rust/hyperswitch
1
0
Fork 0
mirror of https://github.com/juspay/hyperswitch.git synced 2025-10-29 00:49:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

refactor(permissions): Remove permissions field from permission info API response (#6376)

Browse Source
This commit is contained in:
Mani Chandra
2024-10-22 15:20:43 +05:30
committed by GitHub
parent f247978345
commit e5710fa084
4 changed files with 3 additions and 148 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
crates/api_models/src/user_role.rs
View File

@ -4,42 +4,6 @@ use masking::Secret;
pub mod role;
#[derive(Debug, serde::Serialize)]
pub enum Permission {
PaymentRead,
PaymentWrite,
RefundRead,
RefundWrite,
ApiKeyRead,
ApiKeyWrite,
MerchantAccountRead,
MerchantAccountWrite,
MerchantConnectorAccountRead,
MerchantConnectorAccountWrite,
RoutingRead,
RoutingWrite,
DisputeRead,
DisputeWrite,
MandateRead,
MandateWrite,
CustomerRead,
CustomerWrite,
Analytics,
ThreeDsDecisionManagerWrite,
ThreeDsDecisionManagerRead,
SurchargeDecisionManagerWrite,
SurchargeDecisionManagerRead,
UsersRead,
UsersWrite,
MerchantAccountCreate,
WebhookEventRead,
PayoutWrite,
PayoutRead,
WebhookEventWrite,
GenerateReport,
ReconAdmin,
}
#[derive(Clone, Debug, serde::Serialize, PartialEq, Eq, Hash)]
pub enum ParentGroup {
Operations,
@ -69,7 +33,6 @@ pub enum AuthorizationInfo {
pub struct GroupInfo {
pub group: PermissionGroup,
pub description: &'static str,
pub permissions: Vec<PermissionInfo>,
}
#[derive(Debug, serde::Serialize, Clone)]
@ -79,12 +42,6 @@ pub struct ParentInfo {
pub groups: Vec<PermissionGroup>,
}
#[derive(Debug, serde::Serialize)]
pub struct PermissionInfo {
pub enum_name: Permission,
pub description: &'static str,
}
#[derive(Debug, serde::Deserialize, serde::Serialize)]
pub struct UpdateUserRoleRequest {
pub email: pii::Email,

21
crates/router/src/services/authorization/info.rs
View File

@ -1,9 +1,7 @@
use api_models::user_role::{GroupInfo, ParentGroup, PermissionInfo};
use api_models::user_role::{GroupInfo, ParentGroup};
use common_enums::PermissionGroup;
use strum::IntoEnumIterator;
use super::{permission_groups::get_permissions_vec, permissions::Permission};
// TODO: To be deprecated
pub fn get_group_authorization_info() -> Vec<GroupInfo> {
PermissionGroup::iter()
@ -11,25 +9,10 @@ pub fn get_group_authorization_info() -> Vec<GroupInfo> {
.collect()
}
// TODO: To be deprecated
pub fn get_permission_info_from_permissions(permissions: &[Permission]) -> Vec<PermissionInfo> {
permissions
.iter()
.map(|&per| PermissionInfo {
description: Permission::get_permission_description(&per),
enum_name: per.into(),
})
.collect()
}
// TODO: To be deprecated
fn get_group_info_from_permission_group(group: PermissionGroup) -> GroupInfo {
let description = get_group_description(group);
GroupInfo {
group,
description,
permissions: get_permission_info_from_permissions(get_permissions_vec(&group)),
}
GroupInfo { group, description }
}
// TODO: To be deprecated

