Skip to content

Commit 48b53f7

Browse files
Leopold-CramerLeopold-Cramer
committed
refactor(organization): Update OpenAPI examples and documentation
- Remove read-only attributes (id, ownerId) from request examples\n- Update examples with realistic data and consistent email domains\n- Add schema section comments for better code organization\n- Ensure all required attributes are present in examples\n- Make security roles and permissions more consistent\n- Add complete runner component permissions\n- Improve example descriptions for better clarity\n- Update organization names to reflect real-world usage\n- Standardize security role definitions across examples
1 parent 9558d55 commit 48b53f7

File tree

4 files changed

+212
-167
lines changed

4 files changed

+212
-167
lines changed

organization/src/main/kotlin/com/cosmotech/organization/service/OrganizationServiceImpl.kt

Lines changed: 41 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -86,13 +86,17 @@ class OrganizationServiceImpl(
8686
}
8787

8888
val organizationId = idGenerator.generate("organization")
89-
// val security =
89+
// val security =
9090
val createdOrganization =
9191
Organization(
9292
id = organizationId,
9393
name = organizationCreationRequest.name,
9494
ownerId = getCurrentAuthenticatedUserName(csmPlatformProperties),
95-
security = csmRbac.initSecurity(organizationCreationRequest.security.toGenericSecurity(organizationId)).toResourceSecurity())
95+
security =
96+
csmRbac
97+
.initSecurity(
98+
organizationCreationRequest.security.toGenericSecurity(organizationId))
99+
.toResourceSecurity())
96100

97101
return organizationRepository.save(createdOrganization)
98102
}
@@ -141,7 +145,9 @@ class OrganizationServiceImpl(
141145
organizationRole: OrganizationRole
142146
): OrganizationSecurity {
143147
val organization = getVerifiedOrganization(organizationId, PERMISSION_WRITE_SECURITY)
144-
val rbacSecurity = csmRbac.setDefault(organization.security.toGenericSecurity(organizationId), organizationRole.role)
148+
val rbacSecurity =
149+
csmRbac.setDefault(
150+
organization.security.toGenericSecurity(organizationId), organizationRole.role)
145151
organization.security = rbacSecurity.toResourceSecurity()
146152
organizationRepository.save(organization)
147153
return organization.security
@@ -152,7 +158,9 @@ class OrganizationServiceImpl(
152158
identityId: String
153159
): OrganizationAccessControl {
154160
val organization = getVerifiedOrganization(organizationId, PERMISSION_READ_SECURITY)
155-
val rbacAccessControl = csmRbac.getAccessControl(organization.security.toGenericSecurity(organizationId), identityId)
161+
val rbacAccessControl =
162+
csmRbac.getAccessControl(
163+
organization.security.toGenericSecurity(organizationId), identityId)
156164
return OrganizationAccessControl(id = rbacAccessControl.id, role = rbacAccessControl.role)
157165
}
158166

@@ -169,11 +177,14 @@ class OrganizationServiceImpl(
169177

170178
val rbacSecurity =
171179
csmRbac.setUserRole(
172-
organization.security.toGenericSecurity(organizationId), organizationAccessControl.id, organizationAccessControl.role)
180+
organization.security.toGenericSecurity(organizationId),
181+
organizationAccessControl.id,
182+
organizationAccessControl.role)
173183
organization.security = rbacSecurity.toResourceSecurity()
174184
organizationRepository.save(organization)
175185
val rbacAccessControl =
176-
csmRbac.getAccessControl(organization.security.toGenericSecurity(organizationId), organizationAccessControl.id)
186+
csmRbac.getAccessControl(
187+
organization.security.toGenericSecurity(organizationId), organizationAccessControl.id)
177188
return OrganizationAccessControl(id = rbacAccessControl.id, role = rbacAccessControl.role)
178189
}
179190

@@ -188,16 +199,22 @@ class OrganizationServiceImpl(
188199
identityId,
189200
"User '$identityId' not found in organization $organizationId")
190201
val rbacSecurity =
191-
csmRbac.setUserRole(organization.security.toGenericSecurity(organizationId), identityId, organizationRole.role)
202+
csmRbac.setUserRole(
203+
organization.security.toGenericSecurity(organizationId),
204+
identityId,
205+
organizationRole.role)
192206
organization.security = rbacSecurity.toResourceSecurity()
193207
organizationRepository.save(organization)
194-
val rbacAccessControl = csmRbac.getAccessControl(organization.security.toGenericSecurity(organizationId), identityId)
208+
val rbacAccessControl =
209+
csmRbac.getAccessControl(
210+
organization.security.toGenericSecurity(organizationId), identityId)
195211
return OrganizationAccessControl(id = rbacAccessControl.id, role = rbacAccessControl.role)
196212
}
197213

198214
override fun deleteOrganizationAccessControl(organizationId: String, identityId: String) {
199215
val organization = getVerifiedOrganization(organizationId, PERMISSION_WRITE_SECURITY)
200-
val rbacSecurity = csmRbac.removeUser(organization.security.toGenericSecurity(organizationId), identityId)
216+
val rbacSecurity =
217+
csmRbac.removeUser(organization.security.toGenericSecurity(organizationId), identityId)
201218
organization.security = rbacSecurity.toResourceSecurity()
202219
organizationRepository.save(organization)
203220
}
@@ -223,12 +240,16 @@ class OrganizationServiceImpl(
223240
requiredPermissions: List<String>
224241
): Organization {
225242
val organization = getVerifiedOrganization(organizationId)
226-
requiredPermissions.forEach { csmRbac.verify(organization.security.toGenericSecurity(organizationId), it) }
243+
requiredPermissions.forEach {
244+
csmRbac.verify(organization.security.toGenericSecurity(organizationId), it)
245+
}
227246
return organization
228247
}
229248

230249
fun updateSecurityVisibility(organization: Organization): Organization {
231-
if (csmRbac.check(organization.security.toGenericSecurity(organization.id), PERMISSION_READ_SECURITY).not()) {
250+
if (csmRbac
251+
.check(organization.security.toGenericSecurity(organization.id), PERMISSION_READ_SECURITY)
252+
.not()) {
232253
val username = getCurrentAccountIdentifier(csmPlatformProperties)
233254
val retrievedAC = organization.security.accessControlList.firstOrNull { it.id == username }
234255
return if (retrievedAC != null) {
@@ -248,15 +269,14 @@ class OrganizationServiceImpl(
248269
}
249270
}
250271

251-
fun OrganizationSecurity?.toGenericSecurity(organizationId: String) = RbacSecurity(
252-
organizationId,
253-
this?.default ?: ROLE_NONE,
254-
this?.accessControlList?.map { RbacAccessControl(it.id, it.role) }?.toMutableList() ?: mutableListOf()
255-
)
272+
fun OrganizationSecurity?.toGenericSecurity(organizationId: String) =
273+
RbacSecurity(
274+
organizationId,
275+
this?.default ?: ROLE_NONE,
276+
this?.accessControlList?.map { RbacAccessControl(it.id, it.role) }?.toMutableList()
277+
?: mutableListOf())
256278

257279
fun RbacSecurity.toResourceSecurity() =
258-
OrganizationSecurity(
259-
this.default,
260-
this.accessControlList
261-
.map { OrganizationAccessControl(it.id, it.role) }
262-
.toMutableList())
280+
OrganizationSecurity(
281+
this.default,
282+
this.accessControlList.map { OrganizationAccessControl(it.id, it.role) }.toMutableList())

0 commit comments

Comments
 (0)