mirror of
https://github.com/juspay/hyperswitch.git
synced 2025-10-31 18:17:13 +08:00
feat(payouts): Add user roles for payouts (#4167)
Co-authored-by: hyperswitch-bot[bot] <148525504+hyperswitch-bot[bot]@users.noreply.github.com>
This commit is contained in:
chikke srujan
@ -32,6 +32,8 @@ pub enum Permission {
|
|||||||
UsersWrite,
|
UsersWrite,
|
||||||
MerchantAccountCreate,
|
MerchantAccountCreate,
|
||||||
WebhookEventRead,
|
WebhookEventRead,
|
||||||
|
PayoutWrite,
|
||||||
|
PayoutRead,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, serde::Serialize)]
|
#[derive(Debug, serde::Serialize)]
|
||||||
@ -48,6 +50,7 @@ pub enum PermissionModule {
|
|||||||
ThreeDsDecisionManager,
|
ThreeDsDecisionManager,
|
||||||
SurchargeDecisionManager,
|
SurchargeDecisionManager,
|
||||||
AccountCreate,
|
AccountCreate,
|
||||||
|
Payouts,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, serde::Serialize)]
|
#[derive(Debug, serde::Serialize)]
|
||||||
|
|||||||
@ -9,7 +9,7 @@ use super::app::AppState;
|
|||||||
use crate::types::api::payments as payment_types;
|
use crate::types::api::payments as payment_types;
|
||||||
use crate::{
|
use crate::{
|
||||||
core::{api_locking, payouts::*},
|
core::{api_locking, payouts::*},
|
||||||
services::{api, authentication as auth},
|
services::{api, authentication as auth, authorization::permissions::Permission},
|
||||||
types::api::payouts as payout_types,
|
types::api::payouts as payout_types,
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -77,7 +77,11 @@ pub async fn payouts_retrieve(
|
|||||||
&req,
|
&req,
|
||||||
payout_retrieve_request,
|
payout_retrieve_request,
|
||||||
|state, auth, req| payouts_retrieve_core(state, auth.merchant_account, auth.key_store, req),
|
|state, auth, req| payouts_retrieve_core(state, auth.merchant_account, auth.key_store, req),
|
||||||
|
auth::auth_type(
|
||||||
&auth::ApiKeyAuth,
|
&auth::ApiKeyAuth,
|
||||||
|
&auth::JWTAuth(Permission::PayoutRead),
|
||||||
|
req.headers(),
|
||||||
|
),
|
||||||
api_locking::LockAction::NotApplicable,
|
api_locking::LockAction::NotApplicable,
|
||||||
))
|
))
|
||||||
.await
|
.await
|
||||||
@ -225,7 +229,11 @@ pub async fn payouts_list(
|
|||||||
&req,
|
&req,
|
||||||
payload,
|
payload,
|
||||||
|state, auth, req| payouts_list_core(state, auth.merchant_account, req),
|
|state, auth, req| payouts_list_core(state, auth.merchant_account, req),
|
||||||
|
auth::auth_type(
|
||||||
&auth::ApiKeyAuth,
|
&auth::ApiKeyAuth,
|
||||||
|
&auth::JWTAuth(Permission::PayoutRead),
|
||||||
|
req.headers(),
|
||||||
|
),
|
||||||
api_locking::LockAction::NotApplicable,
|
api_locking::LockAction::NotApplicable,
|
||||||
))
|
))
|
||||||
.await
|
.await
|
||||||
@ -259,7 +267,11 @@ pub async fn payouts_list_by_filter(
|
|||||||
&req,
|
&req,
|
||||||
payload,
|
payload,
|
||||||
|state, auth, req| payouts_filtered_list_core(state, auth.merchant_account, req),
|
|state, auth, req| payouts_filtered_list_core(state, auth.merchant_account, req),
|
||||||
|
auth::auth_type(
|
||||||
&auth::ApiKeyAuth,
|
&auth::ApiKeyAuth,
|
||||||
|
&auth::JWTAuth(Permission::PayoutRead),
|
||||||
|
req.headers(),
|
||||||
|
),
|
||||||
api_locking::LockAction::NotApplicable,
|
api_locking::LockAction::NotApplicable,
|
||||||
))
|
))
|
||||||
.await
|
.await
|
||||||
@ -293,7 +305,11 @@ pub async fn payouts_list_available_filters(
|
|||||||
&req,
|
&req,
|
||||||
payload,
|
payload,
|
||||||
|state, auth, req| payouts_list_available_filters_core(state, auth.merchant_account, req),
|
|state, auth, req| payouts_list_available_filters_core(state, auth.merchant_account, req),
