Fixes #27487: restore import/export buttons when EditAll uses conditional policies

[miantalha45]

Problem

Users with a Data Producer role (EditAll on glossaryTerm with conditions
like isOwner(), hasDomain(), or matchTeam()) could not see the
Import/Export options in the Glossary header manage menu, even when the
condition was satisfied (e.g. the user was the owner of the glossary).

Root Cause

importExportPermissions was computed solely from globalPermissions
(resource-level, no entity context). The backend cannot evaluate
isOwner() at the resource level and returns ConditionalAllow, which
the frontend maps to false.

Fix

Added a fallback to the entity-level permissions object from
GenericProvider context. These permissions are fetched with the specific
glossary entity ID, so the backend can correctly evaluate conditions and
return Allow when the user satisfies them.

Test

1. Create a role with EditAll on glossaryTerm + condition isOwner()
2. Assign the role to a user, make them owner of a glossary
3. Login as that user → Import/Export options now visible in the manage menu

Fixes #27487

[github-actions]

Hi there 👋 Thanks for your contribution!

The OpenMetadata team will review the PR shortly! Once it has been labeled as safe to test, the CI workflows
will start executing and we'll be able to make sure everything is working as expected.

Let us know if you need any help!

[Copilot]

Pull request overview

Restores visibility of Glossary Import/Export actions for users whose effective permissions depend on conditional policy evaluation, by considering entity-scoped permissions (with entity context) in addition to resource-scoped global permissions.

Changes:

• Update importExportPermissions computation to fall back from resource-level globalPermissions to entity-level permissions from GenericProvider context.

[github-actions]

Hi there 👋 Thanks for your contribution!

The OpenMetadata team will review the PR shortly! Once it has been labeled as safe to test, the CI workflows
will start executing and we'll be able to make sure everything is working as expected.

Let us know if you need any help!

[gitar-bot]

💡 Quality: Mutable shared test state not reset between tests

The new describe block mutates module-level mockGlossaryTermPermission and mockContext (lines 330-336, 358-365) without resetting them afterward. While this matches the existing pattern in the file, the new tests depend on and further propagate leaked state. For example, the first new test (line 327) inherits mockContext.type from whatever the previous test set it to (line 233 sets it to GLOSSARY_TERM), then overrides it to GLOSSARY at line 335 — which then leaks into the second new test.

Currently this doesn't cause failures because test execution order is deterministic and these are the last tests, but it's fragile. Adding a beforeEach or afterEach in the new describe block to snapshot and restore the shared objects would make these tests order-independent.

Suggested fix:

describe('import/export visibility with conditional policies', () => {
  let origPermission: typeof mockGlossaryTermPermission;
  let origContext: typeof mockContext;

  beforeEach(() => {
    origPermission = { ...mockGlossaryTermPermission };
    origContext = { ...mockContext };
  });

  afterEach(() => {
    Object.assign(mockGlossaryTermPermission, origPermission);
    Object.assign(mockContext, origContext);
  });
  // ... tests
});

_{Was this helpful? React with 👍 / 👎 | Reply gitar fix to apply this suggestion}

[gitar-bot]

Code Review 👍 Approved with suggestions 0 resolved / 1 findings

Restores missing import/export buttons in the EditAll interface under conditional policies. Please reset the module-level mocks in the new test block to prevent shared state leakage between tests.

💡 Quality: Mutable shared test state not reset between tests

📄 openmetadata-ui/src/main/resources/ui/src/components/Glossary/GlossaryHeader/GlossaryHeader.test.tsx:326-340

The new describe block mutates module-level mockGlossaryTermPermission and mockContext (lines 330-336, 358-365) without resetting them afterward. While this matches the existing pattern in the file, the new tests depend on and further propagate leaked state. For example, the first new test (line 327) inherits mockContext.type from whatever the previous test set it to (line 233 sets it to GLOSSARY_TERM), then overrides it to GLOSSARY at line 335 — which then leaks into the second new test.

Currently this doesn't cause failures because test execution order is deterministic and these are the last tests, but it's fragile. Adding a beforeEach or afterEach in the new describe block to snapshot and restore the shared objects would make these tests order-independent.

Suggested fix

describe('import/export visibility with conditional policies', () => {
  let origPermission: typeof mockGlossaryTermPermission;
  let origContext: typeof mockContext;

  beforeEach(() => {
    origPermission = { ...mockGlossaryTermPermission };
    origContext = { ...mockContext };
  });

  afterEach(() => {
    Object.assign(mockGlossaryTermPermission, origPermission);
    Object.assign(mockContext, origContext);
  });
  // ... tests
});

🤖 Prompt for agents

Code Review: Restores missing import/export buttons in the EditAll interface under conditional policies. Please reset the module-level mocks in the new test block to prevent shared state leakage between tests.

1. 💡 Quality: Mutable shared test state not reset between tests
   Files: openmetadata-ui/src/main/resources/ui/src/components/Glossary/GlossaryHeader/GlossaryHeader.test.tsx:326-340

   The new `describe` block mutates module-level `mockGlossaryTermPermission` and `mockContext` (lines 330-336, 358-365) without resetting them afterward. While this matches the existing pattern in the file, the new tests depend on and further propagate leaked state. For example, the first new test (line 327) inherits `mockContext.type` from whatever the previous test set it to (line 233 sets it to `GLOSSARY_TERM`), then overrides it to `GLOSSARY` at line 335 — which then leaks into the second new test.
   
   Currently this doesn't cause failures because test execution order is deterministic and these are the last tests, but it's fragile. Adding a `beforeEach` or `afterEach` in the new `describe` block to snapshot and restore the shared objects would make these tests order-independent.

   Suggested fix:
   describe('import/export visibility with conditional policies', () => {
     let origPermission: typeof mockGlossaryTermPermission;
     let origContext: typeof mockContext;
   
     beforeEach(() => {
       origPermission = { ...mockGlossaryTermPermission };
       origContext = { ...mockContext };
     });
   
     afterEach(() => {
       Object.assign(mockGlossaryTermPermission, origPermission);
       Object.assign(mockContext, origContext);
     });
     // ... tests
   });

Options

Display: compact → Showing less information.

Comment with these commands to change:

Compact

gitar display:verbose

_{Was this helpful? React with 👍 / 👎 | Gitar}