diff --git a/internal/bootstrap/schema/schema.go b/internal/bootstrap/schema/schema.go index d343b5379..b9ec5c65f 100644 --- a/internal/bootstrap/schema/schema.go +++ b/internal/bootstrap/schema/schema.go @@ -121,6 +121,7 @@ func MergeServiceDefinitions(definitions ...ServiceDefinition) *ServiceDefinitio // RoleDefinition are a set of permissions which can be assigned to a user or group type RoleDefinition struct { + Title string `yaml:"title"` Name string `yaml:"name"` Description string `yaml:"description"` Permissions []string `yaml:"permissions"` @@ -254,13 +255,15 @@ func IsValidPermissionName(name string) bool { var PredefinedRoles = []RoleDefinition{ // org { - Name: "app_organization_owner", + Title: "Organization Owner", + Name: "app_organization_owner", Permissions: []string{ "app_organization_administer", }, }, { - Name: "app_organization_manager", + Title: "Organization Manager", + Name: "app_organization_manager", Permissions: []string{ "app_organization_update", "app_organization_get", @@ -272,49 +275,59 @@ var PredefinedRoles = []RoleDefinition{ }, }, { - Name: "app_organization_invitationmanager", + Title: "Organization Access Manager", + Name: "app_organization_accessmanager", Permissions: []string{ "app_organization_invitationcreate", "app_organization_invitationlist", + "app_organization_rolemanage", + "app_organization_policymanage", }, }, { - Name: "app_organization_viewer", + Title: "Organization Viewer", + Name: "app_organization_viewer", Permissions: []string{ "app_organization_get", }, }, // project { - Name: RoleProjectOwner, + Title: "Project Owner", + Name: RoleProjectOwner, Permissions: []string{ "app_project_administer", }, }, { - Name: "app_project_manager", + Title: "Project Manager", + Name: "app_project_manager", Permissions: []string{ "app_project_update", "app_project_get", + "app_project_resourcelist", "app_organization_projectcreate", "app_organization_projectlist", }, }, { - Name: "app_project_viewer", + Title: "Project Viewer", + Name: "app_project_viewer", Permissions: []string{ "app_project_get", }, }, // group { - Name: GroupOwnerRole, + Title: "Group Owner", + Name: GroupOwnerRole, Permissions: []string{ "app_group_administer", }, }, { - Name: GroupMemberRole, + Title: "Group Member", + Name: GroupMemberRole, Permissions: []string{ "app_group_get", }, diff --git a/internal/bootstrap/service.go b/internal/bootstrap/service.go index 3b23c4277..f1e620bd3 100644 --- a/internal/bootstrap/service.go +++ b/internal/bootstrap/service.go @@ -202,6 +202,7 @@ func (s Service) MigrateRoles(ctx context.Context) error { func (s Service) createRole(ctx context.Context, orgID string, defRole schema.RoleDefinition) error { _, err := s.roleService.Upsert(ctx, role.Role{ + Title: defRole.Title, Name: defRole.Name, OrgID: orgID, Permissions: defRole.Permissions, diff --git a/internal/store/postgres/role_repository.go b/internal/store/postgres/role_repository.go index bb58b04bf..bd8310740 100644 --- a/internal/store/postgres/role_repository.go +++ b/internal/store/postgres/role_repository.go @@ -38,6 +38,8 @@ func (r RoleRepository) buildListQuery(dialect goqu.DialectWrapper) *goqu.Select goqu.I("r.permissions"), goqu.I("r.state"), goqu.I("r.metadata"), + goqu.I("r.created_at"), + goqu.I("r.updated_at"), ).From(goqu.T(TABLE_ROLES).As("r")) return roleSelectStatement } diff --git a/internal/store/postgres/role_repository_test.go b/internal/store/postgres/role_repository_test.go index 763fe837e..6852dcc79 100644 --- a/internal/store/postgres/role_repository_test.go +++ b/internal/store/postgres/role_repository_test.go @@ -383,7 +383,9 @@ func (s *RoleRepositoryTestSuite) TestGetByName() { } if tc.ErrString == "" { s.Assert().NoError(err) - s.Assert().Equal(tc.ExpectedRole, got) + s.Assert().Equal(tc.ExpectedRole.ID, got.ID) + s.Assert().Equal(tc.ExpectedRole.Name, got.Name) + s.Assert().Equal(tc.ExpectedRole.Permissions, got.Permissions) } }) } diff --git a/internal/store/postgres/user_repository.go b/internal/store/postgres/user_repository.go index 8752dab54..d063c7c5c 100644 --- a/internal/store/postgres/user_repository.go +++ b/internal/store/postgres/user_repository.go @@ -358,9 +358,6 @@ func (r UserRepository) UpdateByID(ctx context.Context, usr user.User) (user.Use if usr.ID == "" || !utils.IsValidUUID(usr.ID) { return user.User{}, user.ErrInvalidID } - if strings.TrimSpace(usr.Email) == "" || strings.TrimSpace(usr.Name) == "" { - return user.User{}, user.ErrInvalidDetails - } marshaledMetadata, err := json.Marshal(usr.Metadata) if err != nil {