Partition API routes are missing standard OSDU Roles
Routes in the partition service use a custom authorization filter that does not use Roles, but rather hardcodes a specific account type 'DomainAdminServiceAccount'.
pre-auth block in API methods:
@PreAuthorize("@authorizationFilter.hasPermissions()")
Authorization filter has the following function:
public boolean hasPermissions() {
return authorizationService.isDomainAdminServiceAccount();
}
Should the partition service use standard roles rather than user types to be compliant with other services?
Other services use the following:
@PreAuthorize("@authorizationFilter.hasRole('" + DeliveryRole.VIEWER + "')")