Skip to content

Commit 725c8bd

Browse files
Sergey PolyarusSergey Polyarus
Sergey Polyarus
authored and
Sergey Polyarus
committed
Merge branch 'main' of github.com:Cosmo-Tech/cosmotech-api-common
2 parents fb3f81f + b59e696 commit 725c8bd

File tree

2 files changed

+30
-25
lines changed

2 files changed

+30
-25
lines changed

src/main/kotlin/com/cosmotech/api/rbac/RolesDefinition.kt

Lines changed: 21 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -13,48 +13,53 @@ const val ROLE_USER = "user"
1313
const val ROLE_NONE = "none"
1414

1515
// apply same format rules for permission for consistency
16-
const val PERMISSION_READ_DATA = "read_data"
16+
const val PERMISSION_READ = "read"
1717
const val PERMISSION_READ_SECURITY = "read_security"
1818
const val PERMISSION_CREATE_CHILDREN = "create_children"
19-
const val PERMISSION_EDIT = "edit"
20-
const val PERMISSION_EDIT_SECURITY = "edit_security"
19+
const val PERMISSION_WRITE = "write"
20+
const val PERMISSION_WRITE_SECURITY = "write_security"
21+
const val PERMISSION_DELETE = "delete"
2122
const val PERMISSION_LAUNCH = "launch"
2223
const val PERMISSION_VALIDATE = "validate"
2324

2425
val COMMON_ROLE_NONE_PERMISSIONS: List<String> = listOf()
25-
val COMMON_ROLE_READER_PERMISSIONS = listOf(PERMISSION_READ_DATA, PERMISSION_READ_SECURITY)
26+
val COMMON_ROLE_READER_PERMISSIONS = listOf(PERMISSION_READ, PERMISSION_READ_SECURITY)
2627
val COMMON_ROLE_USER_PERMISSIONS =
27-
listOf(PERMISSION_READ_DATA, PERMISSION_READ_SECURITY, PERMISSION_CREATE_CHILDREN)
28+
listOf(PERMISSION_READ, PERMISSION_READ_SECURITY, PERMISSION_CREATE_CHILDREN)
2829
val COMMON_ROLE_EDITOR_PERMISSIONS =
2930
listOf(
30-
PERMISSION_READ_DATA, PERMISSION_READ_SECURITY, PERMISSION_CREATE_CHILDREN, PERMISSION_EDIT)
31+
PERMISSION_READ, PERMISSION_READ_SECURITY, PERMISSION_CREATE_CHILDREN, PERMISSION_WRITE)
3132
val COMMON_ROLE_ADMIN_PERMISSIONS =
3233
listOf(
33-
PERMISSION_READ_DATA,
34+
PERMISSION_READ,
3435
PERMISSION_READ_SECURITY,
3536
PERMISSION_CREATE_CHILDREN,
36-
PERMISSION_EDIT,
37-
PERMISSION_EDIT_SECURITY)
37+
PERMISSION_WRITE,
38+
PERMISSION_WRITE_SECURITY,
39+
PERMISSION_DELETE,
40+
)
3841

3942
// Scenario roles & permissions
40-
val SCENARIO_ROLE_VIEWER_PERMISSIONS = listOf(PERMISSION_READ_DATA, PERMISSION_READ_SECURITY)
43+
val SCENARIO_ROLE_VIEWER_PERMISSIONS = listOf(PERMISSION_READ, PERMISSION_READ_SECURITY)
4144
val SCENARIO_ROLE_EDITOR_PERMISSIONS =
42-
listOf(PERMISSION_READ_DATA, PERMISSION_READ_SECURITY, PERMISSION_LAUNCH, PERMISSION_EDIT)
45+
listOf(PERMISSION_READ, PERMISSION_READ_SECURITY, PERMISSION_LAUNCH, PERMISSION_WRITE)
4346
val SCENARIO_ROLE_VALIDATOR_PERMISSIONS =
4447
listOf(
45-
PERMISSION_READ_DATA,
48+
PERMISSION_READ,
4649
PERMISSION_READ_SECURITY,
4750
PERMISSION_LAUNCH,
48-
PERMISSION_EDIT,
51+
PERMISSION_WRITE,
4952
PERMISSION_VALIDATE)
5053
val SCENARIO_ROLE_ADMIN_PERMISSIONS =
5154
listOf(
52-
PERMISSION_READ_DATA,
55+
PERMISSION_READ,
5356
PERMISSION_READ_SECURITY,
5457
PERMISSION_LAUNCH,
55-
PERMISSION_EDIT,
58+
PERMISSION_WRITE,
5659
PERMISSION_VALIDATE,
57-
PERMISSION_EDIT_SECURITY)
60+
PERMISSION_WRITE_SECURITY,
61+
PERMISSION_DELETE,
62+
)
5863

