[OKAPI-851] ensure compatibility between Okapi 3.0 and mod-perms/mod-authtoken Created: 18/May/20  Updated: 22/Jun/20  Resolved: 27/May/20

Status: Closed
Project: Okapi
Components: None
Affects versions: None
Fix versions: 3.0.0

Type: Task Priority: P2
Reporter: Jakub Skoczen Assignee: Hongwei Ji
Resolution: Done Votes: 0
Labels: platform-backlog
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Blocks
blocks MODAT-73 Release mod-authtoken for Q2 Closed
blocks MODPERMS-81 Release mod-permissions for Q2 Closed
blocks OKAPI-836 Release Okapi for Q2 Closed
Relates
relates to MODPERMS-85 Invalid CQL when encoding permission ... Closed
relates to OKAPI-855 Incorrect for _tenantPermissions inte... Closed
Sprint: CP: sprint 89
Story Points: 3
Development Team: Core: Platform

 Description   

We have discussed the following approach:

  • mod-permission "permission" interface MUST be upgraded to 5.3 from current 5.2 and mod-authtoken dependency on this interfaces must be updated to 5.3
  • _tenantPermission system interface should be updated to 1.1 from current 1.0 and Okapi 3.0 should check which version is provided at runtime:
  • if 1.0 is provided, Okapi should fallback to the old behavior which does not wrap modulePermission in a "system" set OR it should fail (Adam Dickmeiss Hongwei Ji I think failure is acceptable since Okapi 3.0 does not need to be backwards compatible with 2.x and it could simplify code paths
  • if 1.1 is provided Okapi should wrap modulePermission sets in a "system" set (before posting to mod-permissions) AND use these sets in the X-Module-Permission header (behavior for 3.0)


 Comments   
Comment by Adam Dickmeiss [ 20/May/20 ]

Looks good.

I prefer that when _tenantPermisions 1.0 is provided, it will just not expand. That is "less" code than expanding and pose no problem for maintenance IMHO.

Generated at Thu Feb 08 23:21:53 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.