Hide PreIssueIDToken action in sub org level.

[ImalshaD]

Related Issues

• PreIssueIDToken Action not being hidden at the Sub org level. product-is#26469

This pull request makes a small but important update to the list of action types not allowed at the organization level in the ServerActionManagementService class. The change adds the PRE_ISSUE_ID_TOKEN action type to the NOT_ALLOWED_ACTION_TYPES_IN_ORG_LEVEL set, ensuring that this action type is also restricted at the organization level.

• Added PRE_ISSUE_ID_TOKEN to the set of action types not allowed at the organization level in ServerActionManagementService.java

Summary by CodeRabbit

• Bug Fixes
  • Organization-level security controls have been updated to restrict ID token issuance actions. Users can no longer configure ID token actions at the organization level, maintaining consistency with existing access token restrictions and enforcing uniform token management policies.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

A new action type parameter PRE_ISSUE_ID_TOKEN is added to the NOT_ALLOWED_ACTION_TYPES_IN_ORG_LEVEL set during static initialization in the ServerActionManagementService class, expanding organization-level action type restrictions.

Changes

Cohort / File(s)	Summary
Action Management Service Configuration components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/main/java/org/wso2/carbon/identity/api/server/action/management/v1/core/ServerActionManagementService.java	Added PRE_ISSUE_ID_TOKEN to the NOT_ALLOWED_ACTION_TYPES_IN_ORG_LEVEL restricted set during static initialization

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

• Single parameter addition to a static initialization set
• No control flow changes or new logic patterns

Poem

🐇 A token now forbidden at the org's great gate,
PRE_ISSUE_ID_TOKEN seals its fate,
With one small line, the rules expand,
Security tightens across the land! ✨

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is incomplete, missing most required template sections including Goals, Approach, User stories, Developer Checklist, Release notes, and others.	Complete the PR description template by filling out all required sections: Goals, Approach, User stories, Developer Checklist, Release note, Documentation, Testing details, Security checks, and other mandatory sections.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the main change: adding restriction for PreIssueIDToken action at sub-organization level, which matches the changeset perfectly.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 15bbef1 and 7f25dfe.

📒 Files selected for processing (1)

• components/org.wso2.carbon.identity.api.server.action.management/org.wso2.carbon.identity.api.server.action.management.v1/src/main/java/org/wso2/carbon/identity/api/server/action/management/v1/core/ServerActionManagementService.java (1 hunks)