5964
@Component
6065
data class RolesDefinition(

src/test/kotlin/com/cosmotech/api/rbac/CsmRbacTests.kt

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -518,7 +518,7 @@ class CsmRbacTests {
518518
fun `add custom role definition`() {
519519
val definition = getCommonRolesDefinition()
520520
val customRole = "custom_role"
521-
val customRolePermissions = listOf(PERMISSION_READ_DATA, "custom_permission")
521+
val customRolePermissions = listOf(PERMISSION_READ, "custom_permission")
522522
definition.permissions.put(customRole, customRolePermissions)
523523
val expected: MutableMap<String, List<String>> =
524524
mutableMapOf(
@@ -537,7 +537,7 @@ class CsmRbacTests {
537537
val definition = getCommonRolesDefinition()
538538
val customRole = "custom_role"
539539
val customPermission = "custom_permission"
540-
val customRolePermissions = listOf(PERMISSION_READ_DATA, customPermission)
540+
val customRolePermissions = listOf(PERMISSION_READ, customPermission)
541541
definition.permissions.put(customRole, customRolePermissions)
542542
val rbacTest = CsmRbac(csmPlatformProperties, admin)
543543
rbacTest.setUserRole(rbacSecurity, USER_NEW_READER, customRole, definition)
@@ -552,7 +552,7 @@ class CsmRbacTests {
552552
val rbacTest = CsmRbac(csmPlatformProperties, admin)
553553
rbacTest.setUserRole(rbacSecurity, USER_READER, ROLE_VIEWER, definition)
554554
every { securityContext.authentication } returns (userAuthentication as Authentication)
555-
assertTrue(rbacTest.check(rbacSecurity, PERMISSION_READ_DATA, USER_READER, definition))
555+
assertTrue(rbacTest.check(rbacSecurity, PERMISSION_READ, USER_READER, definition))
556556
}
557557

558558
@Test
@@ -567,7 +567,7 @@ class CsmRbacTests {
567567
RbacAccessControl(USER_READER, ROLE_VIEWER),
568568
))
569569
every { securityContext.authentication } returns (userAuthentication as Authentication)
570-
assertTrue(rbacTest.check(rbacSecurity, PERMISSION_READ_DATA, USER_READER, definition))
570+
assertTrue(rbacTest.check(rbacSecurity, PERMISSION_READ, USER_READER, definition))
571571
}
572572

573573
@Test
@@ -582,7 +582,7 @@ class CsmRbacTests {
582582
RbacAccessControl(USER_WRITER, ROLE_EDITOR),
583583
))
584584
every { securityContext.authentication } returns (userAuthentication as Authentication)
585-
assertTrue(rbacTest.check(rbacSecurity, PERMISSION_READ_DATA, USER_READER, definition))
585+
assertTrue(rbacTest.check(rbacSecurity, PERMISSION_READ, USER_READER, definition))
586586
}
587587

588588
@Test
@@ -597,7 +597,7 @@ class CsmRbacTests {
597597
RbacAccessControl(USER_WRITER, ROLE_EDITOR),
598598
))
599599
every { securityContext.authentication } returns (userAuthentication as Authentication)
600-
assertFalse(rbacTest.check(rbacSecurity, PERMISSION_EDIT_SECURITY, USER_READER, definition))
600+
assertFalse(rbacTest.check(rbacSecurity, PERMISSION_WRITE_SECURITY, USER_READER, definition))
601601
}
602602

603603
@Test
@@ -628,7 +628,7 @@ class CsmRbacTests {
628628
RbacAccessControl(USER_WRITER, ROLE_EDITOR),
629629
))
630630
every { securityContext.authentication } returns (userAuthentication as Authentication)
631-
assertTrue(rbacTest.check(rbacSecurity, PERMISSION_EDIT, USER_WRITER, definition))
631+
assertTrue(rbacTest.check(rbacSecurity, PERMISSION_WRITE, USER_WRITER, definition))
632632
}
633633

634634
@Test
@@ -643,7 +643,7 @@ class CsmRbacTests {
643643
RbacAccessControl(USER_MAIL_TOKEN, ROLE_EDITOR),
644644
))
645645
every { securityContext.authentication } returns (userAuthentication as Authentication)
646-
assertDoesNotThrow { rbacTest.verify(rbacSecurity, PERMISSION_EDIT, definition) }
646+
assertDoesNotThrow { rbacTest.verify(rbacSecurity, PERMISSION_WRITE, definition) }
647647
}
648648

649649
@Test
@@ -658,6 +658,6 @@ class CsmRbacTests {
658658
RbacAccessControl(USER_WRITER, ROLE_EDITOR),
659659
))
660660
every { securityContext.authentication } returns (userAuthentication as Authentication)
661-
assertTrue(rbacTest.check(rbacSecurity, PERMISSION_EDIT, USER_WRITER, definition))
661+
assertTrue(rbacTest.check(rbacSecurity, PERMISSION_WRITE, USER_WRITER, definition))
662662
}
663663
}

0 commit comments

Comments
 (0)