|
||||||
|
auth::auth_type(
|
||||||
&auth::ApiKeyAuth,
|
&auth::ApiKeyAuth,
|
||||||
|
&auth::JWTAuth(Permission::PayoutRead),
|
||||||
|
req.headers(),
|
||||||
|
),
|
||||||
api_locking::LockAction::NotApplicable,
|
api_locking::LockAction::NotApplicable,
|
||||||
))
|
))
|
||||||
.await
|
.await
|
||||||
|
|||||||
@ -41,6 +41,7 @@ pub enum PermissionModule {
|
|||||||
ThreeDsDecisionManager,
|
ThreeDsDecisionManager,
|
||||||
SurchargeDecisionManager,
|
SurchargeDecisionManager,
|
||||||
AccountCreate,
|
AccountCreate,
|
||||||
|
Payouts,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl PermissionModule {
|
impl PermissionModule {
|
||||||
@ -57,7 +58,8 @@ impl PermissionModule {
|
|||||||
Self::Disputes => "Everything related to disputes - like creating and viewing dispute related information are within this module",
|
Self::Disputes => "Everything related to disputes - like creating and viewing dispute related information are within this module",
|
||||||
Self::ThreeDsDecisionManager => "View and configure 3DS decision rules configured for a merchant",
|
Self::ThreeDsDecisionManager => "View and configure 3DS decision rules configured for a merchant",
|
||||||
Self::SurchargeDecisionManager =>"View and configure surcharge decision rules configured for a merchant",
|
Self::SurchargeDecisionManager =>"View and configure surcharge decision rules configured for a merchant",
|
||||||
Self::AccountCreate => "Create new account within your organization"
|
Self::AccountCreate => "Create new account within your organization",
|
||||||
|
Self::Payouts => "Everything related to payouts - like creating and viewing payout related information are within this module"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -168,6 +170,14 @@ impl ModuleInfo {
|
|||||||
Permission::MerchantAccountCreate,
|
Permission::MerchantAccountCreate,
|
||||||
]),
|
]),
|
||||||
},
|
},
|
||||||
|
PermissionModule::Payouts => Self {
|
||||||
|
module: module_name,
|
||||||
|
description,
|
||||||
|
permissions: get_permission_info_from_permissions(&[
|
||||||
|
Permission::PayoutRead,
|
||||||
|
Permission::PayoutWrite,
|
||||||
|
]),
|
||||||
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -184,10 +194,10 @@ fn get_group_info_from_permission_group(group: PermissionGroup) -> GroupInfo {
|
|||||||
fn get_group_description(group: PermissionGroup) -> &'static str {
|
fn get_group_description(group: PermissionGroup) -> &'static str {
|
||||||
match group {
|
match group {
|
||||||
PermissionGroup::OperationsView => {
|
PermissionGroup::OperationsView => {
|
||||||
"View Payments, Refunds, Mandates, Disputes and Customers"
|
"View Payments, Refunds, Payouts, Mandates, Disputes and Customers"
|
||||||
}
|
}
|
||||||
PermissionGroup::OperationsManage => {
|
PermissionGroup::OperationsManage => {
|
||||||
"Create, modify and delete Payments, Refunds, Mandates, Disputes and Customers"
|
"Create, modify and delete Payments, Refunds, Payouts, Mandates, Disputes and Customers"
|
||||||
}
|
}
|
||||||
PermissionGroup::ConnectorsView => {
|
PermissionGroup::ConnectorsView => {
|
||||||
"View connected Payment Processors, Payout Processors and Fraud & Risk Manager details"
|
"View connected Payment Processors, Payout Processors and Fraud & Risk Manager details"
|
||||||
|
|||||||
@ -19,22 +19,24 @@ pub fn get_permissions_vec(permission_group: &PermissionGroup) -> &[Permission]
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub static OPERATIONS_VIEW: [Permission; 6] = [
|
pub static OPERATIONS_VIEW: [Permission; 7] = [
|
||||||
