Skip to content

fix(policy): include attribute value fqn in subject mapping lookup#3720

Merged
jakedoublev merged 2 commits into
mainfrom
fix/get-subject-mapping-attribute-value-fqn
Jul 2, 2026
Merged

fix(policy): include attribute value fqn in subject mapping lookup#3720
jakedoublev merged 2 commits into
mainfrom
fix/get-subject-mapping-attribute-value-fqn

Conversation

@jakedoublev

@jakedoublev jakedoublev commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Changes

  • Include attribute value FQN in GetSubjectMapping responses.
  • Align GetSubjectMapping attribute value shape with ListSubjectMappings.
  • Assert subject mapping lookups return the embedded attribute value FQN.

Summary by CodeRabbit

  • Bug Fixes
    • Subject mapping results now return the correct attribute value FQN consistently across single-item and list views.
    • Improved alignment between fetched mapping details and separately retrieved attribute values, reducing mismatches in displayed mapping data.

@coderabbitai

coderabbitai Bot commented Jul 2, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 152fa8c8-18ef-4395-9643-988823b8057b

📥 Commits

Reviewing files that changed from the base of the PR and between 3ce01c2 and 9ad3176.

📒 Files selected for processing (3)
  • service/integration/subject_mappings_test.go
  • service/policy/db/queries/subject_mappings.sql
  • service/policy/db/subject_mappings.sql.go

📝 Walkthrough

Walkthrough

Subject mapping SQL queries and their generated Go counterparts rename the attribute_fqns join alias from fqns to av_fqns for sourcing the attribute value FQN, updating GROUP BY clauses accordingly. An integration test adds an assertion verifying the returned FQN matches the separately fetched attribute value.

Changes

Attribute Value FQN Alias Update

Layer / File(s) Summary
SQL query source updates
service/policy/db/queries/subject_mappings.sql
listSubjectMappings and getSubjectMapping rename the attribute_fqns join alias from fqns to av_fqns and update GROUP BY clauses to match.
Generated query code updates
service/policy/db/subject_mappings.sql.go
Generated SQL strings and block comments for getSubjectMapping and listSubjectMappings are regenerated to reflect the av_fqns alias and updated GROUP BY.
Integration test verification
service/integration/subject_mappings_test.go
TestGetSubjectMapping adds an assertion that the returned attribute value FQN matches the FQN from a separately fetched attribute value.

Estimated code review effort: 2 (Simple) | ~10 minutes

Suggested reviewers: c-r33d, dmihalcik-virtru

Poem

A rabbit hopped through joins and views,
Renamed a fqn, tightened the screws,
av_fqns now leads the way,
GROUP BY aligned, come what may,
One test to check it's all in tune —
🐰 hop, hop, done by noon!

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title is concise and accurately describes the main change: adding the attribute value FQN to subject mapping lookup results.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/get-subject-mapping-attribute-value-fqn

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions github-actions Bot added comp:db DB component comp:policy Policy Configuration ( attributes, subject mappings, resource mappings, kas registry) size/s labels Jul 2, 2026
@gemini-code-assist

Copy link
Copy Markdown
Contributor

Summary of Changes

Hello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request updates the GetSubjectMapping functionality to include the attribute value's Fully Qualified Name (FQN) in the response. By adjusting the underlying SQL query and ensuring the response shape is consistent with other list operations, the changes improve data completeness and API consistency. Integration tests have been updated to verify that the FQN is correctly returned.

Highlights

  • Database Query Update: Updated the getSubjectMapping SQL query to include the attribute value FQN by joining the attribute_fqns table.
  • Response Alignment: Modified the JSON response structure for attribute values to match the format used in ListSubjectMappings.
  • Test Verification: Added an assertion in the integration tests to ensure the retrieved subject mapping correctly includes the attribute value FQN.
New Features

🧠 You can now enable Memory (public preview) to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.


The query was missing a name, / To bring all the data to fame. / With FQN joined, / The truth is now coined, / And testing confirms it's the same.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the subject mapping retrieval logic to include the fully qualified name (FQN) of the attribute value. This is achieved by joining the attribute_fqns table in the SQL query and mapping the FQN into the returned JSON object. The generated Go code has been updated accordingly, and a new assertion has been added to the integration tests to verify this behavior. There are no review comments, and I have no feedback to provide.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor
Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 189.735911ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 103.656927ms

Benchmark Statistics

Name № Requests Avg Duration Min Duration Max Duration

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 423.266104ms
Throughput 236.26 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 44.978448127s
Average Latency 448.191685ms
Throughput 111.16 requests/second

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

@jakedoublev jakedoublev marked this pull request as ready for review July 2, 2026 21:30
@jakedoublev jakedoublev requested review from a team as code owners July 2, 2026 21:30
@jakedoublev jakedoublev enabled auto-merge July 2, 2026 21:32
@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor
Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 205.402379ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 97.360751ms

Benchmark Statistics

Name № Requests Avg Duration Min Duration Max Duration

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 436.740625ms
Throughput 228.97 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 44.826438503s
Average Latency 446.540036ms
Throughput 111.54 requests/second

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

⚠️ Govulncheck found vulnerabilities ⚠️

The following modules have known vulnerabilities:

  • examples
  • otdfctl
  • sdk
  • service
  • lib/fixtures
  • tests-bdd

See the workflow run for details.

@jakedoublev jakedoublev added this pull request to the merge queue Jul 2, 2026
Merged via the queue into main with commit 8b63934 Jul 2, 2026
46 checks passed
@jakedoublev jakedoublev deleted the fix/get-subject-mapping-attribute-value-fqn branch July 2, 2026 22:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

comp:db DB component comp:policy Policy Configuration ( attributes, subject mappings, resource mappings, kas registry) size/s

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants