Improve tenant perspective organization context rewrite configs #7566
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR improves tenant perspective organization context rewrite configurations by making them more flexible and configurable. The changes introduce conditional configuration options and dynamic template rendering for organization context rewrites.
- Adds a new configuration flag to control authorization path enablement
- Introduces dynamic template loops for configurable context rewrite paths
- Conditionally includes authorization-related API paths and servlet contexts
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| org.wso2.carbon.identity.core.server.feature.default.json | Adds new configuration flag for enabling authorization paths in tenant perspective |
| identity.xml.j2 | Implements dynamic template rendering and conditional inclusion of authorization paths and servlet contexts |
| {% for org_context_in_tenant_perspective in org_context_in_tenant_perspective.rewrite %} | ||
| {% for base_path in org_context_in_tenant_perspective.base_path %} | ||
| <Context> | ||
| <BasePath>{{base_path}}</BasePath> | ||
| <SubPaths> | ||
| {% for sub_path in org_context_in_tenant_perspective.sub_paths %} |
There was a problem hiding this comment.
The loop variable name conflicts with the parent object name 'org_context_in_tenant_perspective'. This will shadow the parent variable and make nested properties inaccessible within the loop.
| {% for org_context_in_tenant_perspective in org_context_in_tenant_perspective.rewrite %} | |
| {% for base_path in org_context_in_tenant_perspective.base_path %} | |
| <Context> | |
| <BasePath>{{base_path}}</BasePath> | |
| <SubPaths> | |
| {% for sub_path in org_context_in_tenant_perspective.sub_paths %} | |
| {% for rewrite_context in org_context_in_tenant_perspective.rewrite %} | |
| {% for base_path in rewrite_context.base_path %} | |
| <Context> | |
| <BasePath>{{base_path}}</BasePath> | |
| <SubPaths> | |
| {% for sub_path in rewrite_context.sub_paths %} |
| <Servlet> | ||
| {% for servlet in org_context_in_tenant_perspective.rewrite.servlets %} | ||
| <Context>{{servlet}}</Context> | ||
| {% endfor %} | ||
| {% for servlet in org_context_in_tenant_perspective.rewrite.custom_servlets %} | ||
| <Context>{{servlet}}</Context> | ||
| {% endfor %} |
There was a problem hiding this comment.
These loops assume that 'org_context_in_tenant_perspective.rewrite.servlets' and 'org_context_in_tenant_perspective.rewrite.custom_servlets' are iterable collections, but there's no validation to ensure these properties exist or are properly structured.
| <Servlet> | |
| {% for servlet in org_context_in_tenant_perspective.rewrite.servlets %} | |
| <Context>{{servlet}}</Context> | |
| {% endfor %} | |
| {% for servlet in org_context_in_tenant_perspective.rewrite.custom_servlets %} | |
| <Context>{{servlet}}</Context> | |
| {% endfor %} | |
| <Servlet> | |
| {% if org_context_in_tenant_perspective.rewrite.servlets is defined and org_context_in_tenant_perspective.rewrite.servlets %} | |
| {% for servlet in org_context_in_tenant_perspective.rewrite.servlets %} | |
| <Context>{{servlet}}</Context> | |
| {% endfor %} | |
| {% endif %} | |
| {% if org_context_in_tenant_perspective.rewrite.custom_servlets is defined and org_context_in_tenant_perspective.rewrite.custom_servlets %} | |
| {% for servlet in org_context_in_tenant_perspective.rewrite.custom_servlets %} | |
| <Context>{{servlet}}</Context> | |
| {% endfor %} | |
| {% endif %} |
| {% for org_context_in_tenant_perspective in org_context_in_tenant_perspective.rewrite %} | ||
| {% for base_path in org_context_in_tenant_perspective.base_path %} | ||
| <Context> | ||
| <BasePath>{{base_path}}</BasePath> | ||
| <SubPaths> | ||
| {% for sub_path in org_context_in_tenant_perspective.sub_paths %} |
There was a problem hiding this comment.
Due to variable shadowing in the outer loop (line 4033), this will try to access 'base_path' property on the loop item instead of the original configuration object, which will likely cause template rendering errors.
| {% for org_context_in_tenant_perspective in org_context_in_tenant_perspective.rewrite %} | |
| {% for base_path in org_context_in_tenant_perspective.base_path %} | |
| <Context> | |
| <BasePath>{{base_path}}</BasePath> | |
| <SubPaths> | |
| {% for sub_path in org_context_in_tenant_perspective.sub_paths %} | |
| {% for rewrite_item in org_context_in_tenant_perspective.rewrite %} | |
| {% for base_path in rewrite_item.base_path %} | |
| <Context> | |
| <BasePath>{{base_path}}</BasePath> | |
| <SubPaths> | |
| {% for sub_path in rewrite_item.sub_paths %} |
|
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #7566 +/- ##
============================================
+ Coverage 50.85% 50.87% +0.02%
+ Complexity 19001 18999 -2
============================================
Files 2099 2099
Lines 121819 121947 +128
Branches 25296 25349 +53
============================================
+ Hits 61952 62046 +94
- Misses 51867 51892 +25
- Partials 8000 8009 +9
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
1 participant
Proposed changes in this pull request
$Subject