synced/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2025-03-25 14:05:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: updated api description and changed slug to privilege slug

Browse Source
This commit is contained in:
Akhil Mohan
2024-03-29 23:51:26 +05:30
parent 00f2d40803
commit af2dcdd0c7
6 changed files with 48 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
backend/src/ee/routes/v1/identity-project-additional-privilege-router.ts
View File

@ -102,7 +102,7 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
schema: {
body: z.object({
// disallow empty string
slug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.UPDATE.slug),
privilegeSlug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.UPDATE.slug),
identityId: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.UPDATE.identityId),
projectSlug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.UPDATE.projectSlug),
data: z
@ -146,17 +146,19 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
},
onRequest: verifyAuth([AuthMode.JWT, AuthMode.IDENTITY_ACCESS_TOKEN]),
handler: async (req) => {
const { isPackedPermission, ...data } = req.body.data;
const { isPackedPermission, ...updatedInfo } = req.body.data;
const privilege = await server.services.identityProjectAdditionalPrivilege.updateBySlug({
actorId: req.permission.id,
actor: req.permission.type,
actorOrgId: req.permission.orgId,
actorAuthMethod: req.permission.authMethod,
...req.body,
slug: req.body.privilegeSlug,
identityId: req.body.identityId,
projectSlug: req.body.projectSlug,
data: {
...data,
permissions: data?.permissions
? JSON.stringify(isPackedPermission ? data?.permissions : packRules(data.permissions))
...updatedInfo,
permissions: updatedInfo?.permissions
? JSON.stringify(isPackedPermission ? updatedInfo?.permissions : packRules(updatedInfo.permissions))
: undefined
}
});
@ -169,7 +171,7 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
method: "DELETE",
schema: {
body: z.object({
slug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.DELETE.slug),
privilegeSlug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.DELETE.slug),
identityId: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.DELETE.identityId),
projectSlug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.DELETE.projectSlug)
}),
@ -186,18 +188,20 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
actor: req.permission.type,
actorAuthMethod: req.permission.authMethod,
actorOrgId: req.permission.orgId,
...req.body
slug: req.body.privilegeSlug,
identityId: req.body.identityId,
projectSlug: req.body.projectSlug
});
return { privilege };
}
});
server.route({
url: "/:slug",
url: "/:privilegeSlug",
method: "GET",
schema: {
params: z.object({
slug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.GET_BY_SLUG.slug)
privilegeSlug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.GET_BY_SLUG.slug)
}),
querystring: z.object({
identityId: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.GET_BY_SLUG.identityId),
@ -216,7 +220,7 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
actorAuthMethod: req.permission.authMethod,
actor: req.permission.type,
actorOrgId: req.permission.orgId,
slug: req.params.slug,
slug: req.params.privilegeSlug,
...req.query
});
return { privilege };

32
backend/src/lib/api-docs/constants.ts
View File

@ -400,7 +400,7 @@ export const SECRET_TAGS = {
export const IDENTITY_ADDITIONAL_PRIVILEGE = {
CREATE: {
projectSlug: "The slug of the project of the dynamic secret in.",
projectSlug: "The slug of the project of the identity in.",
identityId: "The ID of the identity to delete.",
slug: "The slug of the privilege to create.",
permissions:
@ -412,12 +412,16 @@ export const IDENTITY_ADDITIONAL_PRIVILEGE = {
temporaryAccessStartTime: "ISO time for which temporary access should begin."
},
UPDATE: {
projectSlug: "The slug of the project of the dynamic secret in.",
identityId: "The ID of the identity to delete.",
slug: "The slug of the privilege to create.",
newSlug: "The new slug of the privilege to create.",
permissions:
"The permission object for the privilege. Refer https://casl.js.org/v6/en/guide/define-rules#the-shape-of-raw-rule to understand the shape",
projectSlug: "The slug of the project of the identity in.",
identityId: "The ID of the identity to update.",
slug: "The slug of the privilege to update.",
newSlug: "The new slug of the privilege to update.",
permissions: `The permission object for the privilege.
Example unpacked permission shape
1. [["read", "secrets", {environment: "dev", secretPath: {$glob: "/"}}]]
2. [["read", "secrets", {environment: "dev"}], ["create", "secrets", {environment: "dev"}]]
2. [["read", "secrets", {environment: "dev"}]]
`,
isPackPermission: "Whether the server should pack(compact) the permission object.",
isTemporary: "Whether the privilege is temporary.",
temporaryMode: "Type of temporary access given. Types: relative",
@ -425,18 +429,18 @@ export const IDENTITY_ADDITIONAL_PRIVILEGE = {
temporaryAccessStartTime: "ISO time for which temporary access should begin."
},
DELETE: {
projectSlug: "The slug of the project of the dynamic secret in.",
projectSlug: "The slug of the project of the identity in.",
identityId: "The ID of the identity to delete.",
slug: "The slug of the privilege to create."
slug: "The slug of the privilege to delete."
},
GET_BY_SLUG: {
projectSlug: "The slug of the project of the dynamic secret in.",
identityId: "The ID of the identity to delete.",
slug: "The slug of the privilege to create."
projectSlug: "The slug of the project of the identity in.",
identityId: "The ID of the identity to list.",
slug: "The slug of the privilege."
},
LIST: {
projectSlug: "The slug of the project of the dynamic secret in.",
identityId: "The ID of the identity to delete.",
projectSlug: "The slug of the project of the identity in.",
identityId: "The ID of the identity to list.",
unpacked: "Whether the system should send the permissions as unpacked"
}
};

