Skip to content

remove duplicate dependencies in API #4796

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
JC-wk wants to merge 8 commits into
base: main
Choose a base branch
from
Open

remove duplicate dependencies in API #4796

JC-wk wants to merge 8 commits into from
+11 −10

Conversation

@JC-wk
Copy link
Collaborator

@JC-wk JC-wk commented Dec 24, 2025
edited
Loading

Resolves #4797

What is being addressed

Dependencies are duplicated which would cause auth checks to run twice

If you attach the same auth dependency both at the router level (via APIRouter(dependencies=[Depends(auth)])) and again on the endpoint (either in dependencies=[Depends(auth)] or as a parameter user = Depends(auth)), FastAPI will execute it twice because each Depends(...) occurrence is evaluated independently; router-level dependencies are simply added to the route’s dependency list. [fastapi.tiangolo.com]

How is this addressed

  • Remove dependencies where they are the same as the router dependencies
  • Updated CHANGELOG.md if needed
  • Increment API version

@JC-wk JC-wk requested a review from a team as a code owner December 24, 2025 14:24
@JC-wk JC-wk changed the title remove duplicate depends in API remove duplicate dependencies in API Dec 24, 2025
@github-actions
Copy link

github-actions bot commented Dec 24, 2025
edited
Loading

Unit Test Results

664 tests   664 ✅  8s ⏱️
  1 suites    0 💤
  1 files      0 ❌

Results for commit f4c367a.

♻️ This comment has been updated with latest results.

@marrobi marrobi requested a review from Copilot January 6, 2026 14:15
Copilot AI reviewed Jan 6, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR resolves duplicate authentication dependency declarations in FastAPI endpoints by removing redundant dependency specifications at the endpoint level when they're already declared at the router level. According to FastAPI behavior, dependencies declared both at router and endpoint levels are executed twice, causing unnecessary duplicate authentication checks.

Key Changes:

  • Removed duplicate auth dependencies from endpoint decorators across multiple route files
  • Incremented API version from 0.25.7 to 0.25.8 (PATCH version)
  • Updated CHANGELOG.md with bug fix entry

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
api_app/api/routes/workspaces.py Removed duplicate get_current_workspace_owner_or_researcher_user_or_airlock_manager from two GET endpoints that already inherit this dependency from the router
api_app/api/routes/workspace_service_templates.py Removed duplicate get_current_tre_user_or_tre_admin from two GET endpoints that already inherit this dependency from the router
api_app/api/routes/user_resource_templates.py Removed duplicate get_current_tre_user_or_tre_admin from two GET endpoints that already inherit this dependency from the router
api_app/api/routes/shared_services.py Removed duplicate get_current_tre_user_or_tre_admin from two GET endpoints while preserving it in function signatures where needed for business logic
api_app/api/routes/shared_service_templates.py Removed duplicate get_current_tre_user_or_tre_admin from one GET endpoint that already inherits this dependency from the router
api_app/_version.py Incremented API version from 0.25.7 to 0.25.8 following semantic versioning for bug fixes
CHANGELOG.md Added bug fix entry documenting the removal of duplicate auth dependencies

CHANGELOG.md
* Add timeouts to Graph requests in API ([#4723](https://github.com/microsoft/AzureTRE/issues/4723))
* Fix missing metastoreDomains for Databricks, which caused metastore outages for some domains ([#4779](https://github.com/microsoft/AzureTRE/issues/4779))
* Fix cost display duplication when user resource is deleted - UI incorrectly reused cost data for remaining resources ([#4783](https://github.com/microsoft/AzureTRE/issues/4783))
* Remove duplicate auth dependencies in API ([#4796](https://github.com/microsoft/AzureTRE/pull/4796))
Copy link

Copilot AI Jan 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The reference should point to issue #4797 instead of PR #4796. The PR description states "Resolves #4797", so the changelog entry should reference the issue number to maintain consistency with the format used in other entries.

Suggested change
* Remove duplicate auth dependencies in API ([#4796](https://github.com/microsoft/AzureTRE/pull/4796))
* Remove duplicate auth dependencies in API ([#4797](https://github.com/microsoft/AzureTRE/issues/4797))

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Dependencies are duplicated which could cause auth checks to run twice within the API

1 participant

@JC-wk