Squashed 'spiffworkflow-backend/' changes from 797c99a76..e013fc5da

e013fc5da Merge branch 'main' of github.com:sartography/spiffworkflow-backend 55632c5dd updated demo permissions yaml w/ burnettk bc03ea3aa Merge pull request #150 from sartography/dependabot/pip/pyjwt-2.6.0 fff14d210 Merge pull request #149 from sartography/dependabot/github_actions/actions/download-artifact-3.0.1 51fa78649 Bump pyjwt from 2.5.0 to 2.6.0 3383309c7 Bump actions/download-artifact from 3.0.0 to 3.0.1 git-subtree-dir: spiffworkflow-backend git-subtree-split: e013fc5da8710389e6d6c7dd9283042a04008ffe
2025-01-11 18:54:25 +00:00 · 2022-10-21 17:28:37 -04:00 · 2022-10-21 17:28:37 -04:00 · d643de93e5
commit d643de93e5
parent 2b702661f3
4 changed files with 31 additions and 15 deletions
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@ -217,7 +217,7 @@ jobs:
          nox --version

      - name: Download coverage data
-        uses: actions/download-artifact@v3.0.0
+        uses: actions/download-artifact@v3.0.1
        with:
          name: coverage-data

--- a/poetry.lock
+++ b/poetry.lock
@ -1293,16 +1293,16 @@ python-versions = ">=3.6"
 plugins = ["importlib-metadata"]

 [[package]]
-name = "PyJWT"
-version = "2.5.0"
+name = "pyjwt"
+version = "2.6.0"
 description = "JSON Web Token implementation in Python"
 category = "main"
 optional = false
 python-versions = ">=3.7"

 [package.extras]
-crypto = ["cryptography (>=3.3.1)", "types-cryptography (>=3.3.21)"]
-dev = ["coverage[toml] (==5.0.4)", "cryptography (>=3.3.1)", "pre-commit", "pytest (>=6.0.0,<7.0.0)", "sphinx (>=4.5.0,<5.0.0)", "sphinx-rtd-theme", "types-cryptography (>=3.3.21)", "zope.interface"]
+crypto = ["cryptography (>=3.4.0)"]
+dev = ["coverage[toml] (==5.0.4)", "cryptography (>=3.4.0)", "pre-commit", "pytest (>=6.0.0,<7.0.0)", "sphinx (>=4.5.0,<5.0.0)", "sphinx-rtd-theme", "zope.interface"]
 docs = ["sphinx (>=4.5.0,<5.0.0)", "sphinx-rtd-theme", "zope.interface"]
 tests = ["coverage[toml] (==5.0.4)", "pytest (>=6.0.0,<7.0.0)"]

@ -2248,7 +2248,7 @@ testing = ["flake8 (<5)", "func-timeout", "jaraco.functools", "jaraco.itertools"
 [metadata]
 lock-version = "1.1"
 python-versions = ">=3.9,<3.11"
-content-hash = "5c08dfcad4346a47966aec0ca7198d6d85eddd3d3673e059f367d6c4845738c5"
+content-hash = "524b9ac3945a16190fcd322c42a835b868105c9d9e7894ac5e507c48854d3ee1"

 [metadata.files]
 alabaster = [
@ -3070,9 +3070,9 @@ Pygments = [
    {file = "Pygments-2.13.0-py3-none-any.whl", hash = "sha256:f643f331ab57ba3c9d89212ee4a2dabc6e94f117cf4eefde99a0574720d14c42"},
    {file = "Pygments-2.13.0.tar.gz", hash = "sha256:56a8508ae95f98e2b9bdf93a6be5ae3f7d8af858b43e02c5a2ff083726be40c1"},
 ]
-PyJWT = [
-    {file = "PyJWT-2.5.0-py3-none-any.whl", hash = "sha256:8d82e7087868e94dd8d7d418e5088ce64f7daab4b36db654cbaedb46f9d1ca80"},
-    {file = "PyJWT-2.5.0.tar.gz", hash = "sha256:e77ab89480905d86998442ac5788f35333fa85f65047a534adc38edf3c88fc3b"},
+pyjwt = [
+    {file = "PyJWT-2.6.0-py3-none-any.whl", hash = "sha256:d83c3d892a77bbb74d3e1a2cfa90afaadb60945205d1095d9221f04466f64c14"},
+    {file = "PyJWT-2.6.0.tar.gz", hash = "sha256:69285c7e31fc44f68a1feb309e948e0df53259d579295e6cfe2b1792329f05fd"},
 ]
 pyparsing = [
    {file = "pyparsing-3.0.9-py3-none-any.whl", hash = "sha256:5026bae9a10eeaefb61dab2f09052b9f4307d44aee4eda64b309723d8d206bbc"},
--- a/pyproject.toml
+++ b/pyproject.toml
@ -45,7 +45,7 @@ connexion = {extras = [ "swagger-ui",], version = "^2"}
 lxml = "^4.9.1"
 marshmallow-enum = "^1.5.1"
 marshmallow-sqlalchemy = "^0.28.0"
-PyJWT = "^2.4.0"
+PyJWT = "^2.6.0"
 gunicorn = "^20.1.0"
 python-keycloak = "^2.5.0"
 APScheduler = "^3.9.1"
--- a/src/spiffworkflow_backend/config/permissions/demo.yml
+++ b/src/spiffworkflow_backend/config/permissions/demo.yml
@ -3,29 +3,45 @@ default_group: everybody
 groups:
  admin:
    users:
-      [jakub, kb, alex, dan, mike, jason, amir, jarrad, elizabeth, jon, natalia]
+      [jakub, kb, alex, dan, mike, jason, amir, jarrad, elizabeth, jon, natalia, harmeet, sasha, manuchehr]

-  finance:
-    users: [harmeet, sasha]
+  Finance Team:
+    users: [jakub, alex, dan, mike, jason, amir, jarrad, elizabeth, jon, natalia, harmeet, sasha, manuchehr]
+
+  Team Lead:
+    users: [jakub, alex, dan, mike, jason, jarrad, elizabeth, jon, natalia, harmeet, sasha, manuchehr]

  hr:
    users: [manuchehr]

 permissions:
+  tasks-crud:
+    groups: [everybody]
+    users: []
+    allowed_permissions: [create, read, update, delete]
+    uri: /v1.0/tasks/*
+
  admin:
    groups: [admin]
    users: []
    allowed_permissions: [create, read, update, delete, list, instantiate]
    uri: /*

+  # TODO: all uris should really have the same structure
+  finance-admin-group:
+    groups: ["Finance Team"]
+    users: []
+    allowed_permissions: [create, read, update, delete]
+    uri: /v1.0/process-groups/finance/*
+
  finance-admin:
-    groups: [finance]
+    groups: ["Finance Team"]
    users: []
    allowed_permissions: [create, read, update, delete]
    uri: /v1.0/process-groups/finance/*

  read-all:
-    groups: [finance, hr, admin]
+    groups: ["Finance Team", "Team Lead", hr, admin]
    users: []
    allowed_permissions: [read]
    uri: /*