additional variables introduced:
- AZURE_AD_VALID_OID_USER1
- AZURE_AD_VALID_OID_USER2
- AZURE_AD_NO_DATA_ACCESS_SP_OID
- AZURE_AD_GROUP_OIDM23 - Release 0.26Deepa KumariDeepa Kumarihttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/634Fix 500 errors for invalid partition2024-03-04T14:22:11ZDerek HudsonFix 500 errors for invalid partitionFixes the error message when an invalid partition is specified.
It used to return a 500 error, but with the latest core code change, it will now return a 4XX code.Fixes the error message when an invalid partition is specified.
It used to return a 500 error, but with the latest core code change, it will now return a 4XX code.M23 - Release 0.26Derek HudsonDerek Hudsonhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/613[MSCOSDU-1894] fix plexus-utils and maven-core vulnerabilities2024-01-24T19:37:33ZVidyaDharani Lokam[MSCOSDU-1894] fix plexus-utils and maven-core vulnerabilities# Change details
### For Common Code
* excluded unused `maven-core` dependency.
* upgraded `plexus-utils` to `4.0.0`.
* upgraded `commons-collections` to `3.2.2`.
# Changes in:
* [x] GCP
* [x] Azure
* [x] AWS
* [x] IBM# Change details
### For Common Code
* excluded unused `maven-core` dependency.
* upgraded `plexus-utils` to `4.0.0`.
* upgraded `commons-collections` to `3.2.2`.
# Changes in:
* [x] GCP
* [x] Azure
* [x] AWS
* [x] IBMM23 - Release 0.26VidyaDharani LokamVidyaDharani Lokamhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/604[MSCOSDU-1984] Add count members api2024-01-24T19:37:33ZDeepa Kumari[MSCOSDU-1984] Add count members apiThis is an implementation of additional feature requested by Azure users. Details, are mentioned here: #139 .
Below changes were made:
1. Add new API to count the members of a particular group, access rules are same as that of list memb...This is an implementation of additional feature requested by Azure users. Details, are mentioned here: #139 .
Below changes were made:
1. Add new API to count the members of a particular group, access rules are same as that of list member API
1. Listing member count by Role is supported.
2. Unit tests and Integration tests have been added.M23 - Release 0.26Deepa KumariDeepa Kumarihttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/603[#MSCOSDU-1960] fix: Remediate [spring-security-core, json-smart] vulnerability2024-01-02T04:41:52ZThulasi Dass Subramanian[#MSCOSDU-1960] fix: Remediate [spring-security-core, json-smart] vulnerability# Change details
### For Common Code
- upgraded `json-smart` version to `2.5.0`
- upgraded `spring-security-core` version to `5.8.9`
### For Azure
- upgraded `reactor-netty` related depedencies to version `1.1.14`
- remediate `container...# Change details
### For Common Code
- upgraded `json-smart` version to `2.5.0`
- upgraded `spring-security-core` version to `5.8.9`
### For Azure
- upgraded `reactor-netty` related depedencies to version `1.1.14`
- remediate `container_scanning` flagged vulnerabilities
`okio-jvm`, `jackson-databind`
# Changes in:
* [x] GCP
* [x] Azure
* [x] AWS
* [x] IBMM23 - Release 0.26Thulasi Dass SubramanianThulasi Dass Subramanianhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/600Use full URL instead of relative path2024-03-19T17:08:41ZLawrence ChanUse full URL instead of relative path* Issue Reference: [#68](https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/issues/68)
* Added configuration `api.server.fullUrl.enabled` to enable full server url in OpenAPI swagger
* Currently only in Azure i...* Issue Reference: [#68](https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/issues/68)
* Added configuration `api.server.fullUrl.enabled` to enable full server url in OpenAPI swagger
* Currently only in Azure it is enabled. For Other \[CSP/Common Core\] there is no change.
* Added the property `server.servlet.contextPath` to the test properties otherwise it fails when initializing the server for springboot unit tests.