Permission::PaymentRead,
|
Permission::PaymentRead,
|
||||||
Permission::RefundRead,
|
Permission::RefundRead,
|
||||||
Permission::MandateRead,
|
Permission::MandateRead,
|
||||||
Permission::DisputeRead,
|
Permission::DisputeRead,
|
||||||
Permission::CustomerRead,
|
Permission::CustomerRead,
|
||||||
Permission::MerchantAccountRead,
|
Permission::MerchantAccountRead,
|
||||||
|
Permission::PayoutRead,
|
||||||
];
|
];
|
||||||
|
|
||||||
pub static OPERATIONS_MANAGE: [Permission; 6] = [
|
pub static OPERATIONS_MANAGE: [Permission; 7] = [
|
||||||
Permission::PaymentWrite,
|
Permission::PaymentWrite,
|
||||||
Permission::RefundWrite,
|
Permission::RefundWrite,
|
||||||
Permission::MandateWrite,
|
Permission::MandateWrite,
|
||||||
Permission::DisputeWrite,
|
Permission::DisputeWrite,
|
||||||
Permission::CustomerWrite,
|
Permission::CustomerWrite,
|
||||||
Permission::MerchantAccountRead,
|
Permission::MerchantAccountRead,
|
||||||
|
Permission::PayoutWrite,
|
||||||
];
|
];
|
||||||
|
|
||||||
pub static CONNECTORS_VIEW: [Permission; 2] = [
|
pub static CONNECTORS_VIEW: [Permission; 2] = [
|
||||||
|
|||||||
@ -31,6 +31,8 @@ pub enum Permission {
|
|||||||
UsersWrite,
|
UsersWrite,
|
||||||
MerchantAccountCreate,
|
MerchantAccountCreate,
|
||||||
WebhookEventRead,
|
WebhookEventRead,
|
||||||
|
PayoutRead,
|
||||||
|
PayoutWrite,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Permission {
|
impl Permission {
|
||||||
@ -69,6 +71,8 @@ impl Permission {
|
|||||||
Self::UsersWrite => "Invite users, assign and update roles",
|
Self::UsersWrite => "Invite users, assign and update roles",
|
||||||
Self::MerchantAccountCreate => "Create merchant account",
|
Self::MerchantAccountCreate => "Create merchant account",
|
||||||
Self::WebhookEventRead => "View webhook events",
|
Self::WebhookEventRead => "View webhook events",
|
||||||
|
Self::PayoutRead => "View all payouts",
|
||||||
|
Self::PayoutWrite => "Create payout, download payout data",
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -64,6 +64,8 @@ pub static PREDEFINED_PERMISSIONS: Lazy<HashMap<&'static str, RoleInfo>> = Lazy:
|
|||||||
Permission::UsersRead,
|
Permission::UsersRead,
|
||||||
Permission::UsersWrite,
|
Permission::UsersWrite,
|
||||||
Permission::MerchantAccountCreate,
|
Permission::MerchantAccountCreate,
|
||||||
|
Permission::PayoutRead,
|
||||||
|
Permission::PayoutWrite,
|
||||||
],
|
],
|
||||||
name: None,
|
name: None,
|
||||||
is_invitable: false,
|
is_invitable: false,
|
||||||
@ -88,6 +90,7 @@ pub static PREDEFINED_PERMISSIONS: Lazy<HashMap<&'static str, RoleInfo>> = Lazy:
|
|||||||
Permission::MandateRead,
|
Permission::MandateRead,
|
||||||
Permission::CustomerRead,
|
Permission::CustomerRead,
|
||||||
Permission::UsersRead,
|
Permission::UsersRead,
|
||||||
|
Permission::PayoutRead,
|
||||||
],
|
],
|
||||||
name: None,
|
name: None,
|
||||||
is_invitable: false,
|
is_invitable: false,
|
||||||
@ -126,6 +129,8 @@ pub static PREDEFINED_PERMISSIONS: Lazy<HashMap<&'static str, RoleInfo>> = Lazy:
|
|||||||
Permission::UsersRead,
|
Permission::UsersRead,
|
||||||
Permission::UsersWrite,
|
Permission::UsersWrite,
|
||||||
Permission::MerchantAccountCreate,
|
Permission::MerchantAccountCreate,
|
||||||
|
Permission::PayoutRead,
|
||||||
|
Permission::PayoutWrite,
|
||||||
],
|
],
|
||||||
name: Some("Organization Admin"),
|
name: Some("Organization Admin"),
|
||||||
is_invitable: false,
|
is_invitable: false,
|
||||||
@ -164,6 +169,8 @@ pub static PREDEFINED_PERMISSIONS: Lazy<HashMap<&'static str, RoleInfo>> = Lazy:
|
|||||||
Permission::Analytics,
|
Permission::Analytics,
