Create permissions for managing review periods

server/src/main/java/com/objectcomputing/checkins/services/permissions/Permission.java

@@ -39,7 +39,12 @@ public enum Permission {
   CAN_CREATE_REVIEW_ASSIGNMENTS("Create review assignments", "Reviews"),
   CAN_VIEW_REVIEW_ASSIGNMENTS("View review assignments", "Reviews"),
   CAN_UPDATE_REVIEW_ASSIGNMENTS("Update review assignments", "Reviews"),
-  CAN_DELETE_REVIEW_ASSIGNMENTS("Delete review assignments", "Reviews");
+  CAN_DELETE_REVIEW_ASSIGNMENTS("Delete review assignments", "Reviews"),
+  CAN_CREATE_REVIEW_PERIOD("Create review period", "Review Period"),
+  CAN_UPDATE_REVIEW_PERIOD("Update review period", "Review Period"),
+  CAN_LAUNCH_REVIEW_PERIOD("Launch review period", "Review Period"),
+  CAN_CLOSE_REVIEW_PERIOD("Close review period", "Review Period"),
+  CAN_DELETE_REVIEW_PERIOD("Delete review period", "Review Period");
 
   private final String description;
   private final String category;

server/src/main/java/com/objectcomputing/checkins/services/reviews/ReviewPeriodController.java

@@ -1,11 +1,20 @@
 package com.objectcomputing.checkins.services.reviews;
 
 import com.objectcomputing.checkins.exceptions.NotFoundException;
+import com.objectcomputing.checkins.services.permissions.Permission;
+import com.objectcomputing.checkins.services.permissions.RequiredPermission;
 import io.micronaut.core.annotation.Nullable;
 import io.micronaut.http.HttpRequest;
 import io.micronaut.http.HttpResponse;
 import io.micronaut.http.MediaType;
-import io.micronaut.http.annotation.*;
+import io.micronaut.http.annotation.Body;
+import io.micronaut.http.annotation.Consumes;
+import io.micronaut.http.annotation.Controller;
+import io.micronaut.http.annotation.Delete;
+import io.micronaut.http.annotation.Get;
+import io.micronaut.http.annotation.Post;
+import io.micronaut.http.annotation.Produces;
+import io.micronaut.http.annotation.Put;
 import io.micronaut.scheduling.TaskExecutors;
 import io.micronaut.scheduling.annotation.ExecuteOn;
 import io.micronaut.security.annotation.Secured;
@@ -40,6 +49,7 @@ public ReviewPeriodController(ReviewPeriodServices reviewPeriodServices) {
      * @return a streamable response containing the stored {@link ReviewPeriod}
      */
     @Post()
+    @RequiredPermission(Permission.CAN_CREATE_REVIEW_PERIOD)
     public Mono<HttpResponse<ReviewPeriod>> createReviewPeriod(@Body @Valid ReviewPeriodCreateDTO period, HttpRequest<?> request) {
         return Mono.fromCallable(() -> reviewPeriodServices.save(period.convertToEntity()))
                 .map(reviewPeriod -> HttpResponse.created(reviewPeriod)
@@ -87,6 +97,7 @@ public Mono<HttpResponse<Set<ReviewPeriod>>> findByValue(@Nullable String name,
      * @return a streamable response containing the stored {@link ReviewPeriod}
      */
     @Put()
+    @RequiredPermission(Permission.CAN_UPDATE_REVIEW_PERIOD)
     public Mono<HttpResponse<ReviewPeriod>> update(@Body @Valid ReviewPeriod reviewPeriod, HttpRequest<?> request) {
 
         return Mono.fromCallable(() -> reviewPeriodServices.update(reviewPeriod))
@@ -101,6 +112,7 @@ public Mono<HttpResponse<ReviewPeriod>> update(@Body @Valid ReviewPeriod reviewP
      * @param id  the id of the review period to be deleted to delete
      */
     @Delete("/{id}")
+    @RequiredPermission(Permission.CAN_DELETE_REVIEW_PERIOD)
     public Mono<HttpResponse<?>> deleteReviewPeriod(@NotNull UUID id) {
         return Mono.fromRunnable(() -> reviewPeriodServices.delete(id))
                 .thenReturn(HttpResponse.ok());

server/src/main/java/com/objectcomputing/checkins/services/reviews/ReviewPeriodServicesImpl.java

@@ -2,14 +2,16 @@
 
 import com.objectcomputing.checkins.exceptions.AlreadyExistsException;
 import com.objectcomputing.checkins.exceptions.BadArgException;
-import com.objectcomputing.checkins.exceptions.PermissionException;
-import com.objectcomputing.checkins.services.memberprofile.currentuser.CurrentUserServices;
 import jakarta.inject.Singleton;
 import jakarta.validation.constraints.NotNull;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.util.*;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Objects;
+import java.util.Set;
+import java.util.UUID;
 import java.util.stream.Collectors;
 