8
frontend/src/hooks/api/identityProjectAdditionalPrivilege/mutation.tsx
View File

@ -35,9 +35,9 @@ export const useUpdateIdentityProjectAdditionalPrivilege = () => {
const queryClient = useQueryClient();
return useMutation<TIdentityProjectPrivilege, {}, TUpdateIdentityProjectPrivlegeDTO>({
mutationFn: async ({ slug, projectSlug, identityId, data }) => {
mutationFn: async ({ privilegeSlug, projectSlug, identityId, data }) => {
const { data: res } = await apiRequest.patch("/api/v1/additional-privilege/identity", {
slug,
privilegeSlug,
projectSlug,
identityId,
data: {
@ -60,12 +60,12 @@ export const useDeleteIdentityProjectAdditionalPrivilege = () => {
const queryClient = useQueryClient();
return useMutation<TIdentityProjectPrivilege, {}, TDeleteIdentityProjectPrivilegeDTO>({
mutationFn: async ({ identityId, projectSlug, slug }) => {
mutationFn: async ({ identityId, projectSlug, privilegeSlug }) => {
const { data } = await apiRequest.delete("/api/v1/additional-privilege/identity", {
data: {
identityId,
projectSlug,
slug
privilegeSlug
}
});
return data.privilege;

12
frontend/src/hooks/api/identityProjectAdditionalPrivilege/queries.tsx
View File

@ -11,13 +11,13 @@ import {
} from "./types";
export const identitiyProjectPrivilegeKeys = {
details: ({ identityId, slug, projectSlug }: TGetIdentityProjectPrivilegeDetails) =>
details: ({ identityId, privilegeSlug, projectSlug }: TGetIdentityProjectPrivilegeDetails) =>
[
"identity-user-privilege",
{
identityId,
projectSlug,
slug
privilegeSlug
}
] as const,
list: ({ projectSlug, identityId }: TListIdentityProjectPrivileges) =>
@ -27,17 +27,17 @@ export const identitiyProjectPrivilegeKeys = {
export const useGetIdentityProjectPrivilegeDetails = ({
projectSlug,
identityId,
slug
privilegeSlug
}: TGetIdentityProjectPrivilegeDetails) => {
return useQuery({
enabled: Boolean(projectSlug && identityId && slug),
queryKey: identitiyProjectPrivilegeKeys.details({ projectSlug, slug, identityId }),
enabled: Boolean(projectSlug && identityId && privilegeSlug),
queryKey: identitiyProjectPrivilegeKeys.details({ projectSlug, privilegeSlug, identityId }),
queryFn: async () => {
const {
data: { privilege }
} = await apiRequest.get<{
privilege: Omit<TIdentityProjectPrivilege, "permissions"> & { permissions: unknown };
}>(`/api/v1/additional-privilege/identity/${slug}`, {
}>(`/api/v1/additional-privilege/identity/${privilegeSlug}`, {
params: {
identityId,
projectSlug

6
frontend/src/hooks/api/identityProjectAdditionalPrivilege/types.tsx
View File

@ -42,14 +42,14 @@ export type TCreateIdentityProjectPrivilegeDTO = {
export type TUpdateIdentityProjectPrivlegeDTO = {
projectSlug: string;
identityId: string;
slug: string;
privilegeSlug: string;
data: Partial<Omit<TCreateIdentityProjectPrivilegeDTO, "projectMembershipId" | "projectId">>;
};
export type TDeleteIdentityProjectPrivilegeDTO = {
projectSlug: string;
identityId: string;
slug: string;
privilegeSlug: string;
};
export type TListIdentityUserPrivileges = {
@ -60,5 +60,5 @@ export type TListIdentityUserPrivileges = {
export type TGetIdentityProejctPrivilegeDetails = {
projectSlug: string;
identityId: string;
slug: string;
privilegeSlug: string;
};

4
frontend/src/views/Project/MembersPage/components/IdentityTab/components/IdentityRoleForm/SpecificPrivilegeSection.tsx
View File

@ -144,7 +144,7 @@ const SpecificPrivilegeSecretForm = ({
conditions
}))
},
slug: privilege.slug,
privilegeSlug: privilege.slug,
identityId,
projectSlug
});
@ -165,7 +165,7 @@ const SpecificPrivilegeSecretForm = ({
try {
await deleteIdentityPrivilege.mutateAsync({
identityId,
slug: privilege.slug,
privilegeSlug: privilege.slug,
projectSlug
});
createNotification({