|
||||||
Permission::UsersRead,
|
Permission::UsersRead,
|
||||||
Permission::UsersWrite,
|
Permission::UsersWrite,
|
||||||
|
Permission::PayoutRead,
|
||||||
|
Permission::PayoutWrite,
|
||||||
],
|
],
|
||||||
name: Some("Admin"),
|
name: Some("Admin"),
|
||||||
is_invitable: true,
|
is_invitable: true,
|
||||||
@ -188,6 +195,7 @@ pub static PREDEFINED_PERMISSIONS: Lazy<HashMap<&'static str, RoleInfo>> = Lazy:
|
|||||||
Permission::CustomerRead,
|
Permission::CustomerRead,
|
||||||
Permission::Analytics,
|
Permission::Analytics,
|
||||||
Permission::UsersRead,
|
Permission::UsersRead,
|
||||||
|
Permission::PayoutRead,
|
||||||
],
|
],
|
||||||
name: Some("View Only"),
|
name: Some("View Only"),
|
||||||
is_invitable: true,
|
is_invitable: true,
|
||||||
@ -213,6 +221,7 @@ pub static PREDEFINED_PERMISSIONS: Lazy<HashMap<&'static str, RoleInfo>> = Lazy:
|
|||||||
Permission::Analytics,
|
Permission::Analytics,
|
||||||
Permission::UsersRead,
|
Permission::UsersRead,
|
||||||
Permission::UsersWrite,
|
Permission::UsersWrite,
|
||||||
|
Permission::PayoutRead,
|
||||||
],
|
],
|
||||||
name: Some("IAM"),
|
name: Some("IAM"),
|
||||||
is_invitable: true,
|
is_invitable: true,
|
||||||
@ -238,6 +247,7 @@ pub static PREDEFINED_PERMISSIONS: Lazy<HashMap<&'static str, RoleInfo>> = Lazy:
|
|||||||
Permission::CustomerRead,
|
Permission::CustomerRead,
|
||||||
Permission::Analytics,
|
Permission::Analytics,
|
||||||
Permission::UsersRead,
|
Permission::UsersRead,
|
||||||
|
Permission::PayoutRead,
|
||||||
],
|
],
|
||||||
name: Some("Developer"),
|
name: Some("Developer"),
|
||||||
is_invitable: true,
|
is_invitable: true,
|
||||||
@ -268,6 +278,8 @@ pub static PREDEFINED_PERMISSIONS: Lazy<HashMap<&'static str, RoleInfo>> = Lazy:
|
|||||||
Permission::CustomerRead,
|
Permission::CustomerRead,
|
||||||
Permission::Analytics,
|
Permission::Analytics,
|
||||||
Permission::UsersRead,
|
Permission::UsersRead,
|
||||||
|
Permission::PayoutRead,
|
||||||
|
Permission::PayoutWrite,
|
||||||
],
|
],
|
||||||
name: Some("Operator"),
|
name: Some("Operator"),
|
||||||
is_invitable: true,
|
is_invitable: true,
|
||||||
@ -289,6 +301,7 @@ pub static PREDEFINED_PERMISSIONS: Lazy<HashMap<&'static str, RoleInfo>> = Lazy:
|
|||||||
Permission::MandateRead,
|
Permission::MandateRead,
|
||||||
Permission::CustomerRead,
|
Permission::CustomerRead,
|
||||||
Permission::Analytics,
|
Permission::Analytics,
|
||||||
|
Permission::PayoutRead,
|
||||||
],
|
],
|
||||||
name: Some("Customer Support"),
|
name: Some("Customer Support"),
|
||||||
is_invitable: true,
|
is_invitable: true,
|
||||||
|
|||||||
@ -808,6 +808,7 @@ impl From<info::PermissionModule> for user_role_api::PermissionModule {
|
|||||||
info::PermissionModule::ThreeDsDecisionManager => Self::ThreeDsDecisionManager,
|
info::PermissionModule::ThreeDsDecisionManager => Self::ThreeDsDecisionManager,
|
||||||
info::PermissionModule::SurchargeDecisionManager => Self::SurchargeDecisionManager,
|
info::PermissionModule::SurchargeDecisionManager => Self::SurchargeDecisionManager,
|
||||||
info::PermissionModule::AccountCreate => Self::AccountCreate,
|
info::PermissionModule::AccountCreate => Self::AccountCreate,
|
||||||
|
info::PermissionModule::Payouts => Self::Payouts,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -44,6 +44,8 @@ impl From<Permission> for user_role_api::Permission {
|
|||||||
Permission::UsersWrite => Self::UsersWrite,
|
Permission::UsersWrite => Self::UsersWrite,
|
||||||
Permission::MerchantAccountCreate => Self::MerchantAccountCreate,
|
Permission::MerchantAccountCreate => Self::MerchantAccountCreate,
