Skip to content

feat: add 'groups' namespace #456

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Sep 10, 2025
Merged

feat: add 'groups' namespace #456

merged 7 commits into from
Sep 10, 2025

Conversation

@bevzzz
Copy link
Collaborator

@bevzzz bevzzz commented Sep 2, 2025
edited
Loading

This PR add a new groups namespace for assigning / revoking roles to user groups rather than individual users. The API is similar to that in users namespace:

client.groups().oidc()
  .roleAssigner()
  .withGroupId('fifth-floor-empl')
  .withRoles(analystRole, researcherRole).run();

client.groups().oidc()
  .assignedRolesGetter()
  .withGroupId('fifth-floor-empl').run();

client.groups().oidc()
  .knownGroupNamesGetter().run();

client.groups().oidc()
  .roleRevoker()
  .withGroupId('fifth-floor-empl')
  .withRoles(researcherRole).run();

Complimenting that are GroupsPermissions which a role can now have:

client.roles().creator()
  .withName('group-admin')
  .withPermissions(
      Permission.groups("general", "oidc", 
        GroupsPermission.Action.READ, 
        GroupsPermission.Action.ASSIGN_AND_REVOKE)).run();

orca-security-eu[bot]
orca-security-eu bot reviewed Sep 2, 2025
View reviewed changes
Copy link

@orca-security-eu orca-security-eu bot left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Orca Security Scan Summary

Status Check Issues by priority
Passed Passed Infrastructure as Code high 0   medium 0   low 0   info 0 View in Orca
Passed Passed SAST high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Secrets high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Vulnerabilities high 0   medium 0   low 0   info 0 View in Orca

@bevzzz bevzzz marked this pull request as draft September 2, 2025 15:50
@bevzzz
test: relax error message checks
217ea8a 
These are server-specific and have nothing to do with the client logic
@bevzzz
feat add GroupsPermission
57aa3ca
@bevzzz bevzzz marked this pull request as ready for review September 2, 2025 16:43
@bevzzz
test: delete server-related assertion
6822255 
This test simply checks that server returns some string exactly,
which is based _entirely_ on how the server is configured and
has no relation to the client-side logic. It is deserialized in
and Object, so there is no special behavior to verify.

The assertion does fail with v1.33.0-rc.0 though, because
the server started returning a different string.

Once again, this string is not something that affects client
behavior in any way.
@bevzzz
Copy link
Collaborator Author

bevzzz commented Sep 3, 2025

I deleted one of the failing tests case, see d8e8ba4 for the reasoning behind it.

@bevzzz bevzzz mentioned this pull request Sep 3, 2025
Merged
@bevzzz
Copy link
Collaborator Author

bevzzz commented Sep 9, 2025

Weaviate v1.33 appears to have a regression in the Explorer API that's causing the related tests to fail. There are no plans to fix the regression.

https://weaviate-org.slack.com/archives/C05TV6AP8P3/p1756910684886959

@bevzzz
ci: disable breaking Explore test
bc4676d 
They are breaking due to a regression in Weaviate v1.33.
antas-marcin
antas-marcin reviewed Sep 10, 2025
View reviewed changes
src/main/java/io/weaviate/client/v1/async/groups/api/oidc/AssignedRolesGetter.java Outdated
return this;
}

private String _groupId() {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would change the name just getGroupId or groupId having an _ in method naming feels like Python / Rust code

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Renamed in all files

@bevzzz bevzzz merged commit 4d26c49 into main Sep 10, 2025
5 checks passed
@bevzzz bevzzz deleted the feat/groups-oidc branch September 10, 2025 16:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@orca-security-eu orca-security-eu[bot] orca-security-eu[bot] left review comments

@dirkkul dirkkul dirkkul approved these changes

@antas-marcin antas-marcin antas-marcin approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bevzzz @dirkkul @antas-marcin