Key 77 runscripts set permissions#29
Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthroughAdds SSO-apps municipality folder role assignment: utility functions parse Keycloak group names to municipality slugs, fetch enriched user data, and bulk-grant ChangesSSO-apps local role assignment for municipality folders
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
Actionable comments posted: 2
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
src/pas/plugins/kimug/utils.py (1)
1197-1205:⚠️ Potential issue | 🟠 Major | ⚡ Quick winMake env-list parsing accept comma-separated values without spaces.
_parse_bracketed_env_list()currently splits on", "only, so[group1,group2]is parsed as a single entry. That breaks municipality filtering for valid comma-separated env values.💡 Proposed fix
- return [v for v in value.split(", ") if v] + return [v.strip() for v in value.split(",") if v.strip()]As per coding guidelines, environment list values use bracket format and comma-separated values must work.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@src/pas/plugins/kimug/utils.py` around lines 1197 - 1205, The _parse_bracketed_env_list() function currently splits on the literal string ", " (comma followed by space), which fails to parse values like [group1,group2] without spaces. Change the split operation to split on just "," (comma only) and then strip whitespace from each resulting value. This approach will handle both comma-space-separated values like [a, b] and comma-only-separated values like [a,b] uniformly, ensuring the list comprehension correctly filters out empty strings after splitting and stripping.Source: Coding guidelines
🧹 Nitpick comments (1)
tests/utils/test_utils.py (1)
495-514: ⚡ Quick winAdd an underscore-format regression case for municipality parsing.
Please add a case like
pl_belleville_ac -> bellevillehere. It will guard the format currently used in SSO-apps municipality group names and prevent parser regressions.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@tests/utils/test_utils.py` around lines 495 - 514, The TestMunicipalityFromGroupName class lacks a regression test for the underscore-formatted group names used in SSO-apps (such as pl_belleville_ac). Add a new test method to the TestMunicipalityFromGroupName class that verifies utils._municipality_from_group_name("pl_belleville_ac") correctly returns "belleville". This test will guard against future parser regressions for this specific format that is currently used in production.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/pas/plugins/kimug/utils.py`:
- Around line 953-957: The realm is hardcoded to "sso-apps" which breaks when
the issuer points to a different realm or when SSO_APPS_REALM is set
differently. Replace the hardcoded realm assignment with one that reads from the
SSO_APPS_REALM environment variable (which defaults to "sso-apps"), then pass
this derived realm value to the get_client_access_token function call instead of
the hardcoded string literal. This ensures the realm derivation honors both the
SSO_APPS_REALM environment variable and the actual issuer configuration.
- Around line 920-923: The _municipality_from_group_name() function currently
only splits on hyphens when extracting the municipality name, but group names
like pl_belleville_ac contain underscores that should also be treated as
delimiters. Modify the split logic that processes name[3:] to split on both
hyphens and underscores (or replace underscores with hyphens before splitting),
ensuring that only the first segment before either character is returned as the
municipality name.
---
Outside diff comments:
In `@src/pas/plugins/kimug/utils.py`:
- Around line 1197-1205: The _parse_bracketed_env_list() function currently
splits on the literal string ", " (comma followed by space), which fails to
parse values like [group1,group2] without spaces. Change the split operation to
split on just "," (comma only) and then strip whitespace from each resulting
value. This approach will handle both comma-space-separated values like [a, b]
and comma-only-separated values like [a,b] uniformly, ensuring the list
comprehension correctly filters out empty strings after splitting and stripping.
---
Nitpick comments:
In `@tests/utils/test_utils.py`:
- Around line 495-514: The TestMunicipalityFromGroupName class lacks a
regression test for the underscore-formatted group names used in SSO-apps (such
as pl_belleville_ac). Add a new test method to the TestMunicipalityFromGroupName
class that verifies utils._municipality_from_group_name("pl_belleville_ac")
correctly returns "belleville". This test will guard against future parser
regressions for this specific format that is currently used in production.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 4c4664d9-1b30-473b-bcf4-3f4c346f0fd3
📒 Files selected for processing (7)
CHANGES.mdscripts/set_sso_apps_permissions.pysrc/pas/plugins/kimug/browser/configure.zcmlsrc/pas/plugins/kimug/browser/view.pysrc/pas/plugins/kimug/controlpanel/controlpanel.ptsrc/pas/plugins/kimug/utils.pytests/utils/test_utils.py
bsuttor
left a comment
There was a problem hiding this comment.
Looks good to me, to be tested in staging :-)
Summary by CodeRabbit