Skip to content

[Ticket] Update Method Mapping in Security #195

Closed
Task
#220
#203
Closed
[Ticket] Update Method Mapping in Security#195
Task
#220
#203
Assignees
Martin187187
@Martin187187

Description

@Martin187187
Martin187187
opened on Mar 3, 2026

User Story

As a BaSyx user/developer,
I want update PUT method ,
so that it maps to UPDATE and CREATE RIGHTS,

Examples:

change
{"PUT", "/shell-descriptors/{aasIdentifier}/submodel-descriptors/{submodelIdentifier}", []grammar.RightsEnum{grammar.RightsEnumUPDATE}}
to
{"PUT", "/shell-descriptors/{aasIdentifier}/submodel-descriptors/{submodelIdentifier}", []grammar.RightsEnum{grammar.RightsEnumUPDATE, grammar.RightsEnumCREATE}}

If access rule has only UPDATE and user uses this rule and a PUT endpoint, then he is only allowed to update existing data not create new. Same logic if rule only has CREATE rights then he is only allowed to create new data even with the put endpoint. Right enums inside the list has to be handeld with an OR.

Entry Points

Acceptance Criteria

  • All existing test have to pass
  • all put method mappings are adjusted
  • extra logic to check if data is already there or not to make the correct decisions for UPDATE and CREATE
  • write new integration tests that tests the enhanced logic
  • Enum Rights are ORed logically.

Risks and Assumptions

  • Risks: it is possible that his change introduces failing testcases. Fix testcases to this new logic
  • Assumptions: Worklow of the gates has to be changed. if METHOD is allowed can not be decided in the security layer alone anymore....

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

Task

Projects

BaSyx Backlog

Status

BaSyx Go

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions