Skip to content

Add API-level filtering to exclude AGENT userstore from GET /userstores endpoint#1148

Open
ruchiralakshan123 wants to merge 2 commits into
wso2:masterfrom
ruchiralakshan123:fix-agent-userstore-exclusion
Open

Add API-level filtering to exclude AGENT userstore from GET /userstores endpoint#1148
ruchiralakshan123 wants to merge 2 commits into
wso2:masterfrom
ruchiralakshan123:fix-agent-userstore-exclusion

Conversation

@ruchiralakshan123

Copy link
Copy Markdown

Purpose

Currently, the AGENT userstore appears in UI selection dropdowns across various features (such as JIT provisioning, user attribute mappings, etc.) where it should not be selectable. UI components are implementing ad-hoc hardcoded filtering logic to exclude it, which is not scalable.

This PR introduces an optional query parameter excludeAgentUserstore to the GET /api/server/v1/userstores endpoint to exclude the AGENT userstore at the API level.

Resolves: wso2/product-is#27435

Goals

Exclude the AGENT userstore at the API level from the /userstores GET endpoint response when requested.

Approach

  1. Updated the OpenAPI specification (userstore.yaml) to introduce a new boolean query parameter excludeAgentUserstore (default: false for backward compatibility).
  2. Manually updated the generated interfaces UserstoresApi.java and UserstoresApiService.java to support the new parameter.
  3. Updated the implementation in UserstoresApiServiceImpl.java to filter out any userstores with the name "AGENT" (case-insensitive) from the returned list when excludeAgentUserstore is set to true.

User stories

N/A

Developer Checklist (Mandatory)

  • Complete the Developer Checklist in the related product-is issue to track any behavioral change or migration impact.

Release note

Added a new query parameter excludeAgentUserstore to the /userstores API to exclude the AGENT userstore at the API level.

Documentation

N/A - This is a self-documented API query parameter in the OpenAPI spec.

Training

N/A

Certification

N/A

Marketing

N/A

Automation tests

  • Unit tests

    N/A - Local build and compilation completed successfully.

  • Integration tests

    N/A

Security checks

Samples

N/A

Related PRs

N/A

Migrations (if applicable)

N/A

Test environment

  • JDK Version: Java 21 (Temurin JDK 21.0.10)
  • Operating System: Windows 11

Learning

Standard JAX-RS REST API development patterns and Swagger/OpenAPI code-generation workflows within the WSO2 identity-api-server repository.

@coderabbitai

coderabbitai Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Warning

Review limit reached

@ruchiralakshan123, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 32 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 57fca0b9-d744-4129-9618-6b1b1313cd2e

📥 Commits

Reviewing files that changed from the base of the PR and between 577a0d4 and 0f7168b.

📒 Files selected for processing (1)
  • components/org.wso2.carbon.identity.api.server.userstore/org.wso2.carbon.identity.api.server.userstore.v1/src/main/java/org/wso2/carbon/identity/api/server/userstore/v1/impl/UserstoresApiServiceImpl.java
📝 Walkthrough

Walkthrough

The GET /userstores API now accepts the optional excludeAgentUserstore boolean parameter, defaulting to false. When enabled, UserstoresApiServiceImpl removes user stores named AGENT from the service response using case-insensitive comparison. Existing behavior remains unchanged when the parameter is disabled or the returned list is null.

Sequence Diagram(s)

