Skip to content

Commit

Permalink
fix(webapi): Require base service provider scope on search endpoint (#…
Browse files Browse the repository at this point in the history 
…1476)

<!--- Provide a general summary of your changes in the Title above -->

## Description

<!--- Describe your changes in detail -->

## Related Issue(s)

- #1475 

## Verification

- [x] **Your** code builds clean without any errors or warnings
- [x] Manual testing done (required)
- [ ] Relevant automated test added (if you find this hard, leave it and
we'll help out)

## Documentation

- [ ] Documentation is updated (either in `docs`-directory, Altinnpedia
or a separate linked PR in
[altinn-studio-docs.](https://github.com/Altinn/altinn-studio-docs), if
applicable)


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

- **New Features**
- Enhanced authorization logic for the `ServiceProviderSearch` policy,
improving specificity and security.
- **Bug Fixes**
- Refined error handling during initialization to ensure valid settings
are used.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
  • Loading branch information
@oskogstad
oskogstad authored Nov 19, 2024
1 parent d21256d commit 8c41f3d
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion src/Digdir.Domain.Dialogporten.GraphQL/Common/Authorization/AuthorizationOptionsSetup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ public void Configure(AuthorizationOptions options)
.RequireScope(AuthorizationScope.ServiceProvider));

options.AddPolicy(AuthorizationPolicy.ServiceProviderSearch, builder => builder
.Combine(options.DefaultPolicy)
.Combine(options.GetPolicy(AuthorizationPolicy.ServiceProvider)!)
.RequireScope(AuthorizationScope.ServiceProviderSearch));

options.AddPolicy(AuthorizationPolicy.Testing, builder => builder
Expand Down
2 changes: 1 addition & 1 deletion src/Digdir.Domain.Dialogporten.WebApi/Common/Authorization/AuthorizationOptionsSetup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ public void Configure(AuthorizationOptions options)
.RequireScope(AuthorizationScope.ServiceProvider));

options.AddPolicy(AuthorizationPolicy.ServiceProviderSearch, builder => builder
.Combine(options.DefaultPolicy)
.Combine(options.GetPolicy(AuthorizationPolicy.ServiceProvider)!)
.RequireScope(AuthorizationScope.ServiceProviderSearch));

options.AddPolicy(AuthorizationPolicy.Testing, builder => builder
Expand Down

0 comments on commit 8c41f3d

Please sign in to comment.