Skip to content

Implement conditional workspace authorization#376

Merged
TessFerrandez merged 2 commits into
developfrom
tessferrandez/access-service
Jun 28, 2021
Merged

Implement conditional workspace authorization#376
TessFerrandez merged 2 commits into
developfrom
tessferrandez/access-service

Conversation

@TessFerrandez
Copy link
Copy Markdown
Member

@TessFerrandez TessFerrandez commented Jun 28, 2021

PR for issue #307, #221 and #208

What is being addressed

  • API should check if user is either owner or researcher on the workspaces to determine if the user should be able to see the workspace info

How is this addressed

  • When the user is authenticated - the users role assignments are retrieved and stored in the user object
  • When the user attempts to retrieve info about a single workspace, its role assignments are checked against the workspaceowner and workspaceresearcher roles on the workspace
  • When the user attempts to retrieve info about multiple workspaces, its role assignments are checked against the workspaces to filter out which ones the user can see
  • Tests related to the this functionality are created and updated

@TessFerrandez TessFerrandez self-assigned this Jun 28, 2021
@TessFerrandez TessFerrandez added api Composition Service API auth Authentication and authorization labels Jun 28, 2021
This was linked to issues Jun 28, 2021
Implement AUTH component for AAD #307
Closed
Enforce auth on /workspaces/{workspace_id} endpoint #221
Closed
Retrieve 'my' workspaces #208
Closed
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Jun 28, 2021

Unit Test Results

  1 files    1 suites   2s ⏱️
66 tests 66 ✔️ 0 💤 0 ❌

Results for commit d594561.

tompaana
tompaana approved these changes Jun 28, 2021
View reviewed changes
Copy link
Copy Markdown
Member

@tompaana tompaana left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LVGTMTHX

@TessFerrandez
Copy link
Copy Markdown
Member Author

TessFerrandez commented Jun 28, 2021

LVGTMTHX

WTYVMSFRTPR

@TessFerrandez TessFerrandez merged commit d9719b3 into develop Jun 28, 2021
@TessFerrandez TessFerrandez deleted the tessferrandez/access-service branch June 28, 2021 11:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@askew askew Awaiting requested review from askew

@sachinkundu sachinkundu Awaiting requested review from sachinkundu

@msebragge msebragge Awaiting requested review from msebragge

1 more reviewer

@tompaana tompaana tompaana approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@TessFerrandez TessFerrandez

Labels

api Composition Service API auth Authentication and authorization

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Implement AUTH component for AAD Enforce auth on /workspaces/{workspace_id} endpoint Retrieve 'my' workspaces

2 participants

@TessFerrandez @tompaana