Skip to content

Address review comments on bulk skeleton endpoints#8

Closed
fcollman with Copilot wants to merge 6 commits into
bulk_skeleton_improvementsfrom
copilot/address-pr-reviews
Closed

Address review comments on bulk skeleton endpoints#8
fcollman with Copilot wants to merge 6 commits into
bulk_skeleton_improvementsfrom
copilot/address-pr-reviews

Conversation

Copilot AI commented Mar 14, 2026

Copy link
Copy Markdown
Contributor

Addresses all 8 Copilot review comments on PR #7 (bulk endpoints and auth tokens).

Key changes

service.py

  • String RID keys: skeletons[rid]skeletons[str(rid)] for JSON consistency with the token endpoint
  • Fast-path H5 conversion: Replaced get_skeleton_by_datastack_and_rid() call with direct _retrieve_skeleton_from_cache(params_cached, "h5_mpsk") + local format conversion, bypassing per-RID CAVEclient validation (the stated goal of this endpoint)
  • Token endpoint hardcoded skvn: Added explicit override of skeleton_version to HIGHEST_SKELETON_VERSION with log message and documented in docstring. Added skeleton_version to response so callers see what they got
  • RID limit on token endpoint: Enforced MAX_BULK_CACHED_SKELETONS truncation, matching the cached bulk endpoint
  • Removed expiration_minutes: Parameter was accepted but never used to control token lifetime—downscoped tokens inherit source credential expiry
  • Token scope comment: Documented that roles/storage.objectViewer is the narrowest built-in GCS role usable with Credential Access Boundaries

api.py

  • MAX_BULK_CACHED_SKELETONS import is now used: truncates RID list in token endpoint post()
  • Removed expiration_minutes plumbing from handler

tests/test_skeletonservice.py

  • test_get_cached_skeletons_bulk_cache_hit — cache hit vs miss handling
  • test_get_cached_skeletons_bulk_rid_truncation — verifies truncation at MAX_BULK_CACHED_SKELETONS
  • test_get_cached_skeletons_bulk_string_keys — verifies dict keys are strings
Original prompt

Can you address the reviews on this branches PR?


💬 Send tasks to Copilot coding agent from Slack and Teams to turn conversations into code. Copilot posts an update in your thread when it's finished.

Copilot AI and others added 2 commits March 14, 2026 13:22
…n validation, RID limits, fast-path, remove unused param, add tests

Co-authored-by: fcollman <782341+fcollman@users.noreply.github.com>
Co-authored-by: fcollman <782341+fcollman@users.noreply.github.com>
Copilot AI changed the title [WIP] Address reviews on current pull request Address review comments on bulk skeleton endpoints Mar 14, 2026
Copilot AI requested a review from fcollman March 14, 2026 13:25
@fcollman

Copy link
Copy Markdown
Contributor

I want the server to control what the expiration of the gcs token is, and have it default to 1 hour for now but have that parameter controlled in the config

Comment thread skeletonservice/datasets/service.py Outdated

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I want the expiration minutes to be a server side config

- Add SKELETON_TOKEN_EXPIRATION_MINUTES=60 to BaseConfig in config.py
- Re-add expiration_minutes param to get_skeleton_token_by_datastack_and_rids()
  sourced from server config (not client request body)
- Cap reported token expiry to min(credential_expiry, now + expiration_minutes)
  with proper timezone-aware datetime comparison
- api.py reads SKELETON_TOKEN_EXPIRATION_MINUTES from Flask app config and
  passes it down to the service layer

Co-authored-by: fcollman <782341+fcollman@users.noreply.github.com>
@fcollman fcollman closed this Mar 18, 2026
…vice

Server-side config for GCS token expiration
@fcollman fcollman reopened this Mar 18, 2026
@fcollman fcollman closed this Mar 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants