sartography
/
spiff-arena
mirror of https://github.com/sartography/spiff-arena.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

added remaining path segment all perms to elevated options (#326) 

Co-authored-by: jasquat <jasquat@users.noreply.github.com>
This commit is contained in:
jasquat 2023-06-12 11:05:33 -04:00 committed by GitHub
parent 7ab4d40ff4
commit a14072c0b6
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py
View File

@ -532,11 +532,13 @@ class AuthorizationService:
permissions_to_assign.append(PermissionToAssign(permission="create", target_uri="/send-event/*")) permissions_to_assign.append(PermissionToAssign(permission="create", target_uri="/send-event/*"))
permissions_to_assign.append(PermissionToAssign(permission="create", target_uri="/task-complete/*")) permissions_to_assign.append(PermissionToAssign(permission="create", target_uri="/task-complete/*"))
# read comes from PG and PM permissions # read comes from PG and PM ALL permissions as well
permissions_to_assign.append(PermissionToAssign(permission="update", target_uri="/task-data/*")) permissions_to_assign.append(PermissionToAssign(permission="update", target_uri="/task-data/*"))
permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/task-data/*")) permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/event-error-details/*"))
permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/process-data/*")) permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/logs/*"))
permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/process-data-file-download/*")) permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/process-data-file-download/*"))
permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/process-data/*"))
permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/task-data/*"))
for permission in ["create", "read", "update", "delete"]: for permission in ["create", "read", "update", "delete"]:
permissions_to_assign.append(PermissionToAssign(permission=permission, target_uri="/process-instances/*")) permissions_to_assign.append(PermissionToAssign(permission=permission, target_uri="/process-instances/*"))

2
spiffworkflow-backend/tests/spiffworkflow_backend/unit/test_authorization_service.py
View File

@ -311,6 +311,8 @@ class TestAuthorizationService(BaseTest):
("/authentications", "read"), ("/authentications", "read"),
("/can-run-privileged-script/*", "create"), ("/can-run-privileged-script/*", "create"),
("/debug/*", "create"), ("/debug/*", "create"),
("/event-error-details/*", "read"),
("/logs/*", "read"),
("/messages", "read"), ("/messages", "read"),
("/messages/*", "create"), ("/messages/*", "create"),
("/process-data-file-download/*", "read"), ("/process-data-file-download/*", "read"),