Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expose a EU endpoints that proxies for authorized parties #660

Closed
5 tasks done
elsand opened this issue Apr 21, 2024 · 0 comments · Fixed by #661
Closed
5 tasks done

Expose a EU endpoints that proxies for authorized parties #660

elsand opened this issue Apr 21, 2024 · 0 comments · Fixed by #661
Assignees
@elsand
Milestone
Pilotproduksjon

Comments

@elsand
Copy link
Collaborator

elsand commented Apr 21, 2024
edited
Loading

Introduction

We should make available a list of authorized parties over the EU API

Description

As of now, any Dialogporten consumer will have to make a separate integration to Access Management APIs in order to get valid values to put into Party. This is non-obvious, and a hinderance for adoption. Dialogporten will also need to intergrate this API in order to do search authorization, and will have this information cached. It therefore makes sense to expose a new endpoint over the EU API that can expose a custom DTO for authorized parties.

Considerations

  • Expose in GQL? Yes, included in PR.
  • Make available to SOs?

Implementation

This should use the same client and cache as will be required in #42. It is desirable for the consuming APIs to determine whether or not the current user has any special rights for each of the parties (key role, HADM ("hovedadministrator"), ADMAI ("tilgangsstyrer")), so that any GUI related to access management can rely on that information. Suggested DTO:

{
  "authorizedParties": [
    {
      "name": "NAVN PÅ AVGIVER",
      "type": "Organization", // or "Person"
      "identifier": "urn:altinn:organization:identifier-no::912345678",
      "isDeleted": true,
      "hasKeyRole": true,
      "isMainAdmin": true,
      "isAccessManager": true,
      "subParties": [ /* nullable, includes any nested parties */ ]
    },
    {
      "name": "NAVN PÅ AVGIVER",
      "type": "Person", // or "Person"
      "identifier": "urn:altinn:person:identifier-no::912345678",
      "isDeleted": true,
      "hasKeyRole": true,
      "isMainAdmin": true,
      "isAccessManager": true
    }
  ]
}

Tasks
Preview Give feedback
@elsand elsand added this to the Pilotproduksjon milestone Apr 21, 2024
@elsand elsand moved this from Nye issues to 🔖 Klar for implementering in Dialogporten / Arbeidsflate Apr 21, 2024
@elsand elsand moved this from 🔖 Klar for implementering to Under arbeid in Dialogporten / Arbeidsflate Apr 21, 2024
@elsand elsand self-assigned this Apr 21, 2024
@elsand elsand mentioned this issue Apr 21, 2024
Merged
4 tasks
@elsand elsand moved this from Under arbeid to Code Review og PR in Dialogporten / Arbeidsflate Apr 22, 2024
@elsand elsand linked a pull request Apr 22, 2024 that will close this issue
feat: Authorized parties endpoint in enduser API #661
Merged
4 tasks
elsand added a commit that referenced this issue Apr 25, 2024
@elsand @oskogstad
feat: Authorized parties endpoint in enduser API (#661)
050ccbb 
## Description

This adds a parties endpoint in the enduser-API, proxying requests to
access-management and returning a custom DTO for all parties that the
user has some sort of access relation to.

## Related Issue(s)

- #660 

## Verification

- [x] **Your** code builds clean without any errors or warnings
- [x] Manual testing done (required)
- [x] Relevant automated test added (if you find this hard, leave it and
we'll help out)

## Documentation

- [ ] Documentation is updated (either in `docs`-directory, Altinnpedia
or a separate linked PR in
[altinn-studio-docs.](https://github.com/Altinn/altinn-studio-docs), if
applicable)

---------

Co-authored-by: Ole Jørgen Skogstad <skogstad@softis.net>
@github-project-automation github-project-automation bot moved this from Code Review og PR to Ferdig in Dialogporten / Arbeidsflate Apr 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@elsand elsand

Labels
None yet
Projects
Dialogporten / Arbeidsflate
Archived in project
Milestone
Pilotproduksjon
Development

Successfully merging a pull request may close this issue.

feat: Authorized parties endpoint in enduser API digdir/dialogporten
1 participant
@elsand