Skip to content

feat(users): custom role at profile read #6875

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 48 commits into from
Feb 5, 2025
Merged

feat(users): custom role at profile read #6875

merged 48 commits into from
Feb 5, 2025

Conversation

Riddhiagrawal001
Copy link
Contributor

@Riddhiagrawal001 Riddhiagrawal001 commented Dec 18, 2024
edited
Loading

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

This pr adds the functionality to read custom role at profile level

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Motivation and Context

Closes #6488

How did you test it?

  1. Create custom role at profile-level
    Request
curl --location 'http://localhost:9000/api/user/role' \
--header 'authorization: Bearer JWT' \
--data '{
    "role_scope": "merchant",
    "groups": [
        "operations_manage",
        "connectors_view"
    ],
    "role_name": "profile-level-custom-role",
    "entity_type":"profile"
}'

Response

{
    "error": {
        "type": "invalid_request",
        "message": "User Role Operation Not Supported",
        "code": "UR_23"
    }
}
  1. Older flows should work as before . Changes for create profile custom roles will be in consecutive pr
  2. Validate custom role
    If a role with the same name is created either below me or in my lineage , then i wouldn't be able to create the role with that same name
    Request
curl 'http://localhost:9000/api/user/role' \
  -H 'Accept: */*' \
  -H 'authorization: Bearer JWT' \
  --data-raw '{"role_scope":"merchant","groups":["operations_view","operations_manage"],"role_name":"m2-org"}'

Response

{
    "error": {
        "type": "invalid_request",
        "message": "Role name already exists",
        "code": "UR_35"
    }
}

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible

Riddhiagrawal001 and others added 24 commits November 28, 2024 15:44
@Riddhiagrawal001
chore: rename find_role_by_role_id_in_org_scopr
9c04ad6
@Riddhiagrawal001
refactor(users): refactor find_by_role_id_in_merchant_scope query for…
35b89e8 
… custom roles
@Riddhiagrawal001
fix: changes for list roles and list roles at entity-level
5cb5954
@Riddhiagrawal001
Merge branch 'main' into change-roles-query
16f6f59
@Riddhiagrawal001
Merge branch 'main' into change-roles-query
d18866e
@Riddhiagrawal001
fix: changes for backfilling user-roles
1137886
@Riddhiagrawal001
Merge branch 'change-roles-query' of https://github.com/juspay/hypers…
6606067 
…witch into change-roles-query
@Riddhiagrawal001
Merge branch 'main' into change-roles-query
aeec4bf
@Riddhiagrawal001
fix: addressed comments
1cd045f
@Riddhiagrawal001
Merge branch 'change-roles-query' of https://github.com/juspay/hypers…
af27d60 
…witch into change-roles-query
@Riddhiagrawal001
refactor: code refactoring
2b24810
@Riddhiagrawal001
Merge branch 'main' into change-roles-query
989b423
@Riddhiagrawal001
merge branch:synced with main
5a96d2e
@Riddhiagrawal001
Merge branch 'change-roles-query' of https://github.com/juspay/hypers…
8e38e66 
…witch into change-roles-query
@Riddhiagrawal001
fix: addressed comments
f70f3cf
@Riddhiagrawal001
Merge branch 'main' into change-roles-query
b3de586
@Riddhiagrawal001
Merge branch 'change-roles-query' into custom-role-at-profile-read
55b3ecf
@Riddhiagrawal001
Merge branch 'main' into change-roles-query
bc4a038
@Riddhiagrawal001
Merge branch 'main' of https://github.com/juspay/hyperswitch into cha…
f307fee 
…nge-roles-query
@Riddhiagrawal001
Merge branch 'change-roles-query' of https://github.com/juspay/hypers…
26ff9ac 
…witch into change-roles-query
@Riddhiagrawal001
Merge branch 'change-roles-query' into custom-role-at-profile-read
5a428b4
@Riddhiagrawal001
changes-for-profile-read
abeac9c
@Riddhiagrawal001
Merge branch 'main' of https://github.com/juspay/hyperswitch into cus…
22ee8f0 
…tom-role-at-profile-read
@Riddhiagrawal001
refactor: removed unused code
335b359
@Riddhiagrawal001 Riddhiagrawal001 requested review from a team as code owners December 18, 2024 07:41
@semanticdiff-com SemanticDiff.com
Copy link

