Update subproject authorization from seistore service groups to datagroups

This merge request updates the subproject creation logic to use datagroups instead of seistore service groups.

Previously three groups namely seistore service admin, seistore service editor and seistore service viewer groups would get created during subproject registration.

With the changes associated with this MR, subproject registration will create a admin datagroup with the name data.sdms.tenantid.subprojectid.uuid.admin and a viewer data group with name data.sdms.tenantid.subprojectid.uuid.viewer

Sample response for subproject registration would be

{
    "name": "subproject-test",
    "tenant": "k8s",
    "ltag": "slb-public-usa-seistore-1",
    "admin": "vmanohar@slb.com",
    "acls": {
        "admins": [
            "data.sdms.k8s.subroject-test.b25e81d5-cd25-4233-b12a-0e90efc80728.admin@slb.p4d.cloud.slb-ds.com"
        ],
        "viewers": [
            "data.sdms.k8s.subproject-test.86428bd0-c048-41c1-a479-d4831c398ac9.viewer@slb.p4d.cloud.slb-ds.com"
        ]
    },
    "storage_class": "REGIONAL",
    "storage_location": "US-CENTRAL1",
    "gcs_bucket": "ss-evd-afdmb2k0s2qvelqr"
}

Compatibility with existing subprojects with seistore serivce groups and with no datagroups

For subprojects that pre-exist, the GET subproject would return the service groups as is and there will be no breaking changes.

{
    "tenant": "k8s",
    "storage_class": "REGIONAL",
    "acls": {
        "admins": [
            "service.seistore.evd.k8s.oldsubproject.admin@slb.p4d.cloud.slb-ds.com"
        ],
        "viewers": [
            "service.seistore.evd.k8s.oldsubproject.viewer@slb.p4d.cloud.slb-ds.com",
        ]
    },
    "admin": "vmanohar@slb.com",
    "gcs_bucket": "ss-evd-it40dlb0vmfmhfcn",
    "name": "oldsubproject",
    "storage_location": "US-CENTRAL1",
    "ltag": "legal-tag"
}

User addition to subprojects created using the changes in the MR

For all new subprojects, admin user addition takes place in data.sdms.[tenant].[subproject].uuid.admin group and viewer user addition takes places in group data.sdms.[tenant].[subproject].[uuid].viewer. Here the groups have the prefix of datagroup data.sdms

User addition to subproject that pre-exists

There will be no breaking change. For subproject that do not have data groups in their acls, the previous functionality remains as is with no change. Admins are added to service.seistore.env.tenant.subproject.admin group and viewers are added to service.seistore.env.tenant.subproject.viewer group

List users in various subproject groups

The user list endpoint is updated to fetch the details of users in all of seistore service groups and datagroups.

marked this merge request as draft

added 1 commit

• 5508367a - Fix list users handler to return all the users in data and service groups

Compare with previous version

marked this merge request as ready

changed the description

approved this merge request

added 1 commit

• 9d94fcff - Fix user removal logic

Compare with previous version

added 1 commit

• d7486591 - Update seismic store to seismic dms

Compare with previous version

added 1 commit

• 2b9b70d5 - Remove unreachable code

Compare with previous version

resolved all threads

approved this merge request

added 1 commit

• 1e55dfe5 - Remove sre endpoint references

Compare with previous version

approved this merge request

approved this merge request

added 72 commits

• 1e55dfe5...f97744b8 - 71 commits from branch master
• 7f0bb86d - Merge branch 'master' into 'moveServiceToDataGroups'

Compare with previous version