Merge remote-tracking branch 'origin/main' into fix-rest-openapi-redirect

Author: drewda

.github/workflows/test.yml

@@ -26,7 +26,7 @@ jobs:
     env:
       TL_TEST_DATABASE_URL: postgres://root:for_testing@localhost:5432/tlv2_test?sslmode=disable
       TL_TEST_SERVER_DATABASE_URL: postgres://root:for_testing@localhost:5432/tlv2_test_server?sslmode=disable
-      TL_REDIS_URL: redis://localhost    
+      TL_REDIS_URL: redis://localhost
     services:
       postgres:
         image: postgis/postgis:12-3.4-alpine
@@ -37,7 +37,7 @@ jobs:
           POSTGRES_PASSWORD: for_testing
           POSTGRES_DB: tlv2_test_server
         options: >-
-          --health-cmd pg_isready
+          --health-cmd "pg_isready -U root -d tlv2_test_server"
           --health-interval 10s
           --health-timeout 5s
           --health-retries 5
@@ -61,7 +61,7 @@ jobs:
     - run: (cd cmd/transitland && go version && go install .)
     - run: ./testdata/test_setup.sh
     - name: Run tests
-      run: go test -v -coverprofile c.out ./...
+      run: go test -coverprofile c.out ./...
     - name: Produce coverage report
       run: go tool cover -html=c.out -o coverage.html
     - name: Save coverage report as artifact

cmds/server_cmd.go

@@ -172,7 +172,7 @@ func (cmd *ServerCommand) Run(ctx context.Context) error {
 
 	// Disable auth if requested
 	if cmd.DisableAuth {
-		cfg.Checker = &globalAdminChecker{}
+		cfg.Checker = globalAdminCheckerInstance
 	}
 
 	// Setup router
@@ -250,12 +250,5 @@ func (cmd *ServerCommand) Run(ctx context.Context) error {
 	return srv.ListenAndServe()
 }
 
-// globalAdminChecker is a simple checker that always returns true for CheckGlobalAdmin,
-// effectively disabling all feed authorization checks.
-type globalAdminChecker struct {
-	authz.UnimplementedCheckerServer
-}
-
-func (c *globalAdminChecker) CheckGlobalAdmin(ctx context.Context) (bool, error) {
-	return true, nil
-}
+// globalAdminChecker disables all feed authorization checks.
+var globalAdminCheckerInstance = &authz.GlobalAdminChecker{}

doc/admin-api-migration.md

@@ -0,0 +1,40 @@
+# Admin REST API Migration Guide
+
+The authorization system internals have been refactored, but the admin REST API response shapes are preserved. All endpoints use the same URL paths, HTTP methods, request bodies, and response JSON shapes as before.
+
+Request bodies use integer enum values for `type` and `relation` fields (e.g., `"type": 5` for user, `"relation": 1` for admin), matching the previous proto3 JSON format.
+
+## Unchanged endpoints
+
+All endpoints retain their existing response shapes:
+
+| Endpoint | Description |
+|----------|-------------|
+| `GET /me` | Current user info |
+| `GET /tenants` | List tenants |
+| `GET /tenants/:id` | Tenant permissions |
+| `POST /tenants/:id` | Update tenant name |
+| `POST /tenants/:id/groups` | Create group under tenant |
+| `POST /tenants/:id/permissions` | Add permission to tenant |
+| `DELETE /tenants/:id/permissions` | Remove permission from tenant |
+| `GET /groups` | List groups |
+| `GET /groups/:id` | Group permissions |
+| `POST /groups/:id` | Update group name |
+| `POST /groups/:id/permissions` | Add permission to group |
+| `DELETE /groups/:id/permissions` | Remove permission from group |
+| `POST /groups/:id/tenant` | Set group's parent tenant |
+| `GET /feeds` | List feeds |
+| `GET /feeds/:id` | Feed permissions |
+| `POST /feeds/:id/group` | Set feed's parent group |
+| `GET /feed_versions` | List feed versions |
+| `GET /feed_versions/:id` | Feed version permissions |
+| `POST /feed_versions/:id/permissions` | Add permission to feed version |
+| `DELETE /feed_versions/:id/permissions` | Remove permission from feed version |
+| `GET /users` | List users |
+| `GET /users/:id` | Get user |
+
+## Minor behavioral changes
+
+- **Actions map**: Only granted permissions (`true`) are included in the `actions` object. Previously, denied actions could appear as `false` due to proto3 default value behavior; now they are simply absent. Clients that check `actions.can_edit === true` are unaffected. Clients that check `"can_edit" in actions` should verify the value is `true`.
+- **Entity existence checks**: Permissions endpoints now return "not found" for non-existent entity IDs, even for global admins. Previously, global admins could query permissions on any ID without an existence check.
+- **Parse error handling**: Permission mutation endpoints (`POST/DELETE .../permissions`) now correctly return an error and stop processing if the JSON request body is malformed. Previously, a parse failure could fall through and attempt the operation with zero values.