|
||||||
Permission::WebhookEventRead => Self::WebhookEventRead,
|
Permission::WebhookEventRead => Self::WebhookEventRead,
|
||||||
|
Permission::PayoutRead => Self::PayoutRead,
|
||||||
|
Permission::PayoutWrite => Self::PayoutWrite,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -3866,64 +3866,6 @@
|
|||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/payouts/list": {
|
|
||||||
"get": {
|
|
||||||
"tags": [
|
|
||||||
"Payouts"
|
|
||||||
],
|
|
||||||
"summary": "Payouts - List",
|
|
||||||
"description": "Payouts - List",
|
|
||||||
"operationId": "List payouts",
|
|
||||||
"responses": {
|
|
||||||
"200": {
|
|
||||||
"description": "Payouts listed",
|
|
||||||
"content": {
|
|
||||||
"application/json": {
|
|
||||||
"schema": {
|
|
||||||
"$ref": "#/components/schemas/PayoutListResponse"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"404": {
|
|
||||||
"description": "Payout not found"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"security": [
|
|
||||||
{
|
|
||||||
"api_key": []
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"post": {
|
|
||||||
"tags": [
|
|
||||||
"Payouts"
|
|
||||||
],
|
|
||||||
"summary": "Payouts - Filter",
|
|
||||||
"description": "Payouts - Filter",
|
|
||||||
"operationId": "Filter payouts",
|
|
||||||
"responses": {
|
|
||||||
"200": {
|
|
||||||
"description": "Payouts filtered",
|
|
||||||
"content": {
|
|
||||||
"application/json": {
|
|
||||||
"schema": {
|
|
||||||
"$ref": "#/components/schemas/PayoutListResponse"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"404": {
|
|
||||||
"description": "Payout not found"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"security": [
|
|
||||||
{
|
|
||||||
"api_key": []
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"/payouts/{payout_id}": {
|
"/payouts/{payout_id}": {
|
||||||
"get": {
|
"get": {
|
||||||
"tags": [
|
"tags": [
|
||||||
@ -4116,6 +4058,64 @@
|
|||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"/payouts/list": {
|
||||||
|
"get": {
|
||||||
|
"tags": [
|
||||||
|
"Payouts"
|
||||||
|
],
|
||||||
|
"summary": "Payouts - List",
|
||||||
|
"description": "Payouts - List",
|
||||||
|
"operationId": "List payouts",
|
||||||
|
"responses": {
|
||||||
|
"200": {
|
||||||
|
"description": "Payouts listed",
|
||||||
|
"content": {
|
||||||
|
"application/json": {
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/components/schemas/PayoutListResponse"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"404": {
|
||||||
|
"description": "Payout not found"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"security": [
|
||||||
|
{
|
||||||
|
"api_key": []
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"post": {
|
||||||
|
"tags": [
|
||||||
|
"Payouts"
|
||||||
|
],
|
||||||
|
"summary": "Payouts - Filter",
|
||||||
|
"description": "Payouts - Filter",
|
||||||
|
"operationId": "Filter payouts",
|
||||||
|
"responses": {
|
||||||
|
"200": {
|
||||||
|
"description": "Payouts filtered",
|
||||||
|
"content": {
|
||||||
|
"application/json": {
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/components/schemas/PayoutListResponse"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"404": {
|
||||||
|
"description": "Payout not found"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"security": [
|
||||||
|
{
|
||||||
|
"api_key": []
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
"/api_keys/{merchant_id)": {
|
"/api_keys/{merchant_id)": {
|
||||||
"post": {
|
"post": {
|
||||||
"tags": [
|
"tags": [
|
||||||
|
|||||||
Reference in New Issue
Block a user