fix(front): use proper permission names

Author: skipi

front/lib/front/auth.ex

@@ -278,6 +278,12 @@ defmodule Front.Auth do
       :ManageDeploymentTargets ->
         "project.deployment_targets.manage"
 
+      :ViewServiceAccounts ->
+        "organization.service_accounts.view"
+
+      :ManageServiceAccounts ->
+        "organization.service_accounts.manage"
+
       _ ->
         Logger.error(
           "operation with name id #{inspect(operation)}, which is not supported in mapper"
@@ -313,8 +319,8 @@ defmodule Front.Auth do
       "project.secrets.manage" -> :ManageProjectSecrets
       "project.deployment_targets.view" -> :ViewDeploymentTargets
       "project.deployment_targets.manage" -> :ManageDeploymentTargets
-      "service_accounts.view" -> :ViewServiceAccounts
-      "service_accounts.manage" -> :ManageServiceAccounts
+      "organization.service_accounts.view" -> :ViewServiceAccounts
+      "organization.service_accounts.manage" -> :ManageServiceAccounts
       _ -> :unknown
     end
   end

front/lib/front_web/controllers/service_account_controller.ex

@@ -6,11 +6,11 @@ defmodule FrontWeb.ServiceAccountController do
   alias FrontWeb.Plugs
 
   plug(Plugs.FetchPermissions, scope: "org")
-  plug(Plugs.PageAccess, permissions: "service_accounts.view")
+  plug(Plugs.PageAccess, permissions: "organization.service_accounts.view")
 
   plug(
     Plugs.PageAccess,
-    [permissions: "service_accounts.manage"]
+    [permissions: "organization.service_accounts.manage"]
     when action in [:create, :update, :delete, :regenerate_token]
   )
 

front/test/support/stubs/permission_patrol.ex

@@ -1,7 +1,7 @@
 defmodule Support.Stubs.PermissionPatrol do
   alias Support.Stubs.DB
 
-  @all_organization_permissions "organization.custom_roles.view,organization.custom_roles.manage,organization.okta.view,organization.okta.manage,organization.contact_support,organization.delete,organization.view,organization.secrets_policy_settings.manage,organization.secrets_policy_settings.view,organization.activity_monitor.view,organization.projects.create,organization.audit_logs.view,organization.audit_logs.manage,organization.people.view,organization.people.invite,organization.people.manage,organization.groups.view,organization.groups.manage,organization.custom_roles.manage,organization.self_hosted_agents.view,organization.self_hosted_agents.manage,organization.general_settings.view,organization.general_settings.manage,organization.secrets.view,organization.secrets.manage,organization.ip_allow_list.view,organization.ip_allow_list.manage,organization.notifications.view,organization.notifications.manage,organization.pre_flight_checks.view,organization.pre_flight_checks.manage,organization.plans_and_billing.view,organization.plans_and_billing.manage,organization.repo_to_role_mappers.manage,organization.dashboards.view,organization.dashboards.manage,organization.instance_git_integration.manage,service_accounts.view,service_accounts.manage"
+  @all_organization_permissions "organization.custom_roles.view,organization.custom_roles.manage,organization.okta.view,organization.okta.manage,organization.contact_support,organization.delete,organization.view,organization.secrets_policy_settings.manage,organization.secrets_policy_settings.view,organization.activity_monitor.view,organization.projects.create,organization.audit_logs.view,organization.audit_logs.manage,organization.people.view,organization.people.invite,organization.people.manage,organization.groups.view,organization.groups.manage,organization.custom_roles.manage,organization.self_hosted_agents.view,organization.self_hosted_agents.manage,organization.general_settings.view,organization.general_settings.manage,organization.secrets.view,organization.secrets.manage,organization.ip_allow_list.view,organization.ip_allow_list.manage,organization.notifications.view,organization.notifications.manage,organization.pre_flight_checks.view,organization.pre_flight_checks.manage,organization.plans_and_billing.view,organization.plans_and_billing.manage,organization.repo_to_role_mappers.manage,organization.dashboards.view,organization.dashboards.manage,organization.instance_git_integration.manage,organization.service_accounts.view,organization.service_accounts.manage"
   @all_project_permissions "project.view,project.delete,project.access.view,project.access.manage,project.debug,project.secrets.view,project.secrets.manage,project.notifications.view,project.notifications.manage,project.insights.view,project.insights.manage,project.artifacts.view,project.artifacts.delete,project.artifacts.view_settings,project.artifacts.modify_settings,project.scheduler.view,project.scheduler.manage,project.scheduler.run_manually,project.general_settings.view,project.general_settings.manage,project.repository_info.view,project.repository_info.manage,project.deployment_targets.view,project.deployment_targets.manage,project.pre_flight_checks.view,project.pre_flight_checks.manage,project.workflow.view,project.workflow.manage,project.job.view,project.job.rerun,project.job.stop,project.job.port_forwarding,project.job.attach"
 
   def init do

front/test/support/stubs/rbac.ex

@@ -47,8 +47,8 @@ defmodule Support.Stubs.RBAC do
     "organization.repo_to_role_mappers.manage",
     "organization.dashboards.view",
     "organization.dashboards.manage",
-    "service_accounts.view",
-    "service_accounts.manage"
+    "organization.service_accounts.view",
+    "organization.service_accounts.manage"
   ]
 
   @project_permissions [