Files
register-referentie/docs/architecture/adr-0003-default-fill.md
Edwin van den Houdt d666e71446 test(acl): OpenZaak default-fills ZGW fields and posts to OpenZaak (refs #5)
Add the ACL skeleton (Application/Infrastructure/Api per §9) and failing
xUnit tests for the single operation: AclService.OpenZaakAsync must
default-fill bronorganisatie, verantwoordelijkeOrganisatie, startdatum
(clock) and vertrouwelijkheidaanduiding and delegate to the gateway; the
OpenZaakGateway must POST the zaak to OpenZaak with a Bearer JWT and the
default-filled body. Implementations throw NotImplementedException — red.

Also add ADR-0003 (default-fill strategy).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-04 09:44:12 +02:00

2.2 KiB

ADR-0003: ACL default-fill strategy

  • Status: Accepted
  • Date: 2026-06-04
  • Deciders: Respellion engineering
  • Relates to: S-04 (#5); builds on ADR-0001 (loose coupling)

Context

The ACL is the only code that talks to ZGW APIs (ADR-0001 / CLAUDE.md §8.1). When the domain asks it to "open a zaak", the domain payload is intentionally free of ZGW specifics — it carries domain facts (e.g. the registrant's BSN), not OpenZaak fields. But OpenZaak's POST /zaken requires ZGW-mandatory fields: bronorganisatie, verantwoordelijkeOrganisatie, startdatum, vertrouwelijkheidaanduiding, and a zaaktype URL. Something has to supply those, and it must not leak into the domain.

Decision

The ACL default-fills the ZGW-mandatory zaak fields; the domain never sees them.

  • bronorganisatie, verantwoordelijkeOrganisatie, vertrouwelijkheidaanduiding, and the zaaktype URL come from ACL configuration (AclDefaults options) — not hardcoded, not from the domain. This keeps them operationally manageable (the beheer portal will edit them in S-15) and environment-specific (the seeded BIG zaaktype URL differs per env).
  • startdatum is derived from an injected clock (today's date), so it is deterministic in tests.
  • The mapping from domain payload → ZGW ZaakRequest lives entirely inside the ACL (Application builds the request from payload + defaults; Infrastructure serialises and POSTs it). No other service constructs ZGW payloads or URLs.

Consequences

  • Positive: the domain stays ZGW-agnostic; ZGW knowledge is in one named place; defaults are config (testable, env-specific, later editable via the beheer portal).
  • Cost: the ACL must be configured per environment (the seeded zaaktype URL, the organisation RSINs). Missing/invalid config fails fast at the ACL boundary.
  • Follow-ups: mapping the BSN onto the zaak (eigenschap/rol), status transitions, and documents are explicitly out of scope for S-04 and get their own slices.

Alternatives considered

  • Defaults in the domain payload — rejected: leaks ZGW concerns into the domain, violating ADR-0001.
  • Hardcoded defaults in code — rejected: not env-specific, not operationally editable.