Skip to content

Commit d08dd85

Browse files
MichaelMrakaMichaelMraka
committed
RHINENG-15783: remove permissions for deleted APIs
1 parent 4261be9 commit d08dd85

2 files changed

Lines changed: 8 additions & 12 deletions

File tree

manager/middlewares/rbac.go

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -29,10 +29,6 @@ const patchWritePerm = "patch:*:write"
2929

3030
// handlerName to permissions mapping
3131
var granularPerms = map[string]string{
32-
"CreateBaselineHandler": "patch:template:write",
33-
"BaselineUpdateHandler": "patch:template:write",
34-
"BaselineDeleteHandler": "patch:template:write",
35-
"BaselineSystemsRemoveHandler": "patch:template:write",
3632
"TemplateSystemsUpdateHandler": "content-sources:templates:write",
3733
"TemplateSystemsDeleteHandler": "content-sources:templates:write",
3834
"SystemDeleteHandler": "patch:system:write",

manager/middlewares/rbac_test.go

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -47,50 +47,50 @@ func TestRBACPut(t *testing.T) {
4747
}
4848

4949
func TestPermissionsSingleWrite(t *testing.T) {
50-
// handler needs `patch:template:write`
51-
handler := "CreateBaselineHandler"
50+
// handler needs `content-sources:templates:write`
51+
handler := "TemplateSystemsUpdateHandler"
5252
access := rbac.AccessPagination{
5353
Data: []rbac.Access{
54-
{Permission: "patch:*:*"},
54+
{Permission: "content-sources:*:*"},
5555
{Permission: "inventory:*:*"},
5656
},
5757
}
5858
assert.True(t, checkPermissions(&access, handler, "PUT"))
5959

6060
access = rbac.AccessPagination{
6161
Data: []rbac.Access{
62-
{Permission: "patch:*:write"},
62+
{Permission: "content-sources:*:write"},
6363
{Permission: "inventory:*:*"},
6464
},
6565
}
6666
assert.True(t, checkPermissions(&access, handler, "PUT"))
6767

6868
access = rbac.AccessPagination{
6969
Data: []rbac.Access{
70-
{Permission: "patch:template:write"},
70+
{Permission: "content-sources:templates:write"},
7171
{Permission: "inventory:*:*"},
7272
},
7373
}
7474
assert.True(t, checkPermissions(&access, handler, "PUT"))
7575

7676
access = rbac.AccessPagination{
7777
Data: []rbac.Access{
78-
{Permission: "patch:asdf:write"},
78+
{Permission: "content-sources:asdf:write"},
7979
},
8080
}
8181
assert.False(t, checkPermissions(&access, handler, "PUT"))
8282

8383
access = rbac.AccessPagination{
8484
Data: []rbac.Access{
85-
{Permission: "patch:asdf:read"},
85+
{Permission: "content-sources:asdf:read"},
8686
{Permission: "inventory:*:*"},
8787
},
8888
}
8989
assert.False(t, checkPermissions(&access, handler, "PUT"))
9090

9191
access = rbac.AccessPagination{
9292
Data: []rbac.Access{
93-
{Permission: "patch:*:read"},
93+
{Permission: "content-sources:*:read"},
9494
{Permission: "inventory:*:*"},
9595
},
9696
}

0 commit comments

Comments
 (0)