[SM-670] Add permission context to project lists. (#2822)

* Attach permission context to project lists. * restrict service-account actions * Fix project permission details * Add getters and setters * dotnet format * Fix admin create unassigned secret (#2872)
2025-06-30 15:42:48 -05:00 · 2023-04-26 13:09:25 -05:00
parent 9cbd0ac799
commit 20d3b4b4e8
30 changed files with 183 additions and 183 deletions
--- a/test/Api.Test/SecretsManager/Controllers/AccessPoliciesControllerTests.cs
+++ b/test/Api.Test/SecretsManager/Controllers/AccessPoliciesControllerTests.cs
@ -102,11 +102,13 @@ public class AccessPoliciesControllerTests
        {
            case PermissionType.RunAsAdmin:
                SetupAdmin(sutProvider, data.OrganizationId);
+                sutProvider.GetDependency<IProjectRepository>().AccessToProjectAsync(Arg.Any<Guid>(), Arg.Any<Guid>(), AccessClientType.NoAccessCheck)
+                    .Returns((true, true));
                break;
            case PermissionType.RunAsUserWithPermission:
                SetupUserWithPermission(sutProvider, data.OrganizationId);
-                sutProvider.GetDependency<IProjectRepository>().UserHasWriteAccessToProject(default, default)
-                    .ReturnsForAnyArgs(true);
+                sutProvider.GetDependency<IProjectRepository>().AccessToProjectAsync(Arg.Any<Guid>(), Arg.Any<Guid>(), AccessClientType.User)
+                    .Returns((true, true));
                break;
        }

@ -129,8 +131,8 @@ public class AccessPoliciesControllerTests
    {
        SetupUserWithoutPermission(sutProvider, data.OrganizationId);
        sutProvider.GetDependency<IProjectRepository>().GetByIdAsync(default).ReturnsForAnyArgs(data);
-        sutProvider.GetDependency<IProjectRepository>().UserHasWriteAccessToProject(default, default)
-            .ReturnsForAnyArgs(false);
+        sutProvider.GetDependency<IProjectRepository>().AccessToProjectAsync(default, default, default)
+            .Returns((false, false));

        await Assert.ThrowsAsync<NotFoundException>(() => sutProvider.Sut.GetProjectAccessPoliciesAsync(id));

@ -153,11 +155,13 @@ public class AccessPoliciesControllerTests
        {
            case PermissionType.RunAsAdmin:
                SetupAdmin(sutProvider, data.OrganizationId);
+                sutProvider.GetDependency<IProjectRepository>().AccessToProjectAsync(Arg.Any<Guid>(), Arg.Any<Guid>(), AccessClientType.NoAccessCheck)
+                    .Returns((true, true));
                break;
            case PermissionType.RunAsUserWithPermission:
                SetupUserWithPermission(sutProvider, data.OrganizationId);
-                sutProvider.GetDependency<IProjectRepository>().UserHasWriteAccessToProject(default, default)
-                    .ReturnsForAnyArgs(true);
+                sutProvider.GetDependency<IProjectRepository>().AccessToProjectAsync(Arg.Any<Guid>(), Arg.Any<Guid>(), AccessClientType.User)
+                    .Returns((true, true));
                break;
        }

@ -184,8 +188,8 @@ public class AccessPoliciesControllerTests
    {
        SetupUserWithoutPermission(sutProvider, data.OrganizationId);
        sutProvider.GetDependency<IProjectRepository>().GetByIdAsync(default).ReturnsForAnyArgs(data);
-        sutProvider.GetDependency<IProjectRepository>().UserHasWriteAccessToProject(default, default)
-            .ReturnsForAnyArgs(false);
+        sutProvider.GetDependency<IProjectRepository>().AccessToProjectAsync(default, default, default)
+            .Returns((false, false));

        sutProvider.GetDependency<IAccessPolicyRepository>().GetManyByGrantedProjectIdAsync(default, default)
            .ReturnsForAnyArgs(new List<BaseAccessPolicy> { resultAccessPolicy });