Skip to content
This repository was archived by the owner on May 29, 2026. It is now read-only.

fix(ori): surface closeVotingRound failures explicitly and add bearer auth to ORI publication#331

Merged
rubenvdlinde merged 1 commit into
developmentfrom
fix/ori-lifecycle-correctness
May 27, 2026
Merged

fix(ori): surface closeVotingRound failures explicitly and add bearer auth to ORI publication#331
rubenvdlinde merged 1 commit into
developmentfrom
fix/ori-lifecycle-correctness

Conversation

@rubenvdlinde

Copy link
Copy Markdown
Contributor

Summary

Fixes 2 ORI/lifecycle correctness issues found in the quality-loop review.

Test plan

  • PHP syntax clean on all 3 changed files
  • Run composer test (VotingServiceTest is skipped per issue Broken: 21 unit tests fail due to ObjectService stub/real-signature mismatch #90)
  • Configure ori_bearer_secret in admin settings and verify Authorization header is sent in a test POST to a mock endpoint
  • Verify that closeVotingRound on a round with a motion already in adopted state (invalid transition) returns HTTP 400 with an error message
  • Verify ORI publication failure (wrong endpoint) is logged at ERROR level and returned in the round's oriPublicationError field

… auth to ORI publication

Closes #318 VotingService::closeVotingRound no longer swallows lifecycle-transition
and ORI-publication failures silently. State-machine violations (\InvalidArgumentException)
are re-thrown so the controller returns an explicit error. Infrastructure errors are
promoted from WARNING to ERROR level in logs. ORI publication errors are attached to
the returned round payload as 'oriPublicationError' so callers can surface them.

Closes #320 OriPublicationService::publish now reads 'ori_bearer_secret' from
IAppConfig and includes it as an Authorization: Bearer header when set. The key
is added to SettingsService::CONFIG_KEYS so it can be saved from the admin UI.
When the key is not configured the Authorization header is omitted (intentional:
ORI endpoints that require auth will return 401, exposing the gap rather than
silently failing with 200).
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant