Skip to content

Commit

Permalink
fix: org members should be allowed to get org details
Browse files Browse the repository at this point in the history
Signed-off-by: Kush Sharma <[email protected]>
  • Loading branch information
kushsharma committed Sep 21, 2023
1 parent 5e00304 commit 0ea437b
Show file tree
Hide file tree
Showing 4 changed files with 5 additions and 5 deletions.
2 changes: 1 addition & 1 deletion core/serviceuser/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,7 @@ func (s Service) Delete(ctx context.Context, id string) error {
// delete all of serviceuser relationships
// before deleting the serviceuser
if err := s.relService.Delete(ctx, relation.Relation{
Object: relation.Object{
Subject: relation.Subject{
ID: id,
Namespace: schema.ServiceUserPrincipal,
},
Expand Down
4 changes: 2 additions & 2 deletions core/user/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -109,9 +109,9 @@ func (s Service) Disable(ctx context.Context, id string) error {
}

func (s Service) Delete(ctx context.Context, id string) error {
if err := s.relationService.Delete(ctx, relation.Relation{Object: relation.Object{
if err := s.relationService.Delete(ctx, relation.Relation{Subject: relation.Subject{
ID: id,
Namespace: schema.ProjectNamespace,
Namespace: schema.UserPrincipal,
}}); err != nil {
return err
}
Expand Down
2 changes: 1 addition & 1 deletion internal/bootstrap/schema/base_schema.zed
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ definition app/organization {

permission delete = platform->superuser + granted->app_organization_administer + granted->app_organization_delete + owner
permission update = platform->superuser + granted->app_organization_administer + granted->app_organization_update + owner
permission get = platform->superuser + granted->app_organization_administer + granted->app_organization_get + owner
permission get = platform->superuser + granted->app_organization_administer + granted->app_organization_get + owner + member
permission rolemanage = platform->superuser + granted->app_organization_administer + granted->app_organization_rolemanage + owner
permission policymanage = platform->superuser + granted->app_organization_administer + granted->app_organization_policymanage + owner
permission projectlist = platform->superuser + granted->app_organization_administer + granted->app_organization_projectlist + owner
Expand Down
2 changes: 1 addition & 1 deletion internal/bootstrap/testdata/compiled_schema.zed
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ definition app/organization {
permission compute_receipt_get = owner + platform->superuser + granted->app_organization_administer + granted->compute_receipt_get
permission compute_receipt_update = owner + platform->superuser + granted->app_organization_administer + granted->compute_receipt_update
permission delete = platform->superuser + granted->app_organization_administer + granted->app_organization_delete + owner
permission get = platform->superuser + granted->app_organization_administer + granted->app_organization_get + owner
permission get = platform->superuser + granted->app_organization_administer + granted->app_organization_get + owner + member
relation granted: app/rolebinding

// synthetic permissions - group
Expand Down

0 comments on commit 0ea437b

Please sign in to comment.