go.mod

@@ -26,23 +26,26 @@ require (
 	github.com/golang/geo v0.0.0-20210211234256-740aa86cb551
 	github.com/google/uuid v1.6.0
 	github.com/graph-gophers/dataloader/v7 v7.1.0
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0
 	github.com/hypirion/go-filecache v0.0.0-20160810125507-e3e6ef6981f0
 	github.com/iancoleman/orderedmap v0.2.0
 	github.com/interline-io/log v0.0.0-20260130001517-d932d48db9e4
 	github.com/irees/squirrel v0.0.0-20250822021440-28034b47d2f4
-	github.com/jackc/pgx/v5 v5.7.4
+	github.com/jackc/pgx/v5 v5.8.0
 	github.com/jellydator/ttlcache/v2 v2.11.1
 	github.com/jlaffaye/ftp v0.0.0-20220524001917-dfa1e758f3af
 	github.com/jmoiron/sqlx v1.4.0
 	github.com/mattn/go-sqlite3 v1.14.22
 	github.com/mmcloughlin/geohash v0.10.0
+	github.com/openfga/api/proto v0.0.0-20260122164422-25e22cb1875b
 	github.com/openfga/go-sdk v0.2.3
+	github.com/openfga/openfga v1.11.5
 	github.com/pkg/errors v0.9.1
 	github.com/rs/zerolog v1.34.0
 	github.com/sergi/go-diff v1.3.1
 	github.com/snabb/isoweek v1.0.1
-	github.com/spf13/cobra v1.8.1
-	github.com/spf13/pflag v1.0.5
+	github.com/spf13/cobra v1.10.2
+	github.com/spf13/pflag v1.0.10
 	github.com/stretchr/testify v1.11.1
 	github.com/tidwall/gjson v1.18.0
 	github.com/tidwall/rtree v1.10.0
@@ -51,16 +54,18 @@ require (
 	github.com/twpayne/go-polyline v1.1.1
 	github.com/twpayne/go-shapefile v0.0.6
 	github.com/vektah/gqlparser/v2 v2.5.30
-	google.golang.org/grpc v1.79.3
-	google.golang.org/protobuf v1.36.10
+	google.golang.org/protobuf v1.36.11
 	gopkg.in/dnaeon/go-vcr.v2 v2.3.0
 )
 
