Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[OB3] Consider all users of the consent when revoking #89

Merged
merged 1 commit into from
Jul 20, 2024
Merged

[OB3] Consider all users of the consent when revoking #89

merged 1 commit into from
Jul 20, 2024

Conversation

imesh94
Copy link
Contributor

@imesh94 imesh94 commented Jul 16, 2024

[OB3] Consider all users of the consent when revoking

Currently in user validation for consent revocation, a random user id from the consent is matched against the user who is trying to revoke the consent. This PR improves this logic to consider all members of the consent instead. If there is an authorization type validation to be done for consent revocation, it should be handled at the toolkit level because authorization types are specific to each OB spec.

Issue link: https://github.com/wso2-enterprise/ob-compliance-toolkit-cds/issues/480

Doc Issue: Optional, link issue from documentation repository

Applicable Labels: Spec, product, version, type (specify requested labels)

Development Checklist

  1. Built complete solution with pull request in place.
  2. Ran checkstyle plugin with pull request in place.
  3. Ran Findbugs plugin with pull request in place.
  4. Formatted code according to WSO2 code style.
  5. Migration scripts written (if applicable).

Secure Development Checklist

  1. Ran FindSecurityBugs plugin and verified report.
  2. Ran Dependency-check plugin and verified report for new dependencies added.
  3. Ran Dependency-check plugin and verified report for dependency version changes.
  4. Have you verify the PR does't commit any keys, passwords, tokens, usernames, or other secrets?
  5. Have you followed secure coding standards in WSO2 Secure Engineering Guidelines?

Testing Checklist

  1. Written unit tests.
  2. Documented test scenarios(link available in guides).
  3. Written automation tests (link available in guides).
  4. Verified tests in multiple database environments (if applicable).
  5. Verified tests in multiple deployed specifications (if applicable).
  6. Tested with OBBI enabled (if applicable).
  7. Tested with specification regulatory conformance suites (if applicable).

Automation Test Details

Test Suite Test Script IDs
Integration Suite TCXXXXX, TCXXXX

Conformance Tests Details

Test Suite Name Test Suite Version Scenarios Result
Security Suite VX.X Foo, Bar Passed

Resources

Knowledge Base: https://sites.google.com/wso2.com/open-banking/

Guides: https://sites.google.com/wso2.com/open-banking/developer-guides

@aka4rKO aka4rKO merged commit 6210b0f into wso2:main Jul 20, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aka4rKO aka4rKO aka4rKO approved these changes

@Akila94 Akila94 Akila94 approved these changes

@Ashi1993 Ashi1993 Ashi1993 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@imesh94 @Ashi1993 @Akila94 @aka4rKO