Skip to content

GitLab

Explore

Sign in
Register

Fix the access filter for privileged roles.

Review changes
Download
Patches
Plain diff

Rustam Lotsmanenko (EPAM) requested to merge fix-auth-filter into master Nov 14, 2023

Overview 2
Commits 2
Pipelines 7
Changes 1

Description:

Current behavior:

Endpoints that require service.dataset.viewers or editors roles do not allow requests from users with a higher role. Users with service.dataset.admin receive a 403 response code from endpoints like /retrievalInstructions or /storageInstructions.

Expected behavior:

Users with role service.dataset.admin or service.dataset.editors are able to request endpoints that are available for users with role service.dataset.viewers.

How to test:

Does functionality was tested and how?

Changes include:

Refactor (a non-breaking change that improves code maintainability).
Bugfix (a non-breaking change that solves an issue).
New feature (a non-breaking change that adds functionality).
Breaking change (a change that is not backward-compatible and/or changes current functionality).

Changes in:

Common code

Dev Checklist:

Added Unit Tests, wherever applicable.
Updated the Readme, if applicable.
Existing Tests pass
Verified functionality locally
Self Reviewed my code for formatting and complex business logic.

Edited Nov 14, 2023 by Rustam Lotsmanenko (EPAM)

Merge request reports

Assignee Loading

Reviewers Loading

Request review from

Loading

Time tracking Loading

Loading