### Configuration Details
* `api.server.fullUrl.enabled=true` It will generate full server url in the OpenAPI swagger
* `api.server.fullUrl.enabled=false` It will generate only the contextPath
* Reference: https://springdoc.org/faq.html#_how_is_server_url_generatedM23 - Release 0.26https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/596Cherry-pick 'Full Upgrade of First Party Library Dependencies for Release 0.2...2023-12-16T10:26:16ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Full Upgrade of First Party Library Dependencies for Release 0.25' into release/0.25**Original MR**: !595
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !595
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/pipelines/new?ref=cherry-pick-for-595)M22 - Release 0.25David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/595Full Upgrade of First Party Library Dependencies for Release 0.252023-12-15T19:40:00ZDavid Diederichd.diederich@opengroup.orgFull Upgrade of First Party Library Dependencies for Release 0.25This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to try to fully upgrade all dependent libraries to see if the latest code will work.
It is expected that these will ...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to try to fully upgrade all dependent libraries to see if the latest code will work.
It is expected that these will often fail, since the upgrades were previously rejected for failing pipelines and have not been directly addressed yet.
This upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
This MR may co-exist with a separate, smaller upgrade MR.
If both pass, this one should be used instead.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 8cc6c59071b5c10edf313985ab112de9fa351e1b
Maven: 0.26.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| --------------------------------------------------- | ------------------ | --------------- |
| apd-core | 0.24.0-rc1 | |
| core-lib-azure | 0.25.0-rc2 | 0.24.0 |
| core-lib-gc | 0.24.0 | |
| core-plus-common-lib | 0.24.0-rc3 | |
| core-test-lib-gcp | | 0.22.0 |
| os-core-lib-aws | 0.25.0-rc3 | 0.25.0-rc3 |
| oqm | 0.24.0 | |
| os-core-common | 0.25.0-rc3, 0.24.0 | 0.24.0 |
| os-core-lib-ibm | 0.24.0 | 0.24.0 |
| os-oqm-core | 0.25.0-rc1 | |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 1.27, 2.0 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: ad64df86f182e195201b213b2b09985800aa7092
Maven: 0.26.0-SNAPSHOT
```
| Maven Dependencies | testing/ | _Root_ |
| --------------------------------------------------- | --------------- | ------ |
| core-lib-azure | 0.25.0 | |
| core-test-lib-gcp | 0.22.0 | |
| os-core-lib-aws | 0.25.0 | |
| os-core-common | 0.25.0 | 0.25.0 |
| os-core-lib-ibm | 0.25.0 | |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.2, 2.13.3 | 2.17.1 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.2, 2.13.3 | 2.17.1 |
| (3rd Party) org.yaml.snakeyaml | 1.30, 1.27, 2.0 | 2.0 |M22 - Release 0.25https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/594Cherry-pick '[MSCOSDU-1854] fix: upgrade azure core lib and core common lib' ...2023-12-12T10:21:49ZDavid Diederichd.diederich@opengroup.orgCherry-pick '[MSCOSDU-1854] fix: upgrade azure core lib and core common lib' into release/0.25**Original MR**: !592
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !592
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/pipelines/new?ref=cherry-pick-for-592)M22 - Release 0.25David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/592[MSCOSDU-1854] fix: upgrade azure core lib and core common lib2023-12-12T03:57:41ZDeepa Kumari[MSCOSDU-1854] fix: upgrade azure core lib and core common libVulnerability Fixes: json, netty-codec-http2
Upgraded:
1. core-lib-azure: from 0.24.0 to 0.25.0-rc2
2. os-core-common: from 0.24.0 to 0.25.0-rc3
2. org.json: from 20220924 to 20231013
3. netty: from 4.1.98 to 4.1.101
4. spring-security-c...Vulnerability Fixes: json, netty-codec-http2
Upgraded:
1. core-lib-azure: from 0.24.0 to 0.25.0-rc2
2. os-core-common: from 0.24.0 to 0.25.0-rc3
2. org.json: from 20220924 to 20231013
3. netty: from 4.1.98 to 4.1.101
4. spring-security-core: from 5.7.6 to 5.8.2
Separated org.json and added it separately as upgrading the os-core-common was breaking the build.M22 - Release 0.25Deepa KumariDeepa Kumarihttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/586Add support for RequestRejectedHandler2023-11-23T09:27:59ZVidyaDharani LokamAdd support for RequestRejectedHandlerAdd RequestRejectedHandler to change the response code to 400 when there is a RequestRejectedException instead of 500.
