ensure compatibility between Okapi 3.0 and mod-perms/mod-authtoken

Description

We have discussed the following approach:

mod-permission "permission" interface MUST be upgraded to 5.3 from current 5.2 and mod-authtoken dependency on this interfaces must be updated to 5.3
_tenantPermission system interface should be updated to 1.1 from current 1.0 and Okapi 3.0 should check which version is provided at runtime:
if 1.0 is provided, Okapi should fallback to the old behavior which does not wrap modulePermission in a "system" set OR it should fail (@Adam Dickmeiss @Hongwei Ji I think failure is acceptable since Okapi 3.0 does not need to be backwards compatible with 2.x and it could simplify code paths
if 1.1 is provided Okapi should wrap modulePermission sets in a "system" set (before posting to mod-permissions) AND use these sets in the X-Module-Permission header (behavior for 3.0)

Environment

None

Potential Workaround

None

Linked issues

blocks

OKAPI-836

Release Okapi for Q2

MODPERMS-81

Release mod-permissions for Q2

MODAT-73

Release mod-authtoken for Q2

relates to

OKAPI-855

Incorrect for _tenantPermissions interface version.

MODPERMS-85

Invalid CQL when encoding permission name value

Checklist

hide

TestRail: Results

Activity

Show:

Adam Dickmeiss May 20, 2020 at 11:54 AM

Looks good.

I prefer that when _tenantPermisions 1.0 is provided, it will just not expand. That is "less" code than expanding and pose no problem for maintenance IMHO.

Done

Details

Assignee

Hongwei Ji

Reporter

Jakub Skoczen

Labels

platform-backlog

Priority

Story Points

Sprint

None

Development Team

Core: Platform

Fix versions

3.0.0

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs

Created May 18, 2020 at 1:15 PM

Updated June 22, 2020 at 1:15 PM

Resolved May 27, 2020 at 7:01 PM

Configure

TestRail: Cases

TestRail: Runs