Add push device update endpoints to allowed endpoints#7927
Add push device update endpoints to allowed endpoints#7927VihangaMunasinghe wants to merge 5 commits into
Conversation
📝 WalkthroughWalkthroughUpdated copyright year to 2026 in a resource access control configuration file. Added two new unsecured POST endpoints for a Push Device Management API that allow device updates in both organization and non-organization contexts within the identity management system. Changes
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #7927 +/- ##
============================================
+ Coverage 52.97% 53.00% +0.02%
+ Complexity 20311 20306 -5
============================================
Files 2142 2142
Lines 124976 124826 -150
Branches 24882 24823 -59
============================================
- Hits 66211 66166 -45
+ Misses 50641 50535 -106
- Partials 8124 8125 +1
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|



Purpose
The new push device update endpoint (
POST /devices/{deviceId}/update) added inidentity-api-userneeds to be registered in the resource access control configuration. Without this, the endpoint would be blocked by the framework's access control layer.Related Issue
Related PRs
Goals
Approach
<Resource>entries inresource-access-control-v2.xml.j2:(.*)/o/api/users/v1/me/push/devices/(.*)/updatewithsecured="false"for POST.(.*)/api/users/v1/me/push/devices/(.*)/updatewithsecured="false"for POST./removeendpoint entries.User stories
As a mobile app user, I want the device update endpoint to be accessible so that I can update my device's push notification token or device name.
Release note
Added the push device update endpoint (
/devices/{deviceId}/update) to the allowed endpoints in the resource access control configuration.Documentation
N/A - Internal framework configuration change. No user-facing documentation impact.
Training
N/A
Certification
N/A - Configuration change with no impact on certification content.
Marketing
N/A
Automation tests
N/A - Configuration file change only.
N/A
Security checks
Samples
N/A
Migrations (if applicable)
No migrations required. Existing deployments will pick up the new resource access control entries on upgrade.
Learning
Followed the existing pattern used by the
/removeendpoint for registering unsecured push device endpoints in both organization and tenant contexts.