Fixes issues:
#127 #128 #129 .Add RequestRejectedHandler to change the response code to 400 when there is a RequestRejectedException instead of 500.
Fixes issues:
#127 #128 #129 .M22 - Release 0.25VidyaDharani LokamVidyaDharani Lokamhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/580Adds an Integration Test to ensure that the data root group is added as a mem...2023-11-20T14:14:37ZDerek HudsonAdds an Integration Test to ensure that the data root group is added as a member of newly created groupsAdds an integration tests that ensures that newly created data groups are not added to the root group and that the root group is added to the created data group.
Currently requires the `disable-data-root-group-hierarchy` feature flag to...Adds an integration tests that ensures that newly created data groups are not added to the root group and that the root group is added to the created data group.
Currently requires the `disable-data-root-group-hierarchy` feature flag to be disabled. Might need to be changed if this fails for other CSPs.
This should ensure that [this issue](https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/issues/109) is fixed for all Cloud Service Providers.
The AWS test will fail until the AWS team merges back to master.M22 - Release 0.25Derek HudsonDerek Hudsonhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/564Full Upgrade of First Party Library Dependencies2023-10-03T14:46:02ZChad LeongFull Upgrade of First Party Library DependenciesThis generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the C...This generated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep all dependent libraries up to date.
This upgrade can be merged immediately without further approval if the CI pipeline reports success.
If this MR has failed, we need to work with the maintainers and affected provider teams to find a solution.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: ecd09e3cfcba811bd9fef9e1cf616f55a247f68b
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| --------------------------------------------------- | ---------- | ------------------------------------------ |
| core-lib-azure | 0.24.0-rc3 | 0.24.0-rc3 |
| core-lib-gc | 0.24.0-rc3 | |
| core-test-lib-gcp | | 0.20.0 |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| oqm | 0.23.0 | |
| os-core-common | 0.24.0-rc3 | 0.23.1, 0.24.0-rc3, 0.22.0-rc4, 0.21.0-rc4 |
| os-core-lib-ibm | 0.23.0 | 0.23.0 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 1.27, 2.0 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade
SHA: 7c22956221512630a53e9ac6d5448d2cc636ed60
Maven: 0.24.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| --------------------------------------------------- | ---------- | ------------------ |
| core-lib-azure | 0.24.0-rc3 | 0.24.0-rc3 |
| core-lib-gc | 0.24.0-rc3 | |
| core-test-lib-gcp | | 0.22.0 |
| os-core-lib-aws | 0.23.0 | 0.23.0 |
| oqm | 0.23.0 | |
| os-core-common | 0.24.0-rc3 | 0.23.3, 0.24.0-rc3 |
| os-core-lib-ibm | 0.23.0 | 0.23.0 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.13.3 |
| (3rd Party) org.yaml.snakeyaml | 2.0 | 1.30, 1.27, 2.0 |M21 - Release 0.24https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/558Cherry-pick 'Added redis connection error handling (GONRG-7597)' into release...2023-09-26T10:17:22ZDavid Diederichd.diederich@opengroup.orgCherry-pick 'Added redis connection error handling (GONRG-7597)' into release/0.23**Original MR**: !556
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !556
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/pipelines/new?ref=cherry-pick-for-556)M20 - Release 0.23David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/556Added redis connection error handling (GONRG-7597)2023-09-20T07:56:47ZYurii Ruban [EPAM / GCP]Added redis connection error handling (GONRG-7597)# Description:
In case of loss of connection between the service and Redis, the processing of requests to the service is delayed, and an error of the type "Command timed out after 30 SECONDS" is received. Added Redis connection error han...# Description:
In case of loss of connection between the service and Redis, the processing of requests to the service is delayed, and an error of the type "Command timed out after 30 SECONDS" is received. Added Redis connection error handling. Issue https://community.opengroup.org/osdu/platform/system/lib/core/os-core-common/-/issues/72
# How to test:
1. Turn off the Redis.
2. Get the result of a request to the service without errors.
3. Check logs with the message "Redis connection is closed."
# Changes include:
- [x] Bugfix (a non-breaking change that solves an issue).