 @Singleton
@@ -18,12 +20,9 @@ public class ReviewPeriodServicesImpl implements ReviewPeriodServices {
     private static final Logger LOG = LoggerFactory.getLogger(ReviewPeriodServicesImpl.class);
 
     private final ReviewPeriodRepository reviewPeriodRepository;
-    private final CurrentUserServices currentUserServices;
 
-    public ReviewPeriodServicesImpl(ReviewPeriodRepository reviewPeriodRepository,
-                                    CurrentUserServices currentUserServices) {
+    public ReviewPeriodServicesImpl(ReviewPeriodRepository reviewPeriodRepository) {
         this.reviewPeriodRepository = reviewPeriodRepository;
-        this.currentUserServices = currentUserServices;
     }
 
     public ReviewPeriod save(ReviewPeriod reviewPeriod) {
@@ -39,7 +38,6 @@ public ReviewPeriod save(ReviewPeriod reviewPeriod) {
 
             newPeriod = reviewPeriodRepository.save(reviewPeriod);
         }
-
         return newPeriod;
     }
 
@@ -57,16 +55,13 @@ public Set<ReviewPeriod> findByValue(String name, ReviewStatus reviewStatus) {
         } else if (reviewStatus != null) {
             reviewPeriods.addAll(reviewPeriodRepository.findByReviewStatus(reviewStatus));
         } else {
-            reviewPeriodRepository.findAll().forEach(reviewPeriods::add);
+            reviewPeriods.addAll(reviewPeriodRepository.findAll());
         }
 
         return reviewPeriods;
     }
 
     public void delete(@NotNull UUID id) {
-        if (!currentUserServices.isAdmin()) {
-            throw new PermissionException("You do not have permission to access this resource");
-        }
         reviewPeriodRepository.deleteById(id);
     }
 
@@ -76,15 +71,11 @@ protected List<ReviewPeriod> findByNameLike(String name) {
     }
 
     public ReviewPeriod update(@NotNull ReviewPeriod reviewPeriod) {
-        if (!currentUserServices.isAdmin()) {
-            throw new PermissionException("You do not have permission to access this resource");
-        }
-        LOG.info(String.format("Updating entity %s", reviewPeriod));
+        LOG.info("Updating entity {}", reviewPeriod);
         if (reviewPeriod.getId() != null && reviewPeriodRepository.findById(reviewPeriod.getId()).isPresent()) {
             return reviewPeriodRepository.update(reviewPeriod);
         } else {
             throw new BadArgException(String.format("ReviewPeriod %s does not exist, cannot update", reviewPeriod.getId()));
         }
     }
-
 }

server/src/main/resources/db/dev/R__Load_testing_data.sql

@@ -817,6 +817,30 @@ insert into role_permissions
 values
     ('e8a4fff8-e984-4e59-be84-a713c9fa8d23', 'CAN_DELETE_REVIEW_ASSIGNMENTS');
 
+insert into role_permissions
+(roleid, permission)
+values
+    ('e8a4fff8-e984-4e59-be84-a713c9fa8d23', 'CAN_CREATE_REVIEW_PERIOD');
+
+insert into role_permissions
+(roleid, permission)
+values
+    ('e8a4fff8-e984-4e59-be84-a713c9fa8d23', 'CAN_UPDATE_REVIEW_PERIOD');
+
+insert into role_permissions
+(roleid, permission)
+values
+    ('e8a4fff8-e984-4e59-be84-a713c9fa8d23', 'CAN_LAUNCH_REVIEW_PERIOD');
+
+insert into role_permissions
+(roleid, permission)
+values
+    ('e8a4fff8-e984-4e59-be84-a713c9fa8d23', 'CAN_CLOSE_REVIEW_PERIOD');
+
+insert into role_permissions
+(roleid, permission)
+values
+    ('e8a4fff8-e984-4e59-be84-a713c9fa8d23', 'CAN_DELETE_REVIEW_PERIOD');
 
 -- PDL Permissions
 insert into role_permissions

server/src/test/java/com/objectcomputing/checkins/services/fixture/PermissionFixture.java

@@ -70,14 +70,16 @@ public interface PermissionFixture extends RolePermissionFixture {
         Permission.CAN_CREATE_REVIEW_ASSIGNMENTS,
         Permission.CAN_VIEW_REVIEW_ASSIGNMENTS,
         Permission.CAN_UPDATE_REVIEW_ASSIGNMENTS,
-        Permission.CAN_DELETE_REVIEW_ASSIGNMENTS
+        Permission.CAN_DELETE_REVIEW_ASSIGNMENTS,
+        Permission.CAN_CREATE_REVIEW_PERIOD,
+        Permission.CAN_UPDATE_REVIEW_PERIOD,
+        Permission.CAN_LAUNCH_REVIEW_PERIOD,
+        Permission.CAN_CLOSE_REVIEW_PERIOD,
+        Permission.CAN_DELETE_REVIEW_PERIOD
     );
 
-
-
     default void setPermissionsForAdmin(UUID roleID) {
         adminPermissions.forEach(permission -> setRolePermission(roleID, permission));
-
     }
 
     default void setPermissionsForPdl(UUID roleID) {