Introduces a change in the REST POST, PATCH and PUT API response construction - CHERRYPICK (#1824)

merges changes from #1731 as patch to 0.9.

includes merge conflict resolution. let tests run before merge. spot
checked REST find, put , and some graphql tests and they succeeded.

---------

Co-authored-by: Shyam Sundar J <[email protected]>
Co-authored-by: Aniruddh Munde <[email protected]>

Author: 3 people

config-generators/mssql-commands.txt

@@ -96,6 +96,11 @@ update Book --config "dab-config.MsSql.json" --permissions "policy_tester_08:cre
 update Book --config "dab-config.MsSql.json" --permissions "policy_tester_08:update" --fields.include "*" --policy-database "@item.id eq 9"
 update Book --config "dab-config.MsSql.json" --permissions "policy_tester_08:delete" --fields.include "*" --policy-database "@item.id eq 9"
 update Book --config "dab-config.MsSql.json" --permissions "policy_tester_08:read" --fields.include "*"
+update Book --config "dab-config.MsSql.json" --permissions "test_role_with_noread:create,update,delete"
+update Book --config "dab-config.MsSql.json" --permissions "test_role_with_excluded_fields:create,update,delete"
+update Book --config "dab-config.MsSql.json" --permissions "test_role_with_excluded_fields:read" --fields.exclude "publisher_id"
+update Book --config "dab-config.MsSql.json" --permissions "test_role_with_policy_excluded_fields:create,update,delete"
+update Book --config "dab-config.MsSql.json" --permissions "test_role_with_policy_excluded_fields:read" --fields.exclude "publisher_id" --policy-database "@item.title ne 'Test'"
 update Review --config "dab-config.MsSql.json" --permissions "authenticated:create,read,update,delete"
 update Review --config "dab-config.MsSql.json" --relationship books --target.entity Book --cardinality one
 update BookWebsitePlacement --config "dab-config.MsSql.json" --permissions "authenticated:create,update" --rest true --graphql true
@@ -172,6 +177,12 @@ update Stock --config "dab-config.MsSql.json" --permissions "TestNestedFilterFie
 update Stock --config "dab-config.MsSql.json" --permissions "TestNestedFilterFieldIsNull_EntityReadForbidden:read"
 update Stock --config "dab-config.MsSql.json" --permissions "database_policy_tester:update" --policy-database "@item.pieceid ne 1"
 update Stock --config "dab-config.MsSql.json" --permissions "database_policy_tester:create" --policy-database "@item.pieceid ne 6 and @item.piecesAvailable gt 0"
+update Stock --config "dab-config.MsSql.json" --permissions "database_policy_tester:read"
+update Stock --config "dab-config.MsSql.json" --permissions "test_role_with_noread:create,update,delete"
+update Stock --config "dab-config.MsSql.json" --permissions "test_role_with_excluded_fields:create,update,delete"
+update Stock --config "dab-config.MsSql.json" --permissions "test_role_with_excluded_fields:read" --fields.exclude "categoryName"
+update Stock --config "dab-config.MsSql.json" --permissions "test_role_with_policy_excluded_fields:create,update,delete"
+update Stock --config "dab-config.MsSql.json" --permissions "test_role_with_policy_excluded_fields:read" --fields.exclude "categoryName" --policy-database "@item.piecesAvailable ne 0"
 update series --config "dab-config.MsSql.json" --permissions "TestNestedFilterManyOne_ColumnForbidden:read" --fields.exclude "name"
 update series --config "dab-config.MsSql.json" --permissions "TestNestedFilterManyOne_EntityReadForbidden:create,update,delete"
 update series --config "dab-config.MsSql.json" --permissions "TestNestedFilterOneMany_ColumnForbidden:read"

