diff --git a/src/api.authz.test.ts b/src/api.authz.test.ts index 6fab914a..5377db62 100644 --- a/src/api.authz.test.ts +++ b/src/api.authz.test.ts @@ -1139,4 +1139,10 @@ describe('API authz tests', () => { await agent.post('/alpha/teams/team1/agents').send(agentData).expect(401) }) }) + test('team member cannot access settings', async () => { + await agent.get('/v1/settings').set('Authorization', `Bearer ${teamMemberToken}`).expect(403) + }) + test('team admin cannot access settings', async () => { + await agent.get('/v1/settings').set('Authorization', `Bearer ${teamAdminToken}`).expect(403) + }) }) diff --git a/src/api/v1/dashboard.ts b/src/api/v1/dashboard.ts index cbbc54bf..d6db0d9d 100644 --- a/src/api/v1/dashboard.ts +++ b/src/api/v1/dashboard.ts @@ -9,8 +9,8 @@ const debug = Debug('otomi:api:v1:dashboard') * Get dashboard information */ export const getDashboard = (req: OpenApiRequestExt, res: Response): void => { - const { teamName } = req.query - debug(`getDashboard(${teamName})`) - const v = req.otomi.getDashboard(teamName as string) + const { teamId } = req.query + debug(`getDashboard(${teamId})`) + const v = req.otomi.getDashboard(teamId as string) res.json(v) } diff --git a/src/openapi/settings.yaml b/src/openapi/settings.yaml index f8df9d8b..dcfde81b 100644 --- a/src/openapi/settings.yaml +++ b/src/openapi/settings.yaml @@ -1,8 +1,6 @@ Settings: x-acl: platformAdmin: [read-any, update-any] - teamAdmin: [read] - teamMember: [read] additionalProperties: false properties: alerts: diff --git a/src/otomi-stack.ts b/src/otomi-stack.ts index ee93572a..464cc534 100644 --- a/src/otomi-stack.ts +++ b/src/otomi-stack.ts @@ -1278,13 +1278,13 @@ export default class OtomiStack { return internalRepoUrls } - getDashboard(teamName: string): Array { - const codeRepos = teamName ? this.getTeamAplCodeRepos(teamName) : this.getAllCodeRepos() - const builds = teamName ? this.getTeamAplBuilds(teamName) : this.getAllBuilds() - const workloads = teamName ? this.getTeamAplWorkloads(teamName) : this.getAllWorkloads() - const services = teamName ? this.getTeamAplServices(teamName) : this.getAllServices() - const secrets = teamName ? this.getAplSealedSecrets(teamName) : this.getAllAplSealedSecrets() - const netpols = teamName ? this.getTeamAplNetpols(teamName) : this.getAllNetpols() + getDashboard(teamId: string): Array { + const codeRepos = teamId ? this.getTeamAplCodeRepos(teamId) : this.getAllCodeRepos() + const builds = teamId ? this.getTeamAplBuilds(teamId) : this.getAllBuilds() + const workloads = teamId ? this.getTeamAplWorkloads(teamId) : this.getAllWorkloads() + const services = teamId ? this.getTeamAplServices(teamId) : this.getAllServices() + const secrets = teamId ? this.getAplSealedSecrets(teamId) : this.getAllAplSealedSecrets() + const netpols = teamId ? this.getTeamAplNetpols(teamId) : this.getAllNetpols() return [ { name: 'code-repositories', count: codeRepos?.length },