Skip to content

Auth context (copy of #3954)#3981

Open
ivarne wants to merge 2 commits intomainfrom
auth-context
Open

Auth context (copy of #3954)#3981
ivarne wants to merge 2 commits intomainfrom
auth-context

Conversation

@ivarne
Copy link
Member

@ivarne ivarne commented Feb 4, 2026
edited by coderabbitai bot
Loading

Copy of #3954 without capital letters in the branch name

Summary by CodeRabbit

Release Notes

  • Enhancements

    • Auth context now accepts custom permission keys beyond predefined options.

  • Bug Fixes

    • Enhanced error reporting with clearer messages for invalid context properties.

  • Tests

    • Expanded test coverage for unknown authentication context scenarios.

ivarne added 2 commits February 2, 2026 10:26
@ivarne
Allow any action to be checked with ["authContext"] expression
26b632c 
Previously the only allowed actions were 'instantiate' | 'confirm' | 'sign' | 'reject' | 'read' | 'write' | 'complete'.

Now any action that backend think is relevant for the task (based on proces.pbmn). Unknown actions triggers a warning (even thogh they are on the previously accepted list).

This is a change in behaviour for previously buggy apps that used eg.  `["authContext", "reject"]` without specifying `reject` as an action in bpmn. Previously authContext returned false, but now the whole expression fails.

I tested that vsCode understands the trick with `"anyOf": ["enum", "string"]` and provides suggestions from the enum but accept any action.
@ivarne
Fix test to actually expect an error
9502fcd
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Feb 4, 2026
edited
Loading

📝 Walkthrough

Walkthrough

The changes extend the authContext function to accept custom string values beyond predefined permissions. The JSON schema constraint is relaxed from a fixed enum to an anyOf pattern. The TypeScript implementation is refactored to validate against actual runtime context rather than hardcoded keys, with improved error messaging. Test cases are added and updated to reflect the new behavior.

Changes

Cohort / File(s) Summary
Schema Definition
schemas/json/layout/expression.schema.v1.json		 Updated func-authContext definition items[1] from fixed enum to anyOf pattern, allowing predefined permissions or any custom string value.
Implementation
src/features/expressions/expression-functions.ts		 Refactored authContext function to validate keys against actual context instead of hardcoded map; removed IAuthContext import; enhanced error messages to include task elementId and available keys.
Test Cases
src/features/expressions/shared-tests/functions/authContext/error-unknown-action.json, src/features/expressions/shared-tests/functions/authContext/read-sign.json		 Added new error test case for unknown authContext property and updated existing test with explicit reject permission flag.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

🚥 Pre-merge checks | ✅ 1 | ❌ 2
❌ Failed checks (1 warning, 1 inconclusive)
Check name Status Explanation Resolution
Description check ⚠️ Warning The PR description is minimal and incomplete; it lacks detailed explanation of changes, related issue links, and verification/QA checkboxes required by the template. Add a comprehensive description following the template: explain the change in detail, link to issue #3954, and complete the verification checklist sections.
Title check ❓ Inconclusive The title is partially related to the changeset; it refers to the main feature (authContext improvements) but is vague by mentioning it's a copy of another PR without explaining the actual change. Consider using a more descriptive title such as 'Allow arbitrary action strings in authContext expressions' to clearly convey the main change.
✅ Passed checks (1 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch auth-context

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@ivarne
Copy link
Member Author

ivarne commented Feb 4, 2026

/publish

@github-actions
Copy link
Contributor

github-actions bot commented Feb 4, 2026
edited
Loading

PR release:

  • <link rel="stylesheet" type="text/css" href="https://altinncdn.no/toolkits/altinn-app-frontend/4.25.0-pr.3786.auth-context.9502fcd7/altinn-app-frontend.css">
  • <script src="https://altinncdn.no/toolkits/altinn-app-frontend/4.25.0-pr.3786.auth-context.9502fcd7/altinn-app-frontend.js"></script>

⚙️ Building...
✅ Done!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ivarne