HMS-10740: add org_id to template initiated messages

[MichaelMraka]

Secure Coding Practices Checklist GitHub Link

• https://github.com/RedHatInsights/secure-coding-checklist

Secure Coding Checklist

• Input Validation
• Output Encoding
• Authentication and Password Management
• Session Management
• Access Control
• Cryptographic Practices
• Error Handling and Logging
• Data Protection
• Communication Security
• System Configuration
• Database Security
• File Management
• Memory Management
• General Coding Practices

Summary by Sourcery

Include organization ID in template-driven system evaluation messages sent via Kafka.

New Features:

• Propagate org_id from HTTP request context into template subscription and system update handlers so it can be used in downstream processing.

Enhancements:

• Extend InventoryIDs2InventoryAIDs to attach org_id to evaluation messages and update all callers accordingly.

Tests:

• Update controller and Kafka tests to cover org_id propagation and presence in generated evaluation messages.

[sourcery-ai]

Reviewer's Guide

Adds org_id propagation into template-initiated message flows so that Kafka evaluation events include org context, updating controllers, helper functions, and tests accordingly.

File-Level Changes

Change	Details	Files
Propagate org ID from HTTP context through subscribed-system lookup and into template change evaluation trigger.	Extend getSubscribedSystem helper to also read org ID from the Gin context and return it alongside account and inventory ID Update TemplateSubscribedSystemsUpdateHandler to capture org ID from getSubscribedSystem and pass it into the Kafka inventory conversion helper Adjust error paths in getSubscribedSystem to return zero values for both org ID and inventory ID when lookups fail	manager/controllers/template_subscribed_systems_update.go manager/controllers/template_subscribed_systems_update_test.go
Include org ID in Kafka evaluation data for template system recalc events.	Change InventoryIDs2InventoryAIDs to accept org ID and set OrgID field on mqueue.EvalData when building payloads Update test helper testRecalcSystems and related tests to provide org ID when constructing evaluation events	manager/kafka/kafka.go manager/kafka/kafka_test.go
Ensure template systems add/update/delete handlers pass org ID into Kafka recalc calls.	Read org ID from Gin context in TemplateSystemsDeleteHandler and TemplateSystemsUpdateHandler Pass org ID into InventoryIDs2InventoryAIDs in both handlers so that all template-triggered recalc events carry org context	manager/controllers/template_systems_delete.go manager/controllers/template_systems_update.go

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've found 2 issues, and left some high level feedback:

• In getSubscribedSystem, the error paths now return an empty orgID (""), which conflicts with the new test expectations and may be inconsistent with callers that expect the original OrgID from context even on failure—consider returning orgID instead of "" in the error cases.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- In `getSubscribedSystem`, the error paths now return an empty orgID (""), which conflicts with the new test expectations and may be inconsistent with callers that expect the original `OrgID` from context even on failure—consider returning `orgID` instead of "" in the error cases.

## Individual Comments

### Comment 1
<location path="manager/kafka/kafka.go" line_range="32-35" />
<code_context>
 }

-func InventoryIDs2InventoryAIDs(accountID int, inventoryIDs []string) []mqueue.EvalData {
+func InventoryIDs2InventoryAIDs(accountID int, orgID string, inventoryIDs []string) []mqueue.EvalData {
 	inventoryAIDs := make([]mqueue.EvalData, 0, len(inventoryIDs))
 	for _, v := range inventoryIDs {
-		inventoryAIDs = append(inventoryAIDs, mqueue.EvalData{InventoryID: v, RhAccountID: accountID})
+		inventoryAIDs = append(inventoryAIDs, mqueue.EvalData{InventoryID: v, RhAccountID: accountID, OrgID: &orgID})
 	}
 	return inventoryAIDs
</code_context>
<issue_to_address>
**issue (bug_risk):** Consider how OrgID is represented when the context value is missing or empty

Previously `EvalData` omitted `OrgID`; now it’s always non-nil and may point to an empty string. If callers distinguish `nil` from `""` (e.g., for routing/filtering), this changes behavior. Consider only setting `OrgID` when `orgID != ""` and leaving it `nil` otherwise, or explicitly confirming that "always non-nil, possibly empty" is the desired contract.
</issue_to_address>

### Comment 2
<location path="manager/controllers/template_subscribed_systems_update_test.go" line_range="27-31" />
<code_context>
 	c.Set(utils.KeySystem, subscriptionUUID)
-	account, systemID, err := getSubscribedSystem(c, database.DB)
+	c.Set(utils.KeyOrgID, orgID)
+	account, org, systemID, err := getSubscribedSystem(c, database.DB)

 	assert.Nil(t, err)
 	assert.Equal(t, templateAccount, account)
+	assert.Equal(t, orgID, org)
 	assert.Equal(t, templateSystemUUID, systemID)
 }
</code_context>
<issue_to_address>
**issue (testing):** TestUnknownSubscribedSystemID is asserting a non-empty orgID even though getSubscribedSystem currently returns an empty orgID on error

Currently, `getSubscribedSystem` returns `0, "", "", err` when the system is not found, so `orgID` is not preserved on error. That makes this test’s expectation of a non-empty `org` on error inconsistent with the implementation and potentially misleading.

Please either update the test to expect an empty `org` on error, or update `getSubscribedSystem` to propagate `orgID` in the error path, so the test matches the intended contract for error cases.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[codecov-commenter]

Codecov Report

❌ Patch coverage is 61.11111% with 7 lines in your changes missing coverage. Please review.
✅ Project coverage is 59.23%. Comparing base (8f1f21e) to head (437f320).

Files with missing lines	Patch %	Lines
.../controllers/template_subscribed_systems_update.go	62.50%	3 Missing ⚠️
manager/controllers/template_systems_delete.go	33.33%	2 Missing ⚠️
manager/controllers/template_systems_update.go	33.33%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #2216      +/-   ##
==========================================
+ Coverage   59.21%   59.23%   +0.01%     
==========================================
  Files         137      137              
  Lines        8798     8801       +3     
==========================================
+ Hits         5210     5213       +3     
  Misses       3040     3040              
  Partials      548      548              

Flag	Coverage Δ
unittests	59.23% <61.11%> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.