Support delegating additional actions in runtime delegating signing.

[bjorntore]

Support delegating additional actions in runtime delegating signing.

Related Issue(s)

• Brukerstyrt signering - funksjon for å avvise for signatarer. altinn-studio#17672

Verification

• Your code builds clean without any errors or warnings
• Manual testing done (required)
• Relevant automated test added (if you find this hard, leave it and we'll help out)
• All tests run green

Documentation

• User documentation is updated with a separate linked PR in altinn-studio-docs. (if applicable)

Summary by CodeRabbit

• New Features

  • Extended signing delegation to allow specifying additional custom actions (e.g., "reject") for delegated signers in addition to the default read and sign permissions.

• Tests

  • Added unit tests verifying that additional delegated actions are included in delegation and revocation flows and that signer state updates accordingly.

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds an optional AdditionalActionsToDelegate property to signing models, threads it through signee context creation, and includes the additional actions when building rights for delegation and revocation; corresponding unit tests and public API verification were updated.

Changes

Cohort / File(s)	Summary
Models src/Altinn.App.Core/Features/Signing/Models/SigneeContext.cs, src/Altinn.App.Core/Features/Signing/ProvidedSignee.cs	Added AdditionalActionsToDelegate (List<string>?) with [JsonPropertyName("additionalActionsToDelegate")] to both types.
Services src/Altinn.App.Core/Features/Signing/Services/SigneeContextsManager.cs, src/Altinn.App.Core/Features/Signing/Services/SigningDelegationService.cs	Populates AdditionalActionsToDelegate on generated SigneeContext; extended CreateRights to accept additionalActions and include corresponding RightRequest entries during delegation and revocation flows.
Unit tests test/Altinn.App.Core.Tests/Features/Signing/SigneeContextsManagerTests.cs, test/Altinn.App.Core.Tests/Features/Signing/SigningDelegationServiceTests.cs	Added tests verifying AdditionalActionsToDelegate is propagated to SigneeContext and that delegation/revocation include the extra actions (and various success/error scenarios).
API verification test/Altinn.App.Core.Tests/PublicApiTests.PublicApi_ShouldNotChange_Unintentionally.verified.txt	Updated public API snapshot to include new AdditionalActionsToDelegate property on ProvidedSignee.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 3 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Support delegating additional actions in runtime delegating signing' accurately summarizes the main change, which adds support for delegating extra actions beyond read and sign during runtime signing delegation.
Merge Conflict Detection	✅ Passed	✅ No merge conflicts detected when merging into main

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/17672-signing-delegate-any-action

---

No actionable comments were generated in the recent review. 🎉

🧹 Recent nitpick comments

test/Altinn.App.Core.Tests/Features/Signing/SigningDelegationServiceTests.cs (1)

544-638: Good coverage for the new feature; consider adding edge-case tests.

The delegation tests for AdditionalActionsToDelegate with a value (["reject"]) and with null look solid. Two edge cases are missing that could reveal bugs in the production code:

1. Empty list [] — should behave the same as null (only read + sign), but the implementation may handle null and empty differently.
2. Duplicate of a default action (e.g., ["read"]) — could produce duplicate rights in the request if the service doesn't deduplicate.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@src/Altinn.App.Core/Features/Signing/Services/SigningDelegationService.cs`:
- Around line 185-197: In SigningDelegationService where additionalActions is
iterated, validate and deduplicate actions before adding RightRequest: for each
entry in additionalActions trim and skip null/empty or whitespace-only strings,
normalize casing (e.g. ToLowerInvariant), maintain a HashSet<string> to ignore
duplicates and also skip the default actions "read" and "sign"
(case-insensitive) or any action already represented in rights, and only then
construct and Add a new RightRequest with Action = new AltinnAction { Value =
action }.

🧹 Nitpick comments (3)

src/Altinn.App.Core/Features/Signing/ProvidedSignee.cs (1)

15-21: Consider documenting or guarding against duplicate default actions.

If a caller passes "read" or "sign" in AdditionalActionsToDelegate, the delegation request will contain duplicate rights entries for those actions. Consider either:

• Adding a note in the XML doc that "read" and "sign" should not be included, or
• Filtering out duplicates in CreateRights (in SigningDelegationService.cs).

This is unlikely to cause a runtime failure, but duplicate rights in the request payload could cause unexpected behavior from the access management API.

src/Altinn.App.Core/Features/Signing/Services/SigningDelegationService.cs (1)

158-200: Shared resources list reference across all RightRequest objects.

All RightRequest instances (lines 173, 178, and those added in the loop at line 192) reference the same resources List<Resource> instance. Since RightRequest.Resource is a mutable List<Resource> with a public setter, any downstream mutation of one request's Resource list would corrupt all others.

This is safe today because the requests are serialized and sent over HTTP without mutation, but it's a fragile assumption. Consider either documenting this intentional sharing or creating the list per-request if defensiveness is preferred.

test/Altinn.App.Core.Tests/Features/Signing/SigningDelegationServiceTests.cs (1)

640-687: Revocation with additional actions is properly tested.

For completeness, consider adding a symmetric RevokeSigneeRights_WithNullAdditionalActions_RevokesOnlyReadAndSign test to match the delegation null-case test at line 594. This isn't blocking.

[sonarqubecloud]

Quality Gate failed

Failed conditions
B Maintainability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

[bjorntore]

/publish

[github-actions]

PR release:

• Altinn.App.Api 8.10.0-pr.4337.17672-signing-delegate-any-action.f171242f
• Altinn.App.Core 8.10.0-pr.4337.17672-signing-delegate-any-action.f171242f

⚙️ Building...
✅ Done!