Skip to content

Commit

Permalink
resolved comments
Browse files Browse the repository at this point in the history
  • Loading branch information
tsdk02 committed Jun 25, 2024
1 parent e02abe3 commit b5e7678
Show file tree
Hide file tree
Showing 5 changed files with 36 additions and 45 deletions.
2 changes: 1 addition & 1 deletion crates/analytics/src/opensearch.rs
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ impl ErrorSwitch<ApiErrorResponse> for OpenSearchError {
))
}
Self::UnknownError => {
ApiErrorResponse::InternalServerError(ApiError::new("IR", 4, "Unknown error", None))
ApiErrorResponse::InternalServerError(ApiError::new("IR", 6, "Unknown error", None))
}
}
}
Expand Down
2 changes: 2 additions & 0 deletions crates/api_models/src/analytics/search.rs
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,9 @@ pub struct GetSearchResponse {

#[derive(Debug, serde::Deserialize)]
pub struct OpenMsearchOutput {
#[serde(default)]
pub responses: Vec<OpensearchOutput>,
pub error: Option<OpensearchErrorDetails>,
}

#[derive(Debug, serde::Deserialize)]
Expand Down
55 changes: 11 additions & 44 deletions crates/router/src/analytics.rs
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ pub mod routes {
use error_stack::ResultExt;

use crate::{
consts::opensearch::OPENSEARCH_INDEX_PERMISSIONS,
core::{api_locking, errors::user::UserErrors},
db::user::UserInterface,
routes::AppState,
Expand Down Expand Up @@ -661,28 +662,11 @@ pub mod routes {
.change_context(UserErrors::InternalServerError)
.change_context(OpenSearchError::UnknownError)?;
let permissions = role_info.get_permissions_set();
let accessible_indexes: Vec<_> = vec![
(
SearchIndex::PaymentAttempts,
vec![Permission::PaymentRead, Permission::PaymentWrite],
),
(
SearchIndex::PaymentIntents,
vec![Permission::PaymentRead, Permission::PaymentWrite],
),
(
SearchIndex::Refunds,
vec![Permission::RefundRead, Permission::RefundWrite],
),
(
SearchIndex::Disputes,
vec![Permission::DisputeRead, Permission::DisputeWrite],
),
]
.into_iter()
.filter(|(_, perm)| perm.iter().any(|p| permissions.contains(p)))
.map(|i| i.0)
.collect();
let accessible_indexes: Vec<_> = OPENSEARCH_INDEX_PERMISSIONS
.iter()
.filter(|(_, perm)| perm.iter().any(|p| permissions.contains(p)))
.map(|(i, _)| *i)
.collect();

analytics::search::msearch_results(
&state.opensearch_client,
Expand Down Expand Up @@ -724,28 +708,11 @@ pub mod routes {
.change_context(UserErrors::InternalServerError)
.change_context(OpenSearchError::UnknownError)?;
let permissions = role_info.get_permissions_set();
let _ = vec![
(
SearchIndex::PaymentAttempts,
vec![Permission::PaymentRead, Permission::PaymentWrite],
),
(
SearchIndex::PaymentIntents,
vec![Permission::PaymentRead, Permission::PaymentWrite],
),
(
SearchIndex::Refunds,
vec![Permission::RefundRead, Permission::RefundWrite],
),
(
SearchIndex::Disputes,
vec![Permission::DisputeRead, Permission::DisputeWrite],
),
]
.into_iter()
.filter(|(ind, _)| *ind == index)
.find(|i| i.1.iter().any(|p| permissions.contains(p)))
.ok_or(OpenSearchError::IndexAccessNotPermittedError(index))?;
let _ = OPENSEARCH_INDEX_PERMISSIONS
.iter()
.filter(|(ind, _)| *ind == index)
.find(|i| i.1.iter().any(|p| permissions.contains(p)))
.ok_or(OpenSearchError::IndexAccessNotPermittedError(index))?;
analytics::search::search_results(&state.opensearch_client, req, &auth.merchant_id)
.await
.map(ApplicationResponse::Json)
Expand Down
1 change: 1 addition & 0 deletions crates/router/src/consts.rs
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
#[cfg(feature = "olap")]
pub mod user;
pub mod user_role;
pub mod opensearch;
pub use hyperswitch_interfaces::consts::{NO_ERROR_CODE, NO_ERROR_MESSAGE};
// ID generation
pub(crate) const ID_LENGTH: usize = 20;
Expand Down
21 changes: 21 additions & 0 deletions crates/router/src/consts/opensearch.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
use crate::services::authorization::permissions::Permission;
use api_models::analytics::search::SearchIndex;

pub const OPENSEARCH_INDEX_PERMISSIONS: &[(SearchIndex, &[Permission])] = &[
(
SearchIndex::PaymentAttempts,
&[Permission::PaymentRead, Permission::PaymentWrite],
),
(
SearchIndex::PaymentIntents,
&[Permission::PaymentRead, Permission::PaymentWrite],
),
(
SearchIndex::Refunds,
&[Permission::RefundRead, Permission::RefundWrite],
),
(
SearchIndex::Disputes,
&[Permission::DisputeRead, Permission::DisputeWrite],
),
];

0 comments on commit b5e7678

Please sign in to comment.