45
crates/router/src/services/authorization/permissions.rs
View File

@ -37,48 +37,3 @@ pub enum Permission {
GenerateReport,
ReconAdmin,
}
impl Permission {
pub fn get_permission_description(&self) -> &'static str {
match self {
Self::PaymentRead => "View all payments",
Self::PaymentWrite => "Create payment, download payments data",
Self::RefundRead => "View all refunds",
Self::RefundWrite => "Create refund, download refunds data",
Self::ApiKeyRead => "View API keys",
Self::ApiKeyWrite => "Create and update API keys",
Self::MerchantAccountRead => "View merchant account details",
Self::MerchantAccountWrite => {
"Update merchant account details, configure webhooks, manage api keys"
}
Self::MerchantConnectorAccountRead => "View connectors configured",
Self::MerchantConnectorAccountWrite => {
"Create, update, verify and delete connector configurations"
}
Self::RoutingRead => "View routing configuration",
Self::RoutingWrite => "Create and activate routing configurations",
Self::DisputeRead => "View disputes",
Self::DisputeWrite => "Create and update disputes",
Self::MandateRead => "View mandates",
Self::MandateWrite => "Create and update mandates",
Self::CustomerRead => "View customers",
Self::CustomerWrite => "Create, update and delete customers",
Self::Analytics => "Access to analytics module",
Self::ThreeDsDecisionManagerWrite => "Create and update 3DS decision rules",
Self::ThreeDsDecisionManagerRead => {
"View all 3DS decision rules configured for a merchant"
}
Self::SurchargeDecisionManagerWrite => "Create and update the surcharge decision rules",
Self::SurchargeDecisionManagerRead => "View all the surcharge decision rules",
Self::UsersRead => "View all the users for a merchant",
Self::UsersWrite => "Invite users, assign and update roles",
Self::MerchantAccountCreate => "Create merchant account",
Self::WebhookEventRead => "View webhook events",
Self::WebhookEventWrite => "Trigger retries for webhook events",
Self::PayoutRead => "View all payouts",
Self::PayoutWrite => "Create payout, download payout data",
Self::GenerateReport => "Generate reports for payments, refunds and disputes",
Self::ReconAdmin => "View and manage reconciliation reports",
}
}
}

42
crates/router/src/utils/user_role.rs
View File

@ -1,6 +1,5 @@
use std::{cmp, collections::HashSet};
use api_models::user_role as user_role_api;
use common_enums::{EntityType, PermissionGroup};
use common_utils::id_type;
use diesel_models::{
@ -16,49 +15,10 @@ use crate::{
core::errors::{UserErrors, UserResult},
db::user_role::{ListUserRolesByOrgIdPayload, ListUserRolesByUserIdPayload},
routes::SessionState,
services::authorization::{self as authz, permissions::Permission, roles},
services::authorization::{self as authz, roles},
types::domain,
};
impl From<Permission> for user_role_api::Permission {
fn from(value: Permission) -> Self {
match value {
Permission::PaymentRead => Self::PaymentRead,
Permission::PaymentWrite => Self::PaymentWrite,
Permission::RefundRead => Self::RefundRead,
Permission::RefundWrite => Self::RefundWrite,
Permission::ApiKeyRead => Self::ApiKeyRead,
Permission::ApiKeyWrite => Self::ApiKeyWrite,
Permission::MerchantAccountRead => Self::MerchantAccountRead,
Permission::MerchantAccountWrite => Self::MerchantAccountWrite,
Permission::MerchantConnectorAccountRead => Self::MerchantConnectorAccountRead,
Permission::MerchantConnectorAccountWrite => Self::MerchantConnectorAccountWrite,
Permission::RoutingRead => Self::RoutingRead,
Permission::RoutingWrite => Self::RoutingWrite,
Permission::DisputeRead => Self::DisputeRead,
Permission::DisputeWrite => Self::DisputeWrite,
Permission::MandateRead => Self::MandateRead,
Permission::MandateWrite => Self::MandateWrite,
Permission::CustomerRead => Self::CustomerRead,
Permission::CustomerWrite => Self::CustomerWrite,
Permission::Analytics => Self::Analytics,
Permission::ThreeDsDecisionManagerWrite => Self::ThreeDsDecisionManagerWrite,
Permission::ThreeDsDecisionManagerRead => Self::ThreeDsDecisionManagerRead,
Permission::SurchargeDecisionManagerWrite => Self::SurchargeDecisionManagerWrite,
Permission::SurchargeDecisionManagerRead => Self::SurchargeDecisionManagerRead,
Permission::UsersRead => Self::UsersRead,
Permission::UsersWrite => Self::UsersWrite,
Permission::MerchantAccountCreate => Self::MerchantAccountCreate,
Permission::WebhookEventRead => Self::WebhookEventRead,
Permission::WebhookEventWrite => Self::WebhookEventWrite,
Permission::PayoutRead => Self::PayoutRead,
Permission::PayoutWrite => Self::PayoutWrite,
Permission::GenerateReport => Self::GenerateReport,
Permission::ReconAdmin => Self::ReconAdmin,
}
}
}
pub fn validate_role_groups(groups: &[PermissionGroup]) -> UserResult<()> {
if groups.is_empty() {
return Err(report!(UserErrors::InvalidRoleOperation))