# Changes in:
- [x] GCP
- [x] Azure
- [x] AWS
- [x] IBMM21 - Release 0.24Riabokon Stanislav(EPAM)[GCP]Riabokon Stanislav(EPAM)[GCP]https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/555Revert "Merge branch 'check-redis-connection' into 'master'"2023-09-26T11:14:21ZRiabokon Stanislav(EPAM)[GCP]Revert "Merge branch 'check-redis-connection' into 'master'"This reverts merge request !536This reverts merge request !536M21 - Release 0.24https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/538fix import conflicts after last not synced merge2023-08-24T10:28:15ZRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comfix import conflicts after last not synced mergeMR: https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/530 was not synchronized with the master branch prior merge. Conflict in imports causes compile failure.MR: https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/530 was not synchronized with the master branch prior merge. Conflict in imports causes compile failure.M20 - Release 0.23Rustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/536Added check redis connection (GONRG-7597)2023-09-18T07:00:18ZYurii Ruban [EPAM / GCP]Added check redis connection (GONRG-7597)# Description:
In case of loss of connection between the service and Redis, the processing of requests to the service is delayed, and an error of the type "Command timed out after 30 SECONDS" is received. Added Redis connection health ch...# Description:
In case of loss of connection between the service and Redis, the processing of requests to the service is delayed, and an error of the type "Command timed out after 30 SECONDS" is received. Added Redis connection health checks. Issue https://community.opengroup.org/osdu/platform/system/lib/core/os-core-common/-/issues/72
# How to test:
1. Choose a service with core common lib.
2. Сheck service viability.
3. Turn off the Redis.
4. Get the result of a request to the service without errors.
5. Check logs with the message "Redis connection is closed.".
# Changes include:
- [ ] Bugfix (a non-breaking change that solves an issue).
# Changes in:
- [ ] GCP
- [ ] Azure
- [ ] AWS
- [ ] IBMM21 - Release 0.24Rustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/530Forward Reason For 403 when data partition is Invalid in AuthFilter2023-08-24T10:22:58ZHamdaan KhalidForward Reason For 403 when data partition is Invalid in AuthFilterThis PR forwards the reason for the 403 response from entitlements Auth Filter when the data partition ID is invalid.
We had a customer experience an issue due to a call they made to storage service, which led them to a 403 without a des...This PR forwards the reason for the 403 response from entitlements Auth Filter when the data partition ID is invalid.
We had a customer experience an issue due to a call they made to storage service, which led them to a 403 without a descriptive message. The 403 and the lack of the message description came from a subsequent call to the Entitlements service, which due to an invalid data partition id, was returning a 403 without any hints as to the error coming from the invalid data partition id.
Their understanding was that this was due to an error with their token. This PR aims to include some more details on the response without changing the status on the response to maintain backwards compatibility, while still providing the user ability to debug their workflow correctly.
A subsequent PR will be made in storage to propagate the response body correctly to the user.M20 - Release 0.23Hamdaan KhalidHamdaan Khalidhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/529Reduce cache IOPS2023-08-09T15:08:35ZRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comReduce cache IOPS# Description:
Issue: https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/issues/124
# How to test:
IOPS pressure under the load drops, especially for users with > 1k groups.
# Changes include:
- [x] ...# Description:
Issue: https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/issues/124
# How to test:
IOPS pressure under the load drops, especially for users with > 1k groups.
# Changes include:
- [x] Refactor (a non-breaking change that improves code maintainability).
- [ ] Bugfix (a non-breaking change that solves an issue).
- [ ] New feature (a non-breaking change that adds functionality).
- [ ] Breaking change (a change that is not backward-compatible and/or changes current functionality).
# Changes in:
- [x] Common code
# Dev Checklist:
- [ ] Added Unit Tests, wherever applicable.
- [ ] Updated the Readme, if applicable.
- [x] Existing Tests pass
- [x] Verified functionality locally
- [x] Self Reviewed my code for formatting and complex business logic.M20 - Release 0.23Rustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.com