mirror of
https://github.com/OpenBankProject/OBP-API.git
synced 2026-02-06 15:27:01 +00:00
refactor/remove hasOwnerViewAccess replace with specific view permissions -- tweaked the customViews
This commit is contained in:
hongwei
parent
6cbdb45049
commit
0d4d00d0c6
@ -760,6 +760,7 @@ class Boot extends MdcLoggable {
|
||||
val accountant = Views.views.vend.getOrCreateSystemView(SYSTEM_ACCOUNTANT_VIEW_ID).isDefined
|
||||
val standard = Views.views.vend.getOrCreateSystemView(SYSTEM_STANDARD_VIEW_ID).isDefined
|
||||
val stageOne = Views.views.vend.getOrCreateSystemView(SYSTEM_STAGE_ONE_VIEW_ID).isDefined
|
||||
val enableCustomViews = Views.views.vend.getOrCreateSystemView(SYSTEM_ENABLE_CUSTOM_VIEWS_VIEW_ID).isDefined
|
||||
// Only create Firehose view if they are enabled at instance.
|
||||
val accountFirehose = if (ApiPropsWithAlias.allowAccountFirehose)
|
||||
Views.views.vend.getOrCreateSystemView(SYSTEM_FIREHOSE_VIEW_ID).isDefined
|
||||
@ -773,6 +774,7 @@ class Boot extends MdcLoggable {
|
||||
|System view ${SYSTEM_FIREHOSE_VIEW_ID} exists/created at the instance: ${accountFirehose}
|
||||
|System view ${SYSTEM_STANDARD_VIEW_ID} exists/created at the instance: ${standard}
|
||||
|System view ${SYSTEM_STAGE_ONE_VIEW_ID} exists/created at the instance: ${stageOne}
|
||||
|System view ${SYSTEM_ENABLE_CUSTOM_VIEWS_VIEW_ID} exists/created at the instance: ${enableCustomViews}
|
||||
|""".stripMargin
|
||||
logger.info(comment)
|
||||
|
||||
|
||||
@ -29,6 +29,7 @@ object Constant extends MdcLoggable {
|
||||
final val SYSTEM_FIREHOSE_VIEW_ID = "firehose"
|
||||
final val SYSTEM_STANDARD_VIEW_ID = "standard"
|
||||
final val SYSTEM_STAGE_ONE_VIEW_ID = "StageOne"
|
||||
final val SYSTEM_ENABLE_CUSTOM_VIEWS_VIEW_ID = "EnableCustomViews"
|
||||
final val SYSTEM_READ_ACCOUNTS_BASIC_VIEW_ID = "ReadAccountsBasic"
|
||||
final val SYSTEM_READ_ACCOUNTS_DETAIL_VIEW_ID = "ReadAccountsDetail"
|
||||
final val SYSTEM_READ_BALANCES_VIEW_ID = "ReadBalances"
|
||||
|
||||
@ -24,9 +24,9 @@ object MigrationOfViewDefinitionPermissions {
|
||||
.canSeeTransactionRequests_(true)
|
||||
.canSeeAvailableViewsForBankAccount_(true)
|
||||
.canUpdateBankAccountLabel_(true)
|
||||
.canCreateCustomView_(true)
|
||||
.canDeleteCustomView_(true)
|
||||
.canUpdateCustomView_(true)
|
||||
.canCreateCustomView_(false)
|
||||
.canDeleteCustomView_(false)
|
||||
.canUpdateCustomView_(false)
|
||||
.canSeeViewsWithPermissionsForOneUser_(true)
|
||||
.canSeeViewsWithPermissionsForAllUsers_(true)
|
||||
.canGrantAccessToCustomViews_(true)
|
||||
@ -47,9 +47,9 @@ object MigrationOfViewDefinitionPermissions {
|
||||
.canSeeTransactionRequests_(true)
|
||||
.canSeeAvailableViewsForBankAccount_(true)
|
||||
.canUpdateBankAccountLabel_(true)
|
||||
.canCreateCustomView_(true)
|
||||
.canDeleteCustomView_(true)
|
||||
.canUpdateCustomView_(true)
|
||||
.canCreateCustomView_(false)
|
||||
