feat(preprod): Add organization-level endpoints for artifact details (EME-725) #106387
Conversation
…(EME-725)
Add new endpoints that don't require project ID in the path:
- /organizations/{org}/preprodartifacts/{id}/build-details/
- /organizations/{org}/preprodartifacts/{id}/size-analysis/
These endpoints look up the project from the artifact ID internally and
validate that the artifact belongs to a project in the organization.
This enables the frontend to make API calls without requiring the project
parameter in the URL, simplifying the URL structure.
…ME-725) Add comprehensive test coverage for the new organization-level endpoints: - test_organization_preprod_artifact_build_details.py: * Success case with project info * Not found (invalid ID, wrong org) * Feature flag disabled * Invalid artifact ID format * Failed artifact state - test_organization_preprod_artifact_size_analysis.py: * All size analysis states (pending, processing, failed, completed) * Not found (invalid ID, wrong org) * Feature flag disabled * Invalid artifact ID format All tests pass and follow existing test patterns.
github-actions
bot
added
the
Scope: Backend
github-actions
bot
added
the
Scope: Frontend
|
🚨 Warning: This pull request contains Frontend and Backend changes! It's discouraged to make changes to Sentry's Frontend and Backend in a single pull request. The Frontend and Backend are not atomically deployed. If the changes are interdependent of each other, they must be separated into two pull requests and be made forward or backwards compatible, such that the Backend or Frontend can be safely deployed independently. Have questions? Please ask in the |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| | '/organizations/$organizationIdOrSlug/data-secrecy/' | ||
| | '/organizations/$organizationIdOrSlug/derive-code-mappings/' | ||
| | '/organizations/$organizationIdOrSlug/detector-types/' | ||
| | '/organizations/$organizationIdOrSlug/detector-workflow/' |
There was a problem hiding this comment.
Unrelated endpoint definitions accidentally removed from generated file
Medium Severity
The generated TypeScript file removes two detector-workflow endpoint definitions that still exist in the backend (src/sentry/workflow_engine/endpoints/urls.py lines 87-94). These deletions are unrelated to the preprod artifact endpoints being added and appear to be accidental—possibly from regenerating the file incorrectly or a merge conflict. Frontend code referencing these endpoints may lose type safety or fail TypeScript compilation.
Summary
Add new organization-level API endpoints that don't require project ID in the path for preprod artifact operations.
Changes
New Endpoints
Implementation Details
Both endpoints:
OrganizationEndpointfor organization-level access controlselect_related("project")to efficiently fetch the associated projectproject__organization_id=organization.idto prevent IDOR vulnerabilitiesorganizations:preprod-frontend-routesfeature flagTests
Added comprehensive test coverage:
Test coverage includes:
All tests pass ✅
Why
This enables simplified URL structures in the frontend where the project parameter can be optional. The artifact ID is globally unique within an organization, so we can look up the associated project internally.
The frontend makes two separate API calls that both need org-level variants:
Security
Both endpoints validate that the artifact belongs to a project in the organization before returning data, preventing IDOR vulnerabilities:
Related
Part of EME-725 URL restructuring work.