added serviceId and pipelineId interceptors

gate-core/src/main/groovy/com/netflix/spinnaker/gate/services/OesAuthorizationService.groovy

@@ -10,6 +10,8 @@ import org.springframework.web.bind.annotation.PathVariable
 import org.springframework.web.bind.annotation.PutMapping
 import org.springframework.web.bind.annotation.RequestBody
 import org.springframework.web.bind.annotation.RequestHeader
+import org.springframework.web.bind.annotation.RequestParam
+
 import java.util.Collection
 
 
@@ -25,4 +27,8 @@ interface OesAuthorizationService {
   @GetMapping(value = "/platformservice/v6/users/{username}/features/{featureType}/{resourceId}/permission", produces = MediaType.APPLICATION_JSON_VALUE)
   ResponseEntity<PermissionModel> fetchPermissions(@PathVariable("username") String username, @PathVariable("featureType") String featureType, @PathVariable("resourceId") Integer resourceId, @RequestHeader(value = "x-spinnaker-user") String userName)
 
+  @GetMapping(value = "/platformservice/v6/users/{username}/feature",produces = MediaType.APPLICATION_JSON_VALUE)
+  ResponseEntity<Map<String, String>> isAuthorizedUser(@PathVariable("username") String username, @RequestParam("permission") String permission, @RequestParam("serviceId") Integer serviceId,
+                                                       @RequestParam("pipelineId") Integer pipelineId, @RequestParam("gateId") Integer gateId, @RequestHeader(value = "x-spinnaker-user") String userName)
+
 }

gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateWebConfig.groovy

@@ -27,6 +27,8 @@ import com.netflix.spinnaker.kork.web.interceptors.MetricsInterceptor
 import com.opsmx.spinnaker.gate.interceptors.ApplicationIdRbacInterceptor
 import com.opsmx.spinnaker.gate.interceptors.OesServiceInterceptor
 import com.opsmx.spinnaker.gate.interceptors.FeatureVisibilityRbacInterceptor
+import com.opsmx.spinnaker.gate.interceptors.PipelineIdRbacInterceptor
+import com.opsmx.spinnaker.gate.interceptors.ServiceIdRbacInterceptor
 import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.beans.factory.annotation.Value
@@ -69,6 +71,12 @@ public class GateWebConfig implements WebMvcConfigurer {
   @Autowired
   ApplicationIdRbacInterceptor applicationIdRbacInterceptor
 
+  @Autowired
+  ServiceIdRbacInterceptor serviceIdRbacInterceptor
+
+  @Autowired
+  PipelineIdRbacInterceptor pipelineIdRbacInterceptor
+
 
 
   @Override
@@ -89,6 +97,8 @@ public class GateWebConfig implements WebMvcConfigurer {
 
     registry.addInterceptor(featureVisibilityRbacInterceptor).addPathPatterns(ApplicationFeatureRbac.applicationFeatureRbacEndpoints).order(1)
     registry.addInterceptor(applicationIdRbacInterceptor).addPathPatterns(ApplicationFeatureRbac.endpointsWithApplicationId).order(2)
+    registry.addInterceptor(serviceIdRbacInterceptor).addPathPatterns(ApplicationFeatureRbac.endpointsWithServiceId).order(3)
+    registry.addInterceptor(pipelineIdRbacInterceptor).addPathPatterns(ApplicationFeatureRbac.endpointsWithPipelineId).order(4)
 
   }
 

gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApplicationIdRbacInterceptor.java

@@ -35,8 +35,9 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
       throws Exception {
     log.info(
         "Request intercepted for authorizing if the user is having enough access to perform the action");
-    applicationFeatureRbac.authorizeUser(
+    applicationFeatureRbac.authorizeUserForApplicationId(
         request.getUserPrincipal().getName(), request.getRequestURI(), request.getMethod());
+
     return true;
   }
 }

gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/FeatureVisibilityRbacInterceptor.java

@@ -34,7 +34,7 @@ public class FeatureVisibilityRbacInterceptor implements HandlerInterceptor {
   public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
       throws Exception {
     log.info("request intercepted to authorize if the user is having feature visibility");
-    applicationFeatureRbac.authorizeUser(request.getUserPrincipal().getName());
+    applicationFeatureRbac.authorizeUserForFeatureVisibility(request.getUserPrincipal().getName());
     return true;
   }
 }

gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/PipelineIdRbacInterceptor.java

@@ -0,0 +1,43 @@
+/*
+ * Copyright 2022 OpsMx, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.opsmx.spinnaker.gate.interceptors;
+
+import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+@Slf4j
+@Component
+public class PipelineIdRbacInterceptor implements HandlerInterceptor {
+
+  @Autowired private ApplicationFeatureRbac applicationFeatureRbac;
+
+  @Override
+  public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+      throws Exception {
+    log.info(
+        "Request intercepted for authorizing if the user is having enough access to perform the action");
+    applicationFeatureRbac.authorizeUserForPipelineId(
+        request.getUserPrincipal().getName(), request.getRequestURI(), request.getMethod());
+
+    return true;
+  }
+}

gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ServiceIdRbacInterceptor.java

@@ -0,0 +1,43 @@
+/*
+ * Copyright 2022 OpsMx, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.opsmx.spinnaker.gate.interceptors;
+
+import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+@Slf4j
+@Component
+public class ServiceIdRbacInterceptor implements HandlerInterceptor {
+
+  @Autowired private ApplicationFeatureRbac applicationFeatureRbac;
+
+  @Override
+  public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+      throws Exception {
+    log.info(
+        "Request intercepted for authorizing if the user is having enough access to perform the action");
+    applicationFeatureRbac.authorizeUserForServiceId(
+        request.getUserPrincipal().getName(), request.getRequestURI(), request.getMethod());
+
+    return true;
+  }
+}