config-generators/mysql-commands.txt

@@ -49,6 +49,11 @@ update Publisher --config "dab-config.MySql.json" --permissions "database_policy
 update Publisher --config "dab-config.MySql.json" --permissions "database_policy_tester:create"
 update Publisher --config "dab-config.MySql.json" --permissions "database_policy_tester:update" --policy-database "@item.id ne 1234"
 update Stock --config "dab-config.MySql.json" --permissions "authenticated:create,read,update,delete" --rest commodities --graphql true --relationship stocks_price --target.entity stocks_price --cardinality one
+update Stock --config "dab-config.MySql.json" --permissions "test_role_with_noread:create,update,delete"
+update Stock --config "dab-config.MySql.json" --permissions "test_role_with_excluded_fields:create,update,delete"
+update Stock --config "dab-config.MySql.json" --permissions "test_role_with_excluded_fields:read" --fields.exclude "categoryName"
+update Stock --config "dab-config.MySql.json" --permissions "test_role_with_policy_excluded_fields:create,update,delete"
+update Stock --config "dab-config.MySql.json" --permissions "test_role_with_policy_excluded_fields:read" --fields.exclude "categoryName" --policy-database "@item.piecesAvailable ne 0"
 update Book --config "dab-config.MySql.json" --permissions "authenticated:create,read,update,delete"
 update Book --config "dab-config.MySql.json" --relationship publishers --target.entity Publisher --cardinality one
 update Book --config "dab-config.MySql.json" --relationship websiteplacement --target.entity BookWebsitePlacement --cardinality one
@@ -81,6 +86,11 @@ update Book --config "dab-config.MySql.json" --permissions "policy_tester_08:cre
 update Book --config "dab-config.MySql.json" --permissions "policy_tester_08:update" --fields.include "*" --policy-database "@item.id eq 9"
 update Book --config "dab-config.MySql.json" --permissions "policy_tester_08:delete" --fields.include "*" --policy-database "@item.id eq 9"
 update Book --config "dab-config.MySql.json" --permissions "policy_tester_08:read" --fields.include "*"
+update Book --config "dab-config.MySql.json" --permissions "test_role_with_noread:create,update,delete"
+update Book --config "dab-config.MySql.json" --permissions "test_role_with_excluded_fields:create,update,delete"
+update Book --config "dab-config.MySql.json" --permissions "test_role_with_excluded_fields:read" --fields.exclude "publisher_id"
+update Book --config "dab-config.MySql.json" --permissions "test_role_with_policy_excluded_fields:create,update,delete"
+update Book --config "dab-config.MySql.json" --permissions "test_role_with_policy_excluded_fields:read" --fields.exclude "publisher_id" --policy-database "@item.title ne 'Test'"
 update Review --config "dab-config.MySql.json" --permissions "authenticated:create,read,update,delete" --rest true --graphql review:reviews
 update Review --config "dab-config.MySql.json" --relationship books --target.entity Book --cardinality one
 update Empty --config "dab-config.MySql.json" --permissions "anonymous:read"

