Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ACCESS-2693] Update api spec with permissions information #25405

Open
wants to merge 9 commits into
base: master
Choose a base branch
from
Open

[ACCESS-2693] Update api spec with permissions information #25405

wants to merge 9 commits into from
+43 −20

Conversation

wangwillson1
Copy link
Contributor

@wangwillson1 wangwillson1 commented Sep 23, 2024
edited
Loading

What does this PR do? What is the motivation?

In the API reference, this PR adds the permissions required to access a given endpoint.

https://docs-staging.datadoghq.com/willson.wang/ACCESS-2693-update-api-spec/api/latest/users/#update-a-user

Merge instructions

  • Please wait for a review from aaa-core-access before merging

Additional notes

@github-actions github-actions bot added the Architecture Everything related to the Doc backend label Sep 23, 2024
@wangwillson1 wangwillson1 added the aaa-access AAA Access team: https://datadoghq.atlassian.net/wiki/spaces/AAA/pages/2069365080/AAA+Access+Team label Sep 24, 2024
@wangwillson1 wangwillson1 requested a review from a team September 24, 2024 19:53
@wangwillson1 wangwillson1 marked this pull request as ready for review September 25, 2024 13:50
@wangwillson1 wangwillson1 requested a review from a team as a code owner September 25, 2024 13:50
srosenthal-dd
srosenthal-dd reviewed Sep 29, 2024
View reviewed changes
Copy link
Member

@srosenthal-dd srosenthal-dd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you help me understand what this changes means from the user perspective?

Will all API endpoints that start to list permissions in the public docs?

I assume the extra OAuth section is because not all permissions are available in OAuth? I do hope that is a temporary situation in most cases.

We (including PM) should be aware that the actual permission logic is occasionally more complicated. In the example you link, "update a user", the first permission check is an OR, but then it looks specifically at the user/service-account being updated and validates that the caller has the appropriate permission (code)

@wangwillson1
Copy link
Contributor Author

Will all API endpoints that start to list permissions in the public docs?

all non-rapid endpoints, since API clients is working on adding api spec autogen support for them in the coming weeks

I assume the extra OAuth section is because not all permissions are available in OAuth? I do hope that is a temporary situation in most cases.

yes precisely - ideally we can (one day) just get rid of the whole notion of separate oauth endpoints, but once we get there the docs change will be relatively easy

@urseberry urseberry self-assigned this Sep 30, 2024
@urseberry urseberry added the editorial review Waiting on a more in-depth review label Sep 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@srosenthal-dd srosenthal-dd srosenthal-dd left review comments

@bi1yeu bi1yeu bi1yeu approved these changes

@bgdeutsch bgdeutsch bgdeutsch approved these changes

@urseberry urseberry urseberry approved these changes

Assignees

@urseberry urseberry

Labels
aaa-access AAA Access team: https://datadoghq.atlassian.net/wiki/spaces/AAA/pages/2069365080/AAA+Access+Team Architecture Everything related to the Doc backend editorial review Waiting on a more in-depth review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@wangwillson1 @bi1yeu @bgdeutsch @urseberry @srosenthal-dd