-
Notifications
You must be signed in to change notification settings - Fork 72
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add support for access packages in policy editor #13921
base: main
Are you sure you want to change the base?
Changes from 100 commits
674a216
e6bf5ed
7c78ca7
5637ef8
d79fa21
19f5013
451930f
48de24f
fbb1af5
1f021a1
3289c07
0c047df
f8e3056
6dd588c
76dcd78
017ecd6
aaba8eb
f3aebd4
68e7d39
c54461c
cc1e5ef
7d05441
04b98d9
3dc3e72
b8ed9d1
b654d88
f3e91a3
7c841d7
94410a4
36e7bdf
b33411c
261de72
03b1852
04cad4e
4345d1d
015d9d7
471e8de
e46058f
5f06c17
888efe8
c947ac9
a1d783f
cc1047f
0e51e0c
def690f
76e6827
46a8958
55f5cac
115d843
e7ee6d8
d466a7b
ccabe4e
7ce6bf3
537844f
4601a44
99838b4
28867e0
d63d36d
b4932e5
0007f70
e35d810
5aaa3d1
cde8d18
b2cca3a
fcf6a09
eb66b8d
782440f
c312f89
b0d84f4
de5af30
a58366b
9f8cc29
b0347f6
826ee9b
57ae4f8
7c73a82
54a18ac
356fbfc
da034b2
655f0f2
e7c7a6c
9b26240
ffef795
721671d
840d05b
a7fa4c1
4d79a76
2c83a56
2b63af7
bd612e1
03cb645
f7bf3ee
335fe2a
3b84378
03a9b49
6c3d4a5
90c258a
67a78f8
87ba20a
efbdf77
91ba34b
658dddf
29c248f
61de4d2
b145e3e
b81b791
1b27725
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
#nullable enable | ||
|
||
namespace PolicyAdmin.Models | ||
{ | ||
public class AccessPackageArea | ||
{ | ||
public required string Id { get; set; } | ||
|
||
public required string Urn { get; set; } | ||
|
||
public required string Name { get; set; } | ||
|
||
public string? Description { get; set; } | ||
|
||
public string? Icon { get; set; } | ||
|
||
public string? AreaGroup { get; set; } | ||
|
||
public IEnumerable<AccessPackageOption> Packages { get; set; } = []; | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
namespace PolicyAdmin.Models | ||
{ | ||
public class AccessPackageAreaGroup | ||
{ | ||
public required string Id { get; set; } | ||
|
||
public required string Urn { get; set; } | ||
|
||
public required string Name { get; set; } | ||
|
||
public string? Description { get; set; } | ||
|
||
public string? Type { get; set; } | ||
|
||
public IEnumerable<AccessPackageArea> Areas { get; set; } = []; | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
namespace PolicyAdmin.Models | ||
{ | ||
public class AccessPackageOption | ||
{ | ||
public required string Id { get; set; } | ||
|
||
public required string Urn { get; set; } | ||
|
||
public required string Name { get; set; } | ||
|
||
public string? Description { get; set; } | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -427,6 +427,52 @@ | |
return sectors; | ||
} | ||
|
||
[HttpGet] | ||
[Route("designer/api/accesspackageservices/{accesspackage}/{env}")] | ||
public async Task<ActionResult<List<AccessPackageService>>> GetServicesForAccessPackage(string org, string accesspackage, string env) | ||
{ | ||
// POST to get all resources per access package | ||
List<SubjectResources> subjectResources = await _resourceRegistry.GetSubjectResources([accesspackage], env); | ||
|
||
// GET full list of resources (with apps) in environment | ||
string cacheKey = $"resourcelist_with_apps${env}"; | ||
if (!_memoryCache.TryGetValue(cacheKey, out List<ServiceResource> environmentResources)) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Just so you know, we have IDistributedCache registered with Redis cache under the hood, in case that better fits your needs. |
||
{ | ||
environmentResources = await _resourceRegistry.GetResourceList(env, false, true); | ||
|
||
MemoryCacheEntryOptions cacheEntryOptions = new MemoryCacheEntryOptions() | ||
.SetPriority(CacheItemPriority.High) | ||
.SetAbsoluteExpiration(new TimeSpan(0, _cacheSettings.DataNorgeApiCacheTimeout, 0)); | ||
_memoryCache.Set(cacheKey, environmentResources, cacheEntryOptions); | ||
} | ||
|
||
List<AttributeMatchV2> resources = subjectResources.Find(x => x.Subject.Urn == accesspackage)?.Resources; | ||
|
||
OrgList orgList = await GetOrgList(); | ||
List<AccessPackageService> result = []; | ||
|
||
// return resources for all subjectResources | ||
resources?.ForEach(resourceMatch => | ||
{ | ||
ServiceResource fullResource = environmentResources.Find(x => x.Identifier == resourceMatch.Value); | ||