sequenceDiagram
  participant Client
  participant UserstoresApiServiceImpl
  participant serverUserStoreService
  Client->>UserstoresApiServiceImpl: Request userstores with exclusion enabled
  UserstoresApiServiceImpl->>serverUserStoreService: Retrieve userstore list
  serverUserStoreService-->>UserstoresApiServiceImpl: Return userstore list
  UserstoresApiServiceImpl-->>Client: Return list without AGENT
Loading
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly describes the main change: adding API-level filtering to exclude AGENT userstores from GET /userstores.
Description check ✅ Passed The description follows the template closely and covers purpose, goals, approach, testing, security, and release-note details.
Linked Issues check ✅ Passed The change implements the requested optional excludeAgentUserstore parameter and filters AGENT userstores case-insensitively when enabled.
Out of Scope Changes check ✅ Passed The summarized changes stay focused on the requested API parameter and filtering behavior with no obvious unrelated additions.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
components/org.wso2.carbon.identity.api.server.userstore/org.wso2.carbon.identity.api.server.userstore.v1/src/main/java/org/wso2/carbon/identity/api/server/userstore/v1/impl/UserstoresApiServiceImpl.java (1)

111-119: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Consider using Streams for filtering.

The filtering logic can be simplified using Java Streams for better readability.

♻️ Proposed refactor
-        if (Boolean.TRUE.equals(excludeAgentUserstore) && userStoreList != null) {
-            List<UserStoreListResponse> filteredUserStores = new ArrayList<>();
-            for (UserStoreListResponse userStore : userStoreList) {
-                if (!"AGENT".equalsIgnoreCase(userStore.getName())) {
-                    filteredUserStores.add(userStore);
-                }
-            }
-            return Response.ok().entity(filteredUserStores).build();
-        }
+        if (Boolean.TRUE.equals(excludeAgentUserstore) && userStoreList != null) {
+            List<UserStoreListResponse> filteredUserStores = userStoreList.stream()
+                    .filter(userStore -> !"AGENT".equalsIgnoreCase(userStore.getName()))
+                    .collect(java.util.stream.Collectors.toList());
+            return Response.ok().entity(filteredUserStores).build();
+        }
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@components/org.wso2.carbon.identity.api.server.userstore/org.wso2.carbon.identity.api.server.userstore.v1/src/main/java/org/wso2/carbon/identity/api/server/userstore/v1/impl/UserstoresApiServiceImpl.java`
around lines 111 - 119, Refactor the filtering branch in
UserstoresApiServiceImpl to use a Java Stream over userStoreList, retaining only
entries whose names are not equal to “AGENT” case-insensitively, then build the
response from the collected list. Preserve the existing null check,
excludeAgentUserstore condition, and response behavior.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In
`@components/org.wso2.carbon.identity.api.server.userstore/org.wso2.carbon.identity.api.server.userstore.v1/src/main/java/org/wso2/carbon/identity/api/server/userstore/v1/impl/UserstoresApiServiceImpl.java`:
- Around line 111-119: Refactor the filtering branch in UserstoresApiServiceImpl
to use a Java Stream over userStoreList, retaining only entries whose names are
not equal to “AGENT” case-insensitively, then build the response from the
collected list. Preserve the existing null check, excludeAgentUserstore
condition, and response behavior.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 95dbc1d0-80a4-4232-a266-367f0737299e

📥 Commits

Reviewing files that changed from the base of the PR and between bb56735 and 577a0d4.

⛔ Files ignored due to path filters (2)
  • components/org.wso2.carbon.identity.api.server.userstore/org.wso2.carbon.identity.api.server.userstore.v1/src/gen/java/org/wso2/carbon/identity/api/server/userstore/v1/UserstoresApi.java is excluded by !**/gen/**
  • components/org.wso2.carbon.identity.api.server.userstore/org.wso2.carbon.identity.api.server.userstore.v1/src/gen/java/org/wso2/carbon/identity/api/server/userstore/v1/UserstoresApiService.java is excluded by !**/gen/**
📒 Files selected for processing (2)
  • components/org.wso2.carbon.identity.api.server.userstore/org.wso2.carbon.identity.api.server.userstore.v1/src/main/java/org/wso2/carbon/identity/api/server/userstore/v1/impl/UserstoresApiServiceImpl.java
  • components/org.wso2.carbon.identity.api.server.userstore/org.wso2.carbon.identity.api.server.userstore.v1/src/main/resources/userstore.yaml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Add API-level filtering to exclude AGENT userstore from GET /userstores endpoint

1 participant