Skip to content

New branch name for #3954#3980

Closed
ivarne wants to merge 2 commits intomainfrom
feat/authContextLimitations
Closed

New branch name for #3954#3980
ivarne wants to merge 2 commits intomainfrom
feat/authContextLimitations

Conversation

@ivarne
Copy link
Member

@ivarne ivarne commented Feb 4, 2026
edited by coderabbitai bot
Loading

Just a duplication of #3954 to make the preview release work

Summary by CodeRabbit

Release Notes

  • New Features

    • Authentication context now supports dynamic keys alongside predefined options, enabling more flexible validation scenarios.

  • Improvements

    • Error messages for authentication context operations have been enhanced to provide clearer feedback, including a list of available keys when unknown properties are referenced.

ivarne added 2 commits February 2, 2026 10:26
@ivarne
Allow any action to be checked with ["authContext"] expression
26b632c 
Previously the only allowed actions were 'instantiate' | 'confirm' | 'sign' | 'reject' | 'read' | 'write' | 'complete'.

Now any action that backend think is relevant for the task (based on proces.pbmn). Unknown actions triggers a warning (even thogh they are on the previously accepted list).

This is a change in behaviour for previously buggy apps that used eg.  `["authContext", "reject"]` without specifying `reject` as an action in bpmn. Previously authContext returned false, but now the whole expression fails.

I tested that vsCode understands the trick with `"anyOf": ["enum", "string"]` and provides suggestions from the enum but accept any action.
@ivarne
Fix test to actually expect an error
9502fcd
@ivarne ivarne changed the title New branch name for New branch name for #3954 Feb 4, 2026
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Feb 4, 2026
edited
Loading

📝 Walkthrough

Walkthrough

The changes transition auth context validation from static, fixed permission keys to dynamic key validation. The schema definition is relaxed to accept arbitrary strings alongside predefined permissions. The implementation refactored to check keys dynamically via buildAuthContext with enhanced error messaging. Test fixtures added to validate new behavior.

Changes

Cohort / File(s) Summary
Schema Definition
schemas/json/layout/expression.schema.v1.json		 Updated func-authContext definition to use anyOf, allowing either predefined permission enum values or arbitrary strings, relaxing strict validation.
Expression Implementation
src/features/expressions/expression-functions.ts		 Refactored authContext function from static key validation to dynamic validation via buildAuthContext. Removed IAuthContext import and added detailed error handling for null keys and unknown auth context properties.
Test Fixtures
src/features/expressions/shared-tests/functions/authContext/*		 Added error-unknown-action.json test fixture for unknown auth context scenarios. Updated read-sign.json with reject permission field in permissions.actions.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 1 | ❌ 2
❌ Failed checks (2 warnings)
Check name Status Explanation Resolution
Title check ⚠️ Warning The title 'New branch name for #3954' does not clearly describe the actual changes; it only references creating a duplicate of another PR without explaining what functionality was modified. Use a descriptive title that summarizes the main change, such as 'Allow dynamic auth context keys in expressions' or 'Support arbitrary action checking in authContext expressions'.
Description check ⚠️ Warning The description is incomplete; it lacks detail about the actual changes, only mentions it's a duplication without explaining what the feature does. Most verification sections are unchecked. Expand the description to explain the feature changes (dynamic auth context validation, error handling), and check appropriate verification boxes for testing and documentation status.
✅ Passed checks (1 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch feat/authContextLimitations

Important

Action Needed: IP Allowlist Update

If your organization protects your Git platform with IP whitelisting, please add the new CodeRabbit IP address to your allowlist:

  • 136.113.208.247/32 (new)
  • 34.170.211.100/32
  • 35.222.179.152/32

Reviews will stop working after February 8, 2026 if the new IP is not added to your allowlist.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@ivarne
Copy link
Member Author

ivarne commented Feb 4, 2026

/release

@ivarne
Copy link
Member Author

ivarne commented Feb 4, 2026

/publish

@github-actions
Copy link
Contributor

github-actions bot commented Feb 4, 2026
edited
Loading

PR release:

  • <link rel="stylesheet" type="text/css" href="https://altinncdn.no/toolkits/altinn-app-frontend/4.25.0-pr.3783.authContextLimitations.9502fcd7/altinn-app-frontend.css">
  • <script src="https://altinncdn.no/toolkits/altinn-app-frontend/4.25.0-pr.3783.authContextLimitations.9502fcd7/altinn-app-frontend.js"></script>

⚙️ Building...
❌ Failed: https://github.com/Altinn/app-frontend-react/actions/runs/21663796194

@ivarne ivarne closed this Feb 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ivarne