Skip to content

Commit 2c7f27f

Browse files
jiparisjiparis
authored
fix(rbac): use resource ID instead of membership id in ParentID field (#2295)
Signed-off-by: Jose I. Paris <jiparis@chainloop.dev>
1 parent e58df9c commit 2c7f27f

File tree

8 files changed

+18
-11
lines changed

8 files changed

+18
-11
lines changed

app/controlplane/api/controlplane/v1/project.pb.go

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

app/controlplane/api/controlplane/v1/project.proto

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -68,7 +68,7 @@ message ProjectMember {
6868
google.protobuf.Timestamp updated_at = 5;
6969
// The ID of latest project version this member is associated with
7070
string latest_project_version_id = 6;
71-
// Optional parent ID for nested project memberships
71+
// Optional parent resource ID for nested project memberships
7272
optional string parent_id = 7;
7373
}
7474

app/controlplane/api/gen/frontend/controlplane/v1/project.ts

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

app/controlplane/api/gen/jsonschema/controlplane.v1.ProjectMember.jsonschema.json

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

app/controlplane/api/gen/jsonschema/controlplane.v1.ProjectMember.schema.json

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

app/controlplane/internal/service/project.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -388,8 +388,8 @@ func bizProjectMembershipToPb(m *biz.ProjectMembership) *pb.ProjectMember {
388388
Role: role,
389389
}
390390

391-
if m.ParentID != nil {
392-
pbMember.ParentId = biz.ToPtr(m.ParentID.String())
391+
if m.ParentResourceID != nil {
392+
pbMember.ParentId = biz.ToPtr(m.ParentResourceID.String())
393393
}
394394

395395
if m.User != nil {

app/controlplane/pkg/biz/project.go

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -94,8 +94,10 @@ type ProjectMembership struct {
9494
CreatedAt *time.Time
9595
// UpdatedAt is the timestamp when the membership was last updated.
9696
UpdatedAt *time.Time
97-
// ParentID is used for nested memberships, if applicable
97+
// ParentID is the parent membership object used for nested memberships, if applicable
9898
ParentID *uuid.UUID
99+
// ParentResourceID identifies the parent resource of this membership, if applicable
100+
ParentResourceID *uuid.UUID
99101
}
100102

101103
// GroupProjectInfo represents detailed information about a project that a group is a member of

app/controlplane/pkg/data/project.go

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -128,7 +128,7 @@ func (r *ProjectRepo) ListMembers(ctx context.Context, orgID uuid.UUID, projectI
128128
Where(
129129
membership.ResourceTypeEQ(authz.ResourceTypeProject),
130130
membership.ResourceID(projectID),
131-
)
131+
).WithParent()
132132

133133
// Get total count before applying pagination
134134
totalCount, err := query.Count(ctx)
@@ -362,6 +362,11 @@ func entProjectMembershipToBiz(m *ent.Membership, u *ent.User, g *ent.Group) *bi
362362
ParentID: m.ParentID,
363363
}
364364

365+
// Add the parent resource ID if it exists
366+
if m.Edges.Parent != nil {
367+
mem.ParentResourceID = &m.Edges.Parent.ResourceID
368+
}
369+
365370
if u != nil {
366371
mem.User = entUserToBizUser(u)
367372
}

0 commit comments

Comments
 (0)