semanticdiff-com bot commented Dec 18, 2024
edited
Loading

Review changes with  SemanticDiff

Changed Files
File Status
  crates/router/src/services/authorization/roles.rs  78% smaller
  crates/router/src/db/kafka_store.rs  36% smaller
  crates/router/src/core/user_role/role.rs  28% smaller
  crates/router/src/utils/user_role.rs  24% smaller
  crates/diesel_models/src/query/role.rs  9% smaller
  crates/router/src/db/role.rs  7% smaller
  crates/common_enums/src/enums.rs  6% smaller
  crates/api_models/src/user_role/role.rs  0% smaller
  crates/diesel_models/src/role.rs  0% smaller
  crates/diesel_models/src/schema.rs  0% smaller
  crates/diesel_models/src/schema_v2.rs  0% smaller
  crates/router/src/core/user.rs  0% smaller
  crates/router/src/core/user_role.rs  0% smaller
  migrations/2024-10-17-073555_add-profile-id-to-roles/down.sql Unsupported file format
  migrations/2024-10-17-073555_add-profile-id-to-roles/up.sql Unsupported file format
  migrations/2024-10-17-123943_add-profile-enum-in-role-scope/down.sql Unsupported file format
  migrations/2024-10-17-123943_add-profile-enum-in-role-scope/up.sql Unsupported file format
  migrations/2024-12-18-061400_change-roles-index/down.sql Unsupported file format
  migrations/2024-12-18-061400_change-roles-index/up.sql Unsupported file format

@hyperswitch-bot hyperswitch-bot bot added the M-database-changes Metadata: This PR involves database schema changes label Dec 18, 2024
racnan
racnan reviewed Jan 31, 2025
View reviewed changes
crates/diesel_models/src/query/role.rs Outdated
Comment on lines 175 to 176
.filter(dsl::tenant_id.eq(tenant_id))
.filter(dsl::org_id.eq(org_id))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

take these filter out of the match statement. dry!

crates/diesel_models/src/role.rs Outdated
Comment on lines 83 to 89
Profile(
id_type::OrganizationId,
id_type::MerchantId,
id_type::ProfileId,
),
Merchant(id_type::OrganizationId, id_type::MerchantId),
Organization(id_type::OrganizationId),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can organisation_id be passed as a function argument instead of inside the enum.

@ThisIsMani ThisIsMani added the S-waiting-on-review Status: This PR has been implemented and needs to be reviewed label Feb 3, 2025
ThisIsMani
ThisIsMani approved these changes Feb 3, 2025
View reviewed changes
crates/router/src/core/user_role/role.rs
}
let (org_id, merchant_id, profile_id) = match role_entity_type {
EntityType::Organization | EntityType::Tenant => {
(user_from_token.org_id, user_from_token.merchant_id, None)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should probably throw error here.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will take this up in the next PR

@Riddhiagrawal001 Riddhiagrawal001 removed the S-waiting-on-review Status: This PR has been implemented and needs to be reviewed label Feb 5, 2025
@Gnanasundari24 Gnanasundari24 added this pull request to the merge queue Feb 5, 2025
Merged via the queue into main with commit 899c207 Feb 5, 2025
17 of 20 checks passed
@Gnanasundari24 Gnanasundari24 deleted the custom-role-at-profile-read branch February 5, 2025 14:28
Narayanbhat166 pushed a commit that referenced this pull request Feb 6, 2025
@Riddhiagrawal001 @hyperswitch-bot
@Gnanasundari24 @Narayanbhat166
feat(users): custom role at profile read (#6875)
1a197e7 
Co-authored-by: hyperswitch-bot[bot] <148525504+hyperswitch-bot[bot]@users.noreply.github.com>
Co-authored-by: Gnanasundari24 <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sai-harsha-vardhan sai-harsha-vardhan sai-harsha-vardhan approved these changes

@apoorvdixit88 apoorvdixit88 apoorvdixit88 approved these changes

@racnan racnan racnan approved these changes

@ThisIsMani ThisIsMani ThisIsMani approved these changes

@su-shivanshmathur su-shivanshmathur su-shivanshmathur approved these changes

Assignees

@Riddhiagrawal001 Riddhiagrawal001

Labels
M-database-changes Metadata: This PR involves database schema changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat(users): Add profile level custom role
7 participants
@Riddhiagrawal001 @sai-harsha-vardhan @apoorvdixit88 @racnan @ThisIsMani @su-shivanshmathur @Gnanasundari24