GOV-667: Allow updates to proceed

Author: ankitpatnaik-atlan

pyatlan/client/common/transport.py

@@ -63,7 +63,10 @@ def create_mock_response(
 def parse_auth_policy_entity(request: httpx.Request) -> Optional[tuple[str, str, str]]:
     """
     Parse the request body and return (policy_name, persona_guid, temp_guid)
-    if the request is a bulk POST containing an AuthPolicy, else None.
+    if the request is a bulk POST containing a NEW AuthPolicy creation, else None.
+
+    Only matches policy CREATES (temp GUIDs starting with "-"), not UPDATES
+    (real GUIDs), to prevent suppressing legitimate policy modifications.
     """
     if request.method != "POST" or BULK_UPDATE.path not in str(request.url):
         return None
@@ -81,13 +84,24 @@ def parse_auth_policy_entity(request: httpx.Request) -> Optional[tuple[str, str,
     for entity in body.get("entities", []):
         if entity.get("typeName") != "AuthPolicy":
             continue
+
+        entity_guid = entity.get("guid", "-1")
+        # Only match policy CREATES (temp GUIDs like "-1", "-2", etc.)
+        # Skip policy UPDATES (real GUIDs) to avoid suppressing modifications
+        if not isinstance(entity_guid, str) or not entity_guid.startswith("-"):
+            logger.debug(
+                "parse_auth_policy_entity: skipping duplicate check for policy with GUID %s (likely an update or invalid type)",
+                entity_guid,
+            )
+            continue
+
         policy_name = entity.get("attributes", {}).get("name")
         access_control = entity.get("attributes", {}).get("accessControl")
         persona_guid = (
             access_control.get("guid") if isinstance(access_control, dict) else None
         )
         if policy_name and persona_guid:
-            return policy_name, persona_guid, entity.get("guid", "-1")
+            return policy_name, persona_guid, entity_guid
     return None
 
 

tests/unit/test_transport.py

@@ -118,6 +118,49 @@ def test_returns_none_for_invalid_utf8(self):
         req = httpx.Request("POST", BULK_URL, content=b"\xff\xfe")
         assert parse_auth_policy_entity(req) is None
 
+    def test_returns_none_for_policy_update_with_real_guid(self):
+        """Policy updates (real GUIDs) should not be matched to prevent suppressing updates."""
+        req = _make_bulk_request(temp_guid=EXISTING_GUID)
+        assert parse_auth_policy_entity(req) is None
+
+    def test_returns_none_for_none_guid(self):
+        """None GUID should not crash and should be skipped."""
+        import json
+
+        body = {
+            "entities": [
+                {
+                    "typeName": "AuthPolicy",
+                    "guid": None,
+                    "attributes": {
+                        "name": POLICY_NAME,
+                        "accessControl": {"guid": PERSONA_GUID},
+                    },
+                }
+            ]
+        }
+        req = httpx.Request("POST", BULK_URL, content=json.dumps(body).encode())
+        assert parse_auth_policy_entity(req) is None
+
+    def test_returns_none_for_integer_guid(self):
+        """Integer GUID should not crash and should be skipped."""
+        import json
+
+        body = {
+            "entities": [
+                {
+                    "typeName": "AuthPolicy",
+                    "guid": -1,
+                    "attributes": {
+                        "name": POLICY_NAME,
+                        "accessControl": {"guid": PERSONA_GUID},
+                    },
+                }
+            ]
+        }
+        req = httpx.Request("POST", BULK_URL, content=json.dumps(body).encode())
+        assert parse_auth_policy_entity(req) is None
+
 
 # ---------------------------------------------------------------------------
 # create_mock_response