.canDeleteCustomView_(false)
|
||||
.canUpdateCustomView_(false)
|
||||
.canSeeViewsWithPermissionsForOneUser_(true)
|
||||
.canSeeViewsWithPermissionsForAllUsers_(true)
|
||||
.canGrantAccessToCustomViews_(true)
|
||||
|
||||
@ -683,10 +683,10 @@ trait APIMethods121 {
|
||||
hide_metadata_if_alias_used = updateJsonV121.hide_metadata_if_alias_used,
|
||||
allowed_actions = updateJsonV121.allowed_actions
|
||||
)
|
||||
anyViewContainsCancanUpdateCustomViewPermission = Views.views.vend.permission(BankIdAccountId(account.bankId, account.accountId), u)
|
||||
anyViewContainsCanUpdateCustomViewPermission = Views.views.vend.permission(BankIdAccountId(account.bankId, account.accountId), u)
|
||||
.map(_.views.map(_.canUpdateCustomView).find(_.==(true)).getOrElse(false)).getOrElse(false)
|
||||
_ <- booleanToBox(
|
||||
anyViewContainsCancanUpdateCustomViewPermission,
|
||||
anyViewContainsCanUpdateCustomViewPermission,
|
||||
s"${ErrorMessages.CreateCustomViewError} You need the `${ViewDefinition.canUpdateCustomView_.dbColumnName}` permission on any your views"
|
||||
)
|
||||
updatedView <- Views.views.vend.updateCustomView(BankIdAccountId(bankId, accountId),viewId, updateViewJson) ?~ CreateCustomViewError
|
||||
|
||||
@ -794,6 +794,9 @@ object MapperViews extends Views with MdcLoggable {
|
||||
.canSeeViewsWithPermissionsForAllUsers_(false)
|
||||
.canRevokeAccessToCustomViews_(false)
|
||||
.canGrantAccessToCustomViews_(false)
|
||||
.canCreateCustomView_(false)
|
||||
.canDeleteCustomView_(false)
|
||||
.canUpdateCustomView_(false)
|
||||
|
||||
viewId match {
|
||||
case SYSTEM_OWNER_VIEW_ID | SYSTEM_STANDARD_VIEW_ID =>
|
||||
@ -802,9 +805,6 @@ object MapperViews extends Views with MdcLoggable {
|
||||
.canSeeTransactionRequests_(true)
|
||||
.canSeeTransactionRequestTypes_(true)
|
||||
.canUpdateBankAccountLabel_(true)
|
||||
.canCreateCustomView_(true)
|
||||
.canDeleteCustomView_(true)
|
||||
.canUpdateCustomView_(true)
|
||||
.canSeeViewsWithPermissionsForOneUser_(true)
|
||||
.canSeeViewsWithPermissionsForAllUsers_(true)
|
||||
.canRevokeAccessToCustomViews_(true)
|
||||
@ -815,6 +815,11 @@ object MapperViews extends Views with MdcLoggable {
|
||||
entity
|
||||
.canSeeTransactionDescription_(false)
|
||||
.canAddTransactionRequestToAnyAccount_(false)
|
||||
case SYSTEM_ENABLE_CUSTOM_VIEWS_VIEW_ID =>
|
||||
entity
|
||||
.canCreateCustomView_(true)
|
||||
.canDeleteCustomView_(true)
|
||||
.canUpdateCustomView_(true)
|
||||
case SYSTEM_FIREHOSE_VIEW_ID =>
|
||||
entity
|
||||
.isFirehose_(true)
|
||||
|
||||
@ -428,6 +428,7 @@ trait View {
|
||||
|
||||
def canCreateStandingOrder: Boolean
|
||||
|
||||
//If any view set these to true, you can create/delete/update the custom view
|
||||
def canCreateCustomView: Boolean
|
||||
def canDeleteCustomView: Boolean
|
||||
def canUpdateCustomView: Boolean
|
||||
|
||||
Loading…
Reference in New Issue
Block a user