config-generators/postgresql-commands.txt

@@ -51,8 +51,13 @@ update Publisher --config "dab-config.PostgreSql.json" --permissions "database_p
 update Publisher --config "dab-config.PostgreSql.json" --permissions "database_policy_tester:create"
 update Publisher --config "dab-config.PostgreSql.json" --permissions "database_policy_tester:update" --policy-database "@item.id ne 1234"
 update Stock --config "dab-config.PostgreSql.json" --permissions "authenticated:create,read,update,delete" --rest commodities --graphql true --relationship stocks_price --target.entity stocks_price --cardinality one
-update Stock --config "dab-config.PostgreSql.json" --permissions "database_policy_tester:create"
+update Stock --config "dab-config.PostgreSql.json" --permissions "database_policy_tester:create,read"
 update Stock --config "dab-config.PostgreSql.json" --permissions "database_policy_tester:update" --policy-database "@item.pieceid ne 1"
+update Stock --config "dab-config.PostgreSql.json" --permissions "test_role_with_noread:create,update,delete"
+update Stock --config "dab-config.PostgreSql.json" --permissions "test_role_with_excluded_fields:create,update,delete"
+update Stock --config "dab-config.PostgreSql.json" --permissions "test_role_with_excluded_fields:read" --fields.exclude "categoryName"
+update Stock --config "dab-config.PostgreSql.json" --permissions "test_role_with_policy_excluded_fields:create,update,delete"
+update Stock --config "dab-config.PostgreSql.json" --permissions "test_role_with_policy_excluded_fields:read" --fields.exclude "categoryName" --policy-database "@item.piecesAvailable ne 0"
 update Book --config "dab-config.PostgreSql.json" --permissions "authenticated:create,read,update,delete"
 update Book --config "dab-config.PostgreSql.json" --relationship publishers --target.entity Publisher --cardinality one
 update Book --config "dab-config.PostgreSql.json" --relationship websiteplacement --target.entity BookWebsitePlacement --cardinality one
@@ -85,6 +90,11 @@ update Book --config "dab-config.PostgreSql.json" --permissions "policy_tester_0
 update Book --config "dab-config.PostgreSql.json" --permissions "policy_tester_08:update" --fields.include "*" --policy-database "@item.id eq 9"
 update Book --config "dab-config.PostgreSql.json" --permissions "policy_tester_08:delete" --fields.include "*" --policy-database "@item.id eq 9"
 update Book --config "dab-config.PostgreSql.json" --permissions "policy_tester_08:read" --fields.include "*"
+update Book --config "dab-config.PostgreSql.json" --permissions "test_role_with_noread:create,update,delete"
+update Book --config "dab-config.PostgreSql.json" --permissions "test_role_with_excluded_fields:create,update,delete"
+update Book --config "dab-config.PostgreSql.json" --permissions "test_role_with_excluded_fields:read" --fields.exclude "publisher_id"
+update Book --config "dab-config.PostgreSql.json" --permissions "test_role_with_policy_excluded_fields:create,update,delete"
+update Book --config "dab-config.PostgreSql.json" --permissions "test_role_with_policy_excluded_fields:read" --fields.exclude "publisher_id" --policy-database "@item.title ne 'Test'"
 update Review --config "dab-config.PostgreSql.json" --permissions "authenticated:create,read,update,delete" --rest true --graphql review:reviews
 update Review --config "dab-config.PostgreSql.json" --relationship books --target.entity Book --cardinality one
 update Empty --config "dab-config.PostgreSql.json" --permissions "anonymous:read"

src/Auth/IAuthorizationResolver.cs

@@ -56,6 +56,21 @@ public interface IAuthorizationResolver
     /// <returns></returns>
     public IEnumerable<string> GetAllowedExposedColumns(string entityName, string roleName, EntityActionOperation operation);
 
+    /// <summary>
+    /// Helper function to fetch the database policy associated with the current request based on the entity under
+    /// action, the role defined in the the request and the operation to be executed.
+    /// When no database policy is found, no database query predicates need to be added.
+    /// 1) _entityPermissionMap[entityName] finds the entityMetaData for the current entityName
+    /// 2) entityMetaData.RoleToOperationMap[roleName] finds the roleMetaData for the current roleName
+    /// 3) roleMetaData.OperationToColumnMap[operation] finds the operationMetadata for the current operation
+    /// 4) operationMetaData.databasePolicy finds the required database policy
+    /// </summary>
+    /// <param name="entityName">Entity from request.</param>
+    /// <param name="roleName">Role defined in client role header.</param>
+    /// <param name="operation">Operation type: create, read, update, delete.</param>
+    /// <returns>Policy string if a policy exists in config.</returns>
+    public string GetDBPolicyForRequest(string entityName, string roleName, EntityActionOperation operation);
+
     /// <summary>
     /// Retrieves the policy of an operation within an entity's role entry
     /// within the permissions section of the runtime config, and tries to process

src/Config/DataApiBuilderException.cs

@@ -102,6 +102,14 @@ public enum SubStatusCodes
         /// DataSource not found for multiple db scenario.
         /// </summary>
         DataSourceNotFound,
+        /// <summary>
+        /// Item identified by the PK is not found in the database.
+        /// </summary>
+        ItemNotFound,
+        /// <summary>
+        /// Invalid PK field(s) specified in the request.
+        /// </summary>
+        InvalidIdentifierField
     }
 
     public HttpStatusCode StatusCode { get; }

src/Core/Authorization/AuthorizationResolver.cs

@@ -190,20 +190,8 @@ public string ProcessDBPolicy(string entityName, string roleName, EntityActionOp
             return GetPolicyWithClaimValues(dBpolicyWithClaimTypes, GetAllUserClaims(httpContext));
         }
 
