Skip to content

Commit

Permalink
fix: UpdateProject operation to authz (#1281)
Browse files Browse the repository at this point in the history
* fix: UpdateProject operation to authz

* tests: authz update project roles
  • Loading branch information
adilansari committed Jun 22, 2023
1 parent 104895b commit f1cea7f
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 0 deletions.
1 change: 1 addition & 0 deletions api/server/v1/tx.go
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ const (
ListProjectsMethodName = apiMethodPrefix + "ListProjects"
ListCollectionsMethodName = apiMethodPrefix + "ListCollections"
CreateProjectMethodName = apiMethodPrefix + "CreateProject"
UpdateProjectMethodName = apiMethodPrefix + "UpdateProject"

DeleteProjectMethodName = apiMethodPrefix + "DeleteProject"
DescribeDatabaseMethodName = apiMethodPrefix + "DescribeDatabase"
Expand Down
3 changes: 3 additions & 0 deletions server/middleware/authz.go
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,7 @@ var (
api.ListProjectsMethodName,
api.ListCollectionsMethodName,
api.CreateProjectMethodName,
api.UpdateProjectMethodName,
api.DeleteProjectMethodName,
api.DescribeDatabaseMethodName,
api.DescribeCollectionMethodName,
Expand Down Expand Up @@ -194,6 +195,7 @@ var (
api.ListProjectsMethodName,
api.ListCollectionsMethodName,
api.CreateProjectMethodName,
api.UpdateProjectMethodName,
api.DeleteProjectMethodName,
api.DescribeDatabaseMethodName,
api.DescribeCollectionMethodName,
Expand Down Expand Up @@ -293,6 +295,7 @@ var (
api.ListProjectsMethodName,
api.ListCollectionsMethodName,
api.CreateProjectMethodName,
api.UpdateProjectMethodName,
api.DeleteProjectMethodName,
api.DescribeDatabaseMethodName,
api.DescribeCollectionMethodName,
Expand Down
3 changes: 3 additions & 0 deletions server/middleware/authz_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ func TestAuthzOwnerRole(t *testing.T) {
require.True(t, isAuthorizedOperation(api.CreateOrUpdateCollectionsMethodName, auth.OwnerRoleName))
require.True(t, isAuthorizedOperation(api.DropCollectionMethodName, auth.OwnerRoleName))
require.True(t, isAuthorizedOperation(api.ListProjectsMethodName, auth.OwnerRoleName))
require.True(t, isAuthorizedOperation(api.UpdateProjectMethodName, auth.OwnerRoleName))
require.True(t, isAuthorizedOperation(api.ListCollectionsMethodName, auth.OwnerRoleName))
require.True(t, isAuthorizedOperation(api.CreateProjectMethodName, auth.OwnerRoleName))
require.True(t, isAuthorizedOperation(api.DeleteProjectMethodName, auth.OwnerRoleName))
Expand Down Expand Up @@ -149,6 +150,7 @@ func TestAuthzEditorRole(t *testing.T) {
require.True(t, isAuthorizedOperation(api.ListProjectsMethodName, auth.EditorRoleName))
require.True(t, isAuthorizedOperation(api.ListCollectionsMethodName, auth.EditorRoleName))
require.True(t, isAuthorizedOperation(api.CreateProjectMethodName, auth.EditorRoleName))
require.True(t, isAuthorizedOperation(api.UpdateProjectMethodName, auth.EditorRoleName))
require.True(t, isAuthorizedOperation(api.DeleteProjectMethodName, auth.EditorRoleName))
require.True(t, isAuthorizedOperation(api.DescribeDatabaseMethodName, auth.EditorRoleName))
require.True(t, isAuthorizedOperation(api.DescribeCollectionMethodName, auth.EditorRoleName))
Expand Down Expand Up @@ -285,6 +287,7 @@ func TestAuthzReadOnlyRole(t *testing.T) {
require.False(t, isAuthorizedOperation(api.UpdateMethodName, auth.ReadOnlyRoleName))
require.False(t, isAuthorizedOperation(api.DeleteMethodName, auth.ReadOnlyRoleName))
require.False(t, isAuthorizedOperation(api.CreateProjectMethodName, auth.ReadOnlyRoleName))
require.False(t, isAuthorizedOperation(api.UpdateProjectMethodName, auth.ReadOnlyRoleName))
require.False(t, isAuthorizedOperation(api.CreateOrUpdateCollectionMethodName, auth.ReadOnlyRoleName))
require.False(t, isAuthorizedOperation(api.CreateOrUpdateCollectionsMethodName, auth.ReadOnlyRoleName))
require.False(t, isAuthorizedOperation(api.DeleteProjectMethodName, auth.ReadOnlyRoleName))
Expand Down

0 comments on commit f1cea7f

Please sign in to comment.