mirror of
https://github.com/juspay/hyperswitch.git
synced 2025-11-02 12:06:56 +08:00
feat(users): handle edge features for users in tenancy (#6990)
This commit is contained in:
Apoorv Dixit
@ -1925,32 +1925,57 @@ pub mod routes {
|
||||
json_payload.into_inner(),
|
||||
|state, auth: UserFromToken, req, _| async move {
|
||||
let role_id = auth.role_id;
|
||||
let role_info = RoleInfo::from_role_id_and_org_id(&state, &role_id, &auth.org_id)
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)?;
|
||||
let role_info = RoleInfo::from_role_id_org_id_tenant_id(
|
||||
&state,
|
||||
&role_id,
|
||||
&auth.org_id,
|
||||
auth.tenant_id.as_ref().unwrap_or(&state.tenant.tenant_id),
|
||||
)
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)?;
|
||||
let permission_groups = role_info.get_permission_groups();
|
||||
if !permission_groups.contains(&common_enums::PermissionGroup::OperationsView) {
|
||||
return Err(OpenSearchError::AccessForbiddenError)?;
|
||||
}
|
||||
let user_roles: HashSet<UserRole> = state
|
||||
.global_store
|
||||
.list_user_roles_by_user_id(ListUserRolesByUserIdPayload {
|
||||
user_id: &auth.user_id,
|
||||
tenant_id: auth.tenant_id.as_ref().unwrap_or(&state.tenant.tenant_id),
|
||||
org_id: Some(&auth.org_id),
|
||||
merchant_id: None,
|
||||
profile_id: None,
|
||||
entity_id: None,
|
||||
version: None,
|
||||
status: None,
|
||||
limit: None,
|
||||
})
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)?
|
||||
.into_iter()
|
||||
.collect();
|
||||
let user_roles: HashSet<UserRole> = match role_info.get_entity_type() {
|
||||
EntityType::Tenant => state
|
||||
.global_store
|
||||
.list_user_roles_by_user_id(ListUserRolesByUserIdPayload {
|
||||
user_id: &auth.user_id,
|
||||
tenant_id: auth.tenant_id.as_ref().unwrap_or(&state.tenant.tenant_id),
|
||||
org_id: None,
|
||||
merchant_id: None,
|
||||
profile_id: None,
|
||||
entity_id: None,
|
||||
version: None,
|
||||
status: None,
|
||||
limit: None,
|
||||
})
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)?
|
||||
.into_iter()
|
||||
.collect(),
|
||||
EntityType::Organization | EntityType::Merchant | EntityType::Profile => state
|
||||
.global_store
|
||||
.list_user_roles_by_user_id(ListUserRolesByUserIdPayload {
|
||||
user_id: &auth.user_id,
|
||||
tenant_id: auth.tenant_id.as_ref().unwrap_or(&state.tenant.tenant_id),
|
||||
org_id: Some(&auth.org_id),
|
||||
merchant_id: None,
|
||||
profile_id: None,
|
||||
entity_id: None,
|
||||
version: None,
|
||||
status: None,
|
||||
limit: None,
|
||||
})
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)?
