perm sync validation framework #4958
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
There was a problem hiding this comment.
PR Summary
Implements a new permission sync validation framework that enables connectors to validate their permission sync capabilities during CC pair setup and credential swapping.
- Added
validate_perm_syncmethod toBaseConnectorinbackend/onyx/connectors/interfaces.pyallowing connectors to implement custom validation logic - Added
access_typeparameter to credential-related functions across the stack to enforce proper permission validation during CC pair creation and modification - Modified
CredentialSwapRequestmodel inbackend/onyx/server/documents/models.pyto include requiredaccess_typefield for validation - Updated frontend components to properly pass and handle
accessTypeduring credential operations, maintaining type safety - Standardized permission validation across credential creation, modification, and swapping flows
11 files reviewed, 2 comments
Edit PR Review Bot Settings | Greptile
Comment on lines
953
to
959
| validate_ccpair_for_user( | ||
| connector_id=connector_id, | ||
| credential_id=credential_id, | ||
| access_type=connector_data.access_type, | ||
| db_session=db_session, | ||
| ) | ||
| response = add_credential_to_connector( |
There was a problem hiding this comment.
logic: New access_type validation might throw ConnectorValidationError - add error handling here similar to line 990
Comment on lines
278
to
280
| if (onSwap && attachedConnector) { | ||
| onSwap(selectedCredential!, attachedConnector.id); | ||
| onSwap(selectedCredential!, attachedConnector.id, accessType); | ||
| if (close) { |
There was a problem hiding this comment.
style: non-null assertion (!) used here could be replaced with a proper type guard to ensure type safety
evan-onyx
force-pushed
the
feat/perm-sync-valid-framework
branch
from
960739c to
bfdcc5c
Compare
AnkitTukatek
pushed a commit
to TukaTek/onyx
that referenced
this pull request
Sep 23, 2025
* perm synce validation framework * frontend fixes * validate perm sync when getting runner * attempt to fix integration tests * added new file * oops * skipping salesforce test due to creds * add todo
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Addresses https://linear.app/danswer/issue/DAN-2149/permission-sync-validation-framework
Adds a new validation function to connectors that connector implementers can implement. The validation function is called for all CC pairs set up to use perm sync
How Has This Been Tested?
n/a
Backporting (check the box to trigger backport action)
Note: You have to check that the action passes, otherwise resolve the conflicts manually and tag the patches.