Enforce that user must have ACL groups access of the Record for purge, create and update operations. (!37) · Merge requests · OSDU Software / OSDU Data Platform / System / Storage

Johnny Guo requested to merge enforce-record-owner-access into master Jul 14, 2020

• What is the change? This change is to make sure that if a user wants to purge/update/create a record, the user must have access to record ACL groups, which means be a member of any ACL group of the record.

• What does it impact? If a user does not belong to any ACL group of the record, he/she cannot update/create/purge it after the PR is merged.

• How do I reproduce or test the change? Here I add and update unit tests and integration tests, you can also manually test the deployment.

Admin message

Enforce that user must have ACL groups access of the Record for purge, create and update operations.

Merge request reports