|
||||
.into_iter()
|
||||
.collect(),
|
||||
};
|
||||
|
||||
let state = Arc::new(state);
|
||||
let role_info_map: HashMap<String, RoleInfo> = user_roles
|
||||
@ -1959,12 +1984,15 @@ pub mod routes {
|
||||
let state = Arc::clone(&state);
|
||||
let role_id = user_role.role_id.clone();
|
||||
let org_id = user_role.org_id.clone().unwrap_or_default();
|
||||
let tenant_id = &user_role.tenant_id;
|
||||
async move {
|
||||
RoleInfo::from_role_id_and_org_id(&state, &role_id, &org_id)
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)
|
||||
.map(|role_info| (role_id, role_info))
|
||||
RoleInfo::from_role_id_org_id_tenant_id(
|
||||
&state, &role_id, &org_id, tenant_id,
|
||||
)
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)
|
||||
.map(|role_info| (role_id, role_info))
|
||||
}
|
||||
})
|
||||
.collect::<FuturesUnordered<_>>()
|
||||
@ -2047,32 +2075,57 @@ pub mod routes {
|
||||
indexed_req,
|
||||
|state, auth: UserFromToken, req, _| async move {
|
||||
let role_id = auth.role_id;
|
||||
let role_info = RoleInfo::from_role_id_and_org_id(&state, &role_id, &auth.org_id)
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)?;
|
||||
let role_info = RoleInfo::from_role_id_org_id_tenant_id(
|
||||
&state,
|
||||
&role_id,
|
||||
&auth.org_id,
|
||||
auth.tenant_id.as_ref().unwrap_or(&state.tenant.tenant_id),
|
||||
)
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)?;
|
||||
let permission_groups = role_info.get_permission_groups();
|
||||
if !permission_groups.contains(&common_enums::PermissionGroup::OperationsView) {
|
||||
return Err(OpenSearchError::AccessForbiddenError)?;
|
||||
}
|
||||
let user_roles: HashSet<UserRole> = state
|
||||
.global_store
|
||||
.list_user_roles_by_user_id(ListUserRolesByUserIdPayload {
|
||||
user_id: &auth.user_id,
|
||||
tenant_id: auth.tenant_id.as_ref().unwrap_or(&state.tenant.tenant_id),
|
||||
org_id: Some(&auth.org_id),
|
||||
merchant_id: None,
|
||||
profile_id: None,
|
||||
entity_id: None,
|
||||
version: None,
|
||||
status: None,
|
||||
limit: None,
|
||||
})
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)?
|
||||
.into_iter()
|
||||
.collect();
|
||||
let user_roles: HashSet<UserRole> = match role_info.get_entity_type() {
|
||||
EntityType::Tenant => state
|
||||
.global_store
|
||||
.list_user_roles_by_user_id(ListUserRolesByUserIdPayload {
|
||||
user_id: &auth.user_id,
|
||||
tenant_id: auth.tenant_id.as_ref().unwrap_or(&state.tenant.tenant_id),
|
||||
org_id: None,
|
||||
merchant_id: None,
|
||||
profile_id: None,
|
||||
entity_id: None,
|
||||
version: None,
|
||||
status: None,
|
||||
limit: None,
|
||||
})
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)?
|
||||
.into_iter()
|
||||
.collect(),
|
||||
EntityType::Organization | EntityType::Merchant | EntityType::Profile => state
|
||||
.global_store
|
||||
.list_user_roles_by_user_id(ListUserRolesByUserIdPayload {
|
||||
user_id: &auth.user_id,
|
||||
tenant_id: auth.tenant_id.as_ref().unwrap_or(&state.tenant.tenant_id),
|
||||
org_id: Some(&auth.org_id),
|
||||
merchant_id: None,
|
||||
profile_id: None,
|
||||
entity_id: None,
|
||||
version: None,
|
||||
status: None,
|
||||
limit: None,
|
||||
})
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)?
|
||||
.into_iter()
|
||||
.collect(),
|
||||
};
|
||||
let state = Arc::new(state);
|
||||
let role_info_map: HashMap<String, RoleInfo> = user_roles
|
||||
.iter()
|
||||
@ -2080,12 +2133,15 @@ pub mod routes {
|
||||
let state = Arc::clone(&state);
|
||||
let role_id = user_role.role_id.clone();
|
||||
let org_id = user_role.org_id.clone().unwrap_or_default();
|
||||
let tenant_id = &user_role.tenant_id;
|
||||
async move {
|
||||
RoleInfo::from_role_id_and_org_id(&state, &role_id, &org_id)
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)
|
||||
.map(|role_info| (role_id, role_info))
|
||||
RoleInfo::from_role_id_org_id_tenant_id(
|
||||
&state, &role_id, &org_id, tenant_id,
|
||||
)
|
||||
.await
|
||||
.change_context(UserErrors::InternalServerError)
|
||||
.change_context(OpenSearchError::UnknownError)
|
||||
.map(|role_info| (role_id, role_info))
|
||||
}
|
||||
})
|
||||
.collect::<FuturesUnordered<_>>()
|
||||
|
||||
Reference in New Issue
Block a user