 require (
+	cel.dev/expr v0.25.1 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/internal v1.8.0 // indirect
 	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
 	github.com/PuerkitoBio/rehttp v1.3.0 // indirect
+	github.com/Yiling-J/theine-go v0.6.2 // indirect
 	github.com/agnivade/levenshtein v1.2.1 // indirect
+	github.com/antlr4-go/antlr/v4 v4.13.1 // indirect
 	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.10 // indirect
 	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 // indirect
@@ -75,18 +80,28 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.1 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sts v1.33.19 // indirect
 	github.com/aws/smithy-go v1.22.3 // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cenkalti/backoff/v5 v5.0.3 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
+	github.com/emirpasic/gods v1.18.1 // indirect
+	github.com/envoyproxy/protoc-gen-validate v1.3.0 // indirect
 	github.com/flopp/go-coordsparser v0.0.0-20201115094714-8baaeb7062d5 // indirect
 	github.com/fogleman/gg v1.3.0 // indirect
+	github.com/fsnotify/fsnotify v1.9.0 // indirect
+	github.com/go-logr/logr v1.4.3 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.0 // indirect
 	github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
-	github.com/golang-jwt/jwt/v5 v5.2.2 // indirect
+	github.com/golang-jwt/jwt/v5 v5.3.1 // indirect
 	github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 // indirect
+	github.com/google/cel-go v0.27.0 // indirect
 	github.com/gorilla/websocket v1.5.0 // indirect
+	github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // indirect
+	github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.3 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
@@ -95,6 +110,7 @@ require (
 	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
 	github.com/jackc/puddle/v2 v2.2.2 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
+	github.com/klauspost/cpuid/v2 v2.0.9 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
 	github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
 	github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
@@ -103,43 +119,72 @@ require (
 	github.com/mattn/go-colorable v0.1.14 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/natefinch/wrap v0.2.0 // indirect
 	github.com/oasdiff/yaml v0.0.0-20250309154309-f31be36b4037 // indirect
 	github.com/oasdiff/yaml3 v0.0.0-20250309153720-d2182401db90 // indirect
+	github.com/oklog/ulid/v2 v2.1.1 // indirect
+	github.com/openfga/language/pkg/go v0.2.0-beta.2.0.20251027165255-0f8f255e5f6c // indirect
+	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
 	github.com/perimeterx/marshmallow v1.1.5 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
-	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
+	github.com/prometheus/client_golang v1.23.2 // indirect
+	github.com/prometheus/client_model v0.6.2 // indirect
+	github.com/prometheus/common v0.66.1 // indirect
+	github.com/prometheus/procfs v0.16.1 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
+	github.com/sagikazarmark/locafero v0.9.0 // indirect
 	github.com/sosodev/duration v1.3.1 // indirect
+	github.com/sourcegraph/conc v0.3.0 // indirect
+	github.com/spf13/afero v1.15.0 // indirect
+	github.com/spf13/cast v1.10.0 // indirect
+	github.com/spf13/viper v1.20.1 // indirect
+	github.com/subosito/gotenv v1.6.0 // indirect
 	github.com/tidwall/geoindex v1.7.0 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/tkrajina/gpxgo v1.1.2 // indirect
 	github.com/urfave/cli/v2 v2.27.7 // indirect
 	github.com/woodsbury/decimal128 v1.3.0 // indirect
 	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
-	go.uber.org/atomic v1.7.0 // indirect
-	go.uber.org/goleak v1.3.0 // indirect
-	golang.org/x/crypto v0.46.0 // indirect
-	golang.org/x/image v0.18.0 // indirect
-	golang.org/x/mod v0.30.0 // indirect
-	golang.org/x/net v0.48.0 // indirect
-	golang.org/x/oauth2 v0.34.0 // indirect
+	github.com/zeebo/xxh3 v1.0.2 // indirect
+	go.opentelemetry.io/auto/sdk v1.2.1 // indirect
+	go.opentelemetry.io/otel v1.40.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.40.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.40.0 // indirect
+	go.opentelemetry.io/otel/metric v1.40.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.40.0 // indirect
+	go.opentelemetry.io/otel/trace v1.40.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.9.0 // indirect
+	go.uber.org/atomic v1.9.0 // indirect
+	go.uber.org/mock v0.6.0 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
+	go.uber.org/zap v1.27.1 // indirect
+	go.yaml.in/yaml/v2 v2.4.3 // indirect
+	go.yaml.in/yaml/v3 v3.0.4 // indirect
+	golang.org/x/crypto v0.47.0 // indirect
+	golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546 // indirect
+	golang.org/x/image v0.25.0 // indirect
+	golang.org/x/mod v0.32.0 // indirect
+	golang.org/x/net v0.49.0 // indirect
+	golang.org/x/oauth2 v0.35.0 // indirect
 	golang.org/x/sync v0.19.0 // indirect
 	golang.org/x/sys v0.40.0 // indirect
 	golang.org/x/term v0.39.0 // indirect
-	golang.org/x/text v0.32.0 // indirect
-	golang.org/x/tools v0.39.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 // indirect
-	google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.5.1 // indirect
+	golang.org/x/text v0.34.0 // indirect
+	golang.org/x/tools v0.41.0 // indirect
+	gonum.org/v1/gonum v0.17.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20260209200024-4cfbd4190f57 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20260209200024-4cfbd4190f57 // indirect
+	google.golang.org/grpc v1.79.1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
 tool github.com/99designs/gqlgen
 
 tool google.golang.org/protobuf/cmd/protoc-gen-go
 
-tool google.golang.org/grpc/cmd/protoc-gen-go-grpc
-
 // Fork to allow exporting x- extensions
 replace github.com/getkin/kin-openapi => github.com/irees/kin-openapi v0.0.0-20250915211515-c3bd85109028