-        /// <summary>
-        /// Helper function to fetch the database policy associated with the current request based on the entity under
-        /// action, the role defined in the the request and the operation to be executed.
-        /// When no database policy is found, no database query predicates need to be added.
-        /// 1) _entityPermissionMap[entityName] finds the entityMetaData for the current entityName
-        /// 2) entityMetaData.RoleToOperationMap[roleName] finds the roleMetaData for the current roleName
-        /// 3) roleMetaData.OperationToColumnMap[operation] finds the operationMetadata for the current operation
-        /// 4) operationMetaData.databasePolicy finds the required database policy
-        /// </summary>
-        /// <param name="entityName">Entity from request.</param>
-        /// <param name="roleName">Role defined in client role header.</param>
-        /// <param name="operation">Operation type: create, read, update, delete.</param>
-        /// <returns>Policy string if a policy exists in config.</returns>
-        private string GetDBPolicyForRequest(string entityName, string roleName, EntityActionOperation operation)
+        /// <inheritdoc />
+        public string GetDBPolicyForRequest(string entityName, string roleName, EntityActionOperation operation)
         {
             if (!EntityPermissionsMap[entityName].RoleToOperationMap.TryGetValue(roleName, out RoleMetadata? roleMetadata))
             {

src/Core/Resolvers/CosmosQueryEngine.cs

@@ -184,7 +184,7 @@ public async Task<Tuple<IEnumerable<JsonDocument>, IMetadata>> ExecuteListAsync(
         }
 
         /// <inheritdoc />
-        public Task<IActionResult> ExecuteAsync(FindRequestContext context, string dataSourceName = "")
+        public Task<JsonDocument> ExecuteAsync(FindRequestContext context, string dataSourceName = "")
         {
             throw new NotImplementedException();
         }

src/Core/Resolvers/IQueryEngine.cs

@@ -34,7 +34,7 @@ public interface IQueryEngine
         /// <summary>
         /// Given the RestRequestContext, obtains the query text and executes it against the backend.
         /// </summary>
-        public Task<IActionResult> ExecuteAsync(FindRequestContext context, string dataSourceName = "");
+        public Task<JsonDocument?> ExecuteAsync(FindRequestContext context, string dataSourceName = "");
 
         /// <summary>
         /// Given the StoredProcedureRequestContext, obtains the query text and executes it against the backend.

src/Core/Resolvers/MsSqlQueryExecutor.cs

@@ -270,7 +270,7 @@ public override async Task<DbResultSet> GetMultipleResultSetsIfAnyAsync(
                             message: $"Cannot perform INSERT and could not find {entityName} " +
                             $"with primary key {prettyPrintPk} to perform UPDATE on.",
                             statusCode: HttpStatusCode.NotFound,
-                            subStatusCode: DataApiBuilderException.SubStatusCodes.EntityNotFound);
+                            subStatusCode: DataApiBuilderException.SubStatusCodes.ItemNotFound);
                 }
 
                 throw new DataApiBuilderException(

src/Core/Resolvers/QueryExecutor.cs

@@ -363,7 +363,7 @@ DbResultSet dbResultSet
                         message: $"Cannot perform INSERT and could not find {entityName} " +
                             $"with primary key {prettyPrintPk} to perform UPDATE on.",
                             statusCode: HttpStatusCode.NotFound,
-                            subStatusCode: DataApiBuilderException.SubStatusCodes.EntityNotFound);
+                            subStatusCode: DataApiBuilderException.SubStatusCodes.ItemNotFound);
                 }
             }