Skip to content

feat(lapis): remove protected OpennessLevel #1499

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
fengelniederhammer merged 4 commits into from
Jan 13, 2026
Merged

feat(lapis): remove protected OpennessLevel #1499

fengelniederhammer merged 4 commits into from
Jan 13, 2026

Conversation

@fengelniederhammer
Copy link
Contributor

@fengelniederhammer fengelniederhammer commented Jan 12, 2026

resolves #1498

I still left the opennessLevel field in the database config, since we might need it we implement proper authorization. Or do you think we should remove it now?

I also didn't label this as breaking (althought it technically is) since noone was using it and it was an intentionally undocumented feature. Or should we even mark it as chore so that it doesn't show up in the changelog?

PR Checklist

  • All necessary documentation has been adapted.
  • The implemented feature is covered by an appropriate test.

@vercel
Copy link

vercel bot commented Jan 12, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
lapis Ready Ready Preview, Comment Jan 12, 2026 8:25am

@github-actions
Copy link
Contributor

github-actions bot commented Jan 12, 2026

This is a preview of the changelog of the next release. If this branch is not up-to-date with the current main branch, the changelog may not be accurate. Rebase your branch on the main branch to get the most accurate changelog.

Note that this might contain changes that are on main, but not yet released.

Changelog:

0.6.4 (2026-01-12)

Features

  • lapis: remove protected OpennessLevel (5e94d9d), closes #1498

Copilot AI reviewed Jan 12, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR removes the PROTECTED OpennessLevel from LAPIS, simplifying the authorization model by eliminating the access key-based protection system.

Changes:

  • Removed the PROTECTED enum value from OpennessLevel and all associated authorization logic
  • Deleted access key configuration files, readers, and authorization filters
  • Removed test coverage for protected routes and access key validation
  • Cleaned up OpenAPI schema generation to no longer support protected mode

Reviewed changes

Copilot reviewed 32 out of 33 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
lapis/src/main/kotlin/org/genspectrum/lapis/config/DatabaseConfig.kt Removed PROTECTED enum value from OpennessLevel
lapis/src/main/kotlin/org/genspectrum/lapis/config/AccessKeys.kt Deleted entire file containing access key data structures and reader
lapis/src/main/kotlin/org/genspectrum/lapis/auth/DataOpennessAuthorizationFilter.kt Removed ProtectedDataAuthorizationFilter class and simplified factory
lapis/src/main/kotlin/org/genspectrum/lapis/silo/SiloClient.kt Removed checkProtection parameter from query methods
lapis/src/main/kotlin/org/genspectrum/lapis/openApi/OpenApiDocs.kt Removed access key schema and databaseConfig parameters from schema builders
lapis/src/main/kotlin/org/genspectrum/lapis/openApi/Schemas.kt Deleted access key description constant
lapis/src/main/kotlin/org/genspectrum/lapis/openApi/AccessKeyParameterCustomizer.kt Deleted entire customizer class
lapis/src/main/kotlin/org/genspectrum/lapis/request/SpecialProperties.kt Removed ACCESS_KEY_PROPERTY constant and related mappings
lapis/src/test/kotlin/org/genspectrum/lapis/auth/ProtectedDataAuthorizationTest.kt Deleted comprehensive test suite for protected authorization
lapis/src/test/kotlin/org/genspectrum/lapis/config/AccessKeysReaderTest.kt Deleted access key reader tests
lapis/src/test/resources/config/testAccessKeys.yaml Deleted test access keys configuration
lapis/src/test/resources/config/protectedDataDatabaseConfig.yaml Deleted protected database configuration
lapis/src/test/resources/application-test.properties Removed access keys path property
lapis/src/main/resources/application-docker.properties Removed access keys path property
lapis/build.gradle Removed opennessLevel parameter from OpenAPI generation
lapis/README.md Removed documentation for generating protected OpenAPI docs
lapis/.gitignore Removed protected OpenAPI file entries
lapis/docker-compose.yml Removed lapisProtected service definition
lapis-e2e/testData/singleSegmented/protectedTestDatabaseConfig.yaml Deleted protected test configuration
lapis-e2e/test/protectedRoutes.spec.ts Deleted end-to-end tests for protected routes
lapis-e2e/test/common.ts Removed protected client references
lapis-e2e/package.json Removed protected client generation scripts
lapis-e2e/generateOpenApiClients.sh Removed protected OpenAPI generation command
lapis-e2e/.prettierignore Removed protected client path
lapis-docs/src/components/ConfigGenerator/configContext.tsx Removed PROTECTED from openness level schema
Files not reviewed (1)
  • .idea/runConfigurations/LapisProtected.xml: Language not supported

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

fhennig
fhennig approved these changes Jan 12, 2026
View reviewed changes
Copy link
Contributor

@fhennig fhennig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

I think 'feat' is fine, and also making it non-breaking. This way we can find it in the changelog, but yes, it's undocumented so it's not breaking, fine for me.

@chaoran-chen
Copy link
Member

chaoran-chen commented Jan 12, 2026

Thanks, sounds all good to me!

@fengelniederhammer fengelniederhammer merged commit f1d24c5 into main Jan 13, 2026
8 of 9 checks passed
@fengelniederhammer fengelniederhammer deleted the 1498-remove-the-protected-opennesslevel branch January 13, 2026 07:27
This was referenced Jan 13, 2026
Merged
Merged
Open
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@fhennig fhennig fhennig approved these changes

@chaoran-chen chaoran-chen Awaiting requested review from chaoran-chen

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Remove the protected OpennessLevel

4 participants

@fengelniederhammer @chaoran-chen @fhennig