Skip to content

fix: validate partial bodies at definition time#3115

Draft
ivanauth wants to merge 1 commit into
authzed:mainfrom
ivanauth:fix/issue-2982-validate-partials-on-definition
Draft

fix: validate partial bodies at definition time#3115
ivanauth wants to merge 1 commit into
authzed:mainfrom
ivanauth:fix/issue-2982-validate-partials-on-definition

Conversation

@ivanauth
Copy link
Copy Markdown
Contributor

@ivanauth ivanauth commented May 13, 2026
edited
Loading

Fixes #2982.

@ivanauth
fix: validate partial bodies at definition time
168a87e 
Errors in a partial body (e.g. an allowedDirectRelation pointing at an
undefined object type or caveat) used to surface only when the partial
was inlined into a real definition. That deferred and misattributed the
problem: an LSP user editing the partial's file would see no error, and
once a consumer was added the diagnostic would appear in the consumer
rather than in the partial.

A pre-pass in pkg/development now walks each partial's relations and
validates the lookups it can resolve in isolation. To attribute errors
correctly across `...other_partial` splat composition, the compiler
records each *core.Relation's origin partial in a new
PartialRelationOrigins map on CompiledSchema; the validator iterates
relations by origin so each is checked exactly once against the partial
that actually declared it. Relations already inlined into an object
definition are skipped, so consumed partials don't double-report.

Partials are not runtime types, so a partial name (including the
partial's own name) is rejected as the subject type of an
allowedDirectRelation. Computed-userset / TTU checks that depend on
consumer-supplied relations remain deferred to consumer validation.

Closes authzed#2982.
@ivanauth ivanauth requested a review from a team as a code owner May 13, 2026 21:02
@github-actions github-actions Bot added area/schema Affects the Schema Language area/tooling Affects the dev or user toolchain (e.g. tests, ci, build tools) labels May 13, 2026
@codecov
Copy link
Copy Markdown

codecov Bot commented May 13, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 87.12121% with 17 lines in your changes missing coverage. Please review.
✅ Project coverage is 75.66%. Comparing base (3e8337d) to head (168a87e).
⚠️ Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
pkg/development/partials.go 82.83% 13 Missing and 4 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3115      +/-   ##
==========================================
- Coverage   75.69%   75.66%   -0.02%     
==========================================
  Files         505      506       +1     
  Lines       62094    62206     +112     
==========================================
+ Hits        46994    47063      +69     
- Misses      11687    11718      +31     
- Partials     3413     3425      +12

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@ivanauth ivanauth marked this pull request as draft May 13, 2026 21:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area/schema Affects the Schema Language area/tooling Affects the dev or user toolchain (e.g. tests, ci, build tools)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Validation of partials occurs only after you use the partial somewhere

1 participant

@ivanauth