PR Custody

fix: align dynamics365 get_lead/update_case scopes with Dataverse OAuth docs

@surajmarkupchecks…fix/dynamics365-scope-qa-mismatches → master2 files · +16 −2updated 1mo ago

loading diff…

▸Description

Summary

audited only the VERIFIED Dynamics365 worksheet rows for Dynamics365
found 2 real mismatch rows (DYNAMICS365_GET_LEAD, DYNAMICS365_UPDATE_CASE) and 0 need review rows
corrected both actions to use the canonical Dataverse environment host and both documented OAuth scope forms from Microsoft Learn

Per-action changes

Action	Old	New	Reason	Source
`get_lead` (`DYNAMICS365_GET_LEAD`)	`{"all_of": [{"any_of": ["https://{{subdomain}}.crm.dynamics.com/.default"]}]}`	`{"all_of": [{"any_of": ["https://{{subdomain}}.api.crm.dynamics.com/.default", "https://{{subdomain}}.api.crm.dynamics.com/user_impersonation"]}]}`	Action code makes one Dataverse call: `GET {base_url}/leads({lead_id})`. The old scope used the wrong host (`crm.dynamics.com` instead of `api.crm.dynamics.com`) and omitted the documented delegated scope form used by this connector's auth-code flow.	Code: `apps/dynamics365/actions/get_lead.py`; docs: Use OAuth authentication with Microsoft Dataverse, Lead table/entity reference
`update_case` (`DYNAMICS365_UPDATE_CASE`)	`{"all_of": [{"any_of": ["https://{{subdomain}}.crm.dynamics.com/.default"]}]}`	`{"all_of": [{"any_of": ["https://{{subdomain}}.api.crm.dynamics.com/.default", "https://{{subdomain}}.api.crm.dynamics.com/user_impersonation"]}]}`	Action code makes one Dataverse call: `PATCH {base_url}/incidents({case_id})`. Same issue: the shipped scope used a non-canonical host and missed the documented delegated scope alternative.	Code: `apps/dynamics365/actions/update_case.py`; docs: Use OAuth authentication with Microsoft Dataverse, Case (Incident) table/entity reference

Coverage matrix

`get_lead`

Endpoint in action code	Endpoint doc coverage	Scope coverage used	Why this shape is correct
`GET {base_url}/leads({lead_id})`	`Lead` entity reference documents `Retrieve` as `GET /leads(leadid)` (docs)	Dataverse OAuth doc says use `<environment-url>/user_impersonation` for a public client and `<environment-url>/.default` for a confidential client, with examples on `https://contoso.api.crm.dynamics.com` (docs)	Single endpoint, non-empty intersection, so one CNF clause with the two documented alternatives is sufficient.

`update_case`

Endpoint in action code	Endpoint doc coverage	Scope coverage used	Why this shape is correct
`PATCH {base_url}/incidents({case_id})`	`Case (Incident)` entity reference documents `Update` as `PATCH /incidents(incidentid)` (docs)	Dataverse OAuth doc says use `<environment-url>/user_impersonation` for a public client and `<environment-url>/.default` for a confidential client, with examples on `https://contoso.api.crm.dynamics.com` (docs)	Single endpoint, non-empty intersection, so one CNF clause with the two documented alternatives is sufficient.

Reviewed but not changed

None. The VERIFIED Dynamics365 sheet currently has 2 mismatch rows and 0 need review rows, and neither mismatch row already matched the real docs.

Bugbot / review-comment pass

Fetched PR review comments with gh api repos/ComposioHQ/mercury/pulls/23386/comments after opening the PR.
Result: [] (no Bugbot or reviewer comments to address at the time of the pass).
No reverts were needed, so there is no retrospective section for this round.

Verification

./.nox/fmt_app/bin/ruff format apps/dynamics365/actions/get_lead.py apps/dynamics365/actions/update_case.py
./.nox/chk_app/bin/ruff check apps/dynamics365/actions/get_lead.py apps/dynamics365/actions/update_case.py
AST-verified both edited _scopes blocks with ast.literal_eval against the allowed CNF shape from mercury/tools/_base/action.py