|
||
if (fullResource != null) | ||
{ | ||
orgList.Orgs.TryGetValue(fullResource.HasCompetentAuthority.Orgcode.ToLower(), out Org organization); | ||
|
||
|
||
result.Add(new AccessPackageService() | ||
{ | ||
Identifier = resourceMatch.Value, | ||
Title = fullResource?.Title, | ||
HasCompetentAuthority = fullResource.HasCompetentAuthority, | ||
LogoUrl = organization.Logo | ||
}); | ||
} | ||
}); | ||
|
||
return result; | ||
} | ||
|
||
[HttpGet] | ||
[Route("designer/api/{org}/resources/altinn2linkservices/{env}")] | ||
public async Task<ActionResult<List<AvailableService>>> GetAltinn2LinkServices(string org, string env) | ||
|
@@ -610,7 +656,7 @@ | |
return orgList; | ||
} | ||
|
||
private static bool IsServiceOwner(ServiceResource? resource, string loggedInOrg) | ||
Check warning on line 659 in backend/src/Designer/Controllers/ResourceAdminController.cs GitHub Actions / Run integration tests against actual gitea and db
Check warning on line 659 in backend/src/Designer/Controllers/ResourceAdminController.cs GitHub Actions / Run dotnet build and test (ubuntu-latest)
Check warning on line 659 in backend/src/Designer/Controllers/ResourceAdminController.cs GitHub Actions / Analyze
Check warning on line 659 in backend/src/Designer/Controllers/ResourceAdminController.cs GitHub Actions / Run dotnet build and test (macos-latest)
Check warning on line 659 in backend/src/Designer/Controllers/ResourceAdminController.cs GitHub Actions / Run dotnet build and test (windows-latest)
|
||
{ | ||
if (resource?.HasCompetentAuthority == null) | ||
{ | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
using System.Collections.Generic; | ||
|
||
namespace Altinn.Studio.Designer.Models | ||
{ | ||
public class AccessPackageService | ||
{ | ||
public string Identifier { get; set; } | ||
|
||
public Dictionary<string, string> Title { get; set; } | ||
|
||
public CompetentAuthority HasCompetentAuthority { get; set; } | ||
|
||
public string LogoUrl { get; set; } | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
using System.ComponentModel.DataAnnotations; | ||
|
||
namespace Altinn.Studio.Designer.Models | ||
{ | ||
/// <summary> | ||
/// This model describes a pair of AttributeId and AttributeValue for use in matching in XACML policies, for instance a resource, a user, a party or an action. | ||
/// </summary> | ||
public class AttributeMatchV2 | ||
{ | ||
/// <summary> | ||
/// Gets or sets the attribute id for the match | ||
/// </summary> | ||
[Required] | ||
public required string Type { get; set; } | ||
|
||
/// <summary> | ||
/// Gets or sets the attribute value for the match | ||
/// </summary> | ||
[Required] | ||
public required string Value { get; set; } | ||
|
||
/// <summary> | ||
/// The urn for the attribute | ||
/// </summary> | ||
[Required] | ||
public required string Urn { get; set; } | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
using System.Collections.Generic; | ||
|
||
namespace Altinn.Studio.Designer.Models.Dto | ||
{ | ||
public class SubjectResourcesDto | ||
{ | ||
public List<SubjectResources> Data { get; set; } | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
#nullable enable | ||
using System.Collections.Generic; | ||
|
||
namespace Altinn.Studio.Designer.Models | ||
{ | ||
/// <summary> | ||
/// Defines resources that a given subject have access to | ||
/// </summary> | ||
public class SubjectResources | ||
{ | ||
/// <summary> | ||
/// The subject | ||
/// </summary> | ||
public required AttributeMatchV2 Subject { get; set; } | ||
|
||
/// <summary> | ||
/// List of resources that the given subject has access to | ||
/// </summary> | ||
public required List<AttributeMatchV2> Resources { get; set; } | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need to do something about language support now when creating new APIS. The model does not support multiple languages, that is fine if API support multiple langauges (only returns the selected langauge) How has Altinn studio in other areas built language support. I know it is not turned on, but I thought they have support in code.