Skip to content

Commit

Permalink
Allow space application supporter to access specific sidecar endpoints (
Browse files Browse the repository at this point in the history 
#2343)

* Allow space application supporter to access specific sidecar endpoints

allows access to:
GET /v3/sidecars/:guid
GET /v3/processes/:process_guid/sidecars
GET /v3/apps/:app_guid/sidecars

* Refactor tests to match previous patterns.

- We used a more generic term rather than space dev so as not to imply
that this behavior was specific to the space dev.

Finishes #2231

Co-authored-by: Maria Shaldybin <mariash@vmware.com>
Co-authored-by: Galen Hammond <galenh@vmware.com>
Co-authored-by: Merric de Launey <mdelauney@pivotal.io>
  • Loading branch information
@mkocher @mariash
@galenhammond @MerricdeLauney @bepotts
4 people authored and bepotts committed Jul 13, 2021
1 parent d75b2fe commit 8b3783e
Show file tree
Hide file tree
Showing 5 changed files with 291 additions and 162 deletions.
6 changes: 3 additions & 3 deletions app/controllers/v3/sidecars_controller.rb
View file
Expand Up @@ -16,7 +16,7 @@ def index_by_app
invalid_param!(message.errors.full_messages) unless message.valid?

app, dataset = SidecarListFetcher.fetch_for_app(message, hashed_params[:app_guid])
resource_not_found!(:app) unless app && permission_queryer.can_read_from_space?(app.space.guid, app.organization.guid)
resource_not_found!(:app) unless app && permission_queryer.untrusted_can_read_from_space?(app.space.guid, app.organization.guid)
render status: :ok, json: Presenters::V3::PaginatedListPresenter.new(
presenter: Presenters::V3::SidecarPresenter,
paginated_result: SequelPaginator.new.get_page(dataset, message.try(:pagination_options)),
Expand All @@ -29,7 +29,7 @@ def index_by_process
invalid_param!(message.errors.full_messages) unless message.valid?

process, dataset = SidecarListFetcher.fetch_for_process(message, hashed_params[:process_guid])
resource_not_found!(:process) unless process && permission_queryer.can_read_from_space?(process.space.guid, process.organization.guid)
resource_not_found!(:process) unless process && permission_queryer.untrusted_can_read_from_space?(process.space.guid, process.organization.guid)
render status: :ok, json: Presenters::V3::PaginatedListPresenter.new(
presenter: Presenters::V3::SidecarPresenter,
paginated_result: SequelPaginator.new.get_page(dataset, message.try(:pagination_options)),
Expand All @@ -41,7 +41,7 @@ def show
sidecar = SidecarModel.find(guid: hashed_params[:guid])
resource_not_found!(:sidecar) unless sidecar
app = sidecar.app
resource_not_found!(:sidecar) unless permission_queryer.can_read_from_space?(app.space.guid, app.space.organization.guid)
resource_not_found!(:sidecar) unless permission_queryer.untrusted_can_read_from_space?(app.space.guid, app.space.organization.guid)

render status: 200, json: Presenters::V3::SidecarPresenter.new(sidecar)
end
Expand Down
1 change: 1 addition & 0 deletions docs/v3/source/includes/experimental_resources/sidecars/_get.md.erb
View file
Expand Up @@ -31,6 +31,7 @@ Admin |
Admin Read-Only |
Global Auditor |
Org Manager |
Space Application Supporter | Experimental
Space Auditor |
Space Developer |
Space Manager |
1 change: 1 addition & 0 deletions docs/v3/source/includes/experimental_resources/sidecars/_list_for_app.md.erb
View file
Expand Up @@ -43,6 +43,7 @@ Admin |
Admin Read-Only |
Global Auditor |
Org Manager |
Space Application Supporter | Experimental
Space Auditor |
Space Developer |
Space Manager |
1 change: 1 addition & 0 deletions docs/v3/source/includes/experimental_resources/sidecars/_list_for_process.md.erb
View file
Expand Up @@ -43,6 +43,7 @@ Admin |
Admin Read-Only |
Global Auditor |
Org Manager |
Space Application Supporter | Experimental
Space Auditor |
Space Developer |
Space Manager |

0 comments on commit 8b3783e

Please sign in to comment.