-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor(analytics): Create new permissions for Generate Report APIs #5178
base: main
Are you sure you want to change the base?
Conversation
crates/router/src/analytics.rs
Outdated
@@ -592,7 +592,7 @@ pub mod routes { | |||
.await | |||
.map(ApplicationResponse::Json) | |||
}, | |||
&auth::JWTAuth(Permission::Analytics), | |||
&auth::JWTAuth(Permission::RefundRead), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
will users with RefundWrite
get RefundRead
permission too?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
User Roles are made up of groups, and those groups consists of a set of permissions.
So if there is a group names OperationsWrite
, then in that group, we put all the read and write permissions for operations like payments, refunds, etc..
So, users will never have only RefundWrite
permission, if they have it, they will also have RefundRead
as well. As both of them will be in the same group.
…erate-report-internal
Type of Change
Description
Currently, internal users are unable to access payment generate report as it requires
PaymentWrite
.And other reports are having
Analytics
permission, but in the Front-end, the option is in Operations tab.Because Generate reports option is present in both Analytics and Operations, there will be a new permission, which will be available for both Operations and Analytics groups.
Additional Changes
Motivation and Context
Closes #5177.
How did you test it?
When this API is hit by a internal user, this API should send email with report.
Checklist
cargo +nightly fmt --all
cargo clippy