feat(audit-policy): spacecat-api-service contract — policy CRUD + 501 scope stubs (SITES-47306)#2723
Draft
iuliag wants to merge 12 commits into
Draft
feat(audit-policy): spacecat-api-service contract — policy CRUD + 501 scope stubs (SITES-47306)#2723iuliag wants to merge 12 commits into
iuliag wants to merge 12 commits into
Conversation
…ract (SITES-47306)
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
…tion (SITES-47306)
…audit-scope (SITES-47306)
… FACS entries (SITES-47306)
…OpenAPI (SITES-47306)
|
This PR will trigger a minor release when merged. |
Contributor
Author
|
@sandsinh, this is the PR implementing the API spec. It's still in progress, however if you can review it and let me know if you see something missing or adjusting depending on what the UI will need. |
…contract # Conflicts: # docs/index.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
1. Abstract
Implements the
/sites/{siteId}/audit-policyCRUD contract (E1/E2/E3) plus/sites/{siteId}/audit-scope/*OpenAPI501stubs (E4–E6) for the Audit Policy feature.2. Reasoning
SITES-46352 pinned the customer-facing HTTP contract for Audit Policy — the surface the delegated UI builds against. SITES-47306 is the implementation ticket, building that surface over the B2
audit_policytable.3. High-level overview of the changes
GET /sites/{siteId}/audit-policyreturns the current policy, or a syntheticversion: 0default when unset (never404).PUT /sites/{siteId}/audit-policyfull-replaces the policy viawrpc_upsert_audit_policy. The author attribute is derived server-side from the caller's IMS token — a client-suppliedauthorfield in the request body is ignored. Writes requirereasonandexpectedVersionand are optimistic-locked: a staleexpectedVersionreturns409with the server'scurrentVersion.GET /sites/{siteId}/audit-policy/revisionsreturns policy history newest-first, cursor-paginated.GET /sites/{siteId}/audit-scope/{pages,summary,sections}return501for now; their real implementations land under separate tickets (B4 / B7) once those blocks are built.409conflict path) are written as a later, separate step — they depend on a companion data-service change (see Deployment & merge order) and are intentionally not part of this PR yet.4. Required information
platform/design-audit-policy-api-contract.md(PR feat(trigger): no initial msg for backlink audit #184)docs/plans/2026-06-29-sites-47306-api-contract-policy-crud.md(this branch)5. Affected / used mysticat-workspace projects
mysticat-data-service— contract/runtime dependency: this PR callswrpc_upsert_audit_policyand readsaudit_policy/audit_policy_revision, which are created by B2 (SITES-47301) and extended (p_expected_version,effective_at) by the companion PR on the matchingfeat/sites-47306-api-contractbranch in that repo.7. Test plan
wrpc_upsert_audit_policyRPC and the409conflict path are added in a later commit, once the dependent data-service change is available.GET/PUT /sites/{siteId}/audit-policyand confirm the synthetic-default, optimistic-lock, and entitlement-gate behaviour described above on eph/dev ahead of exposing the contract to the delegated UI on stage/prod.8. Deployment & merge order
mysticat-data-servicePR onfeat/sites-47306-api-contract— depends-on: providesp_expected_versionandaudit_policy_revision.effective_atthat this PR's RPC call and conflict-mapping rely on.audit_policytable + RPC that the data-service PR extends.mysticat-data-servicecompanion PR merges → (3) a new data-service image is cut and pinned intest/it/postgres/docker-compose.yml→ (4) this PR's integration tests are added and enabled, then this PR merges.🤖 Generated with Claude Code