Add app sharing API resource access control configs

dewniMW · Jan 3, 2024 · e6cc42a · e6cc42a
1 parent 0147079
commit e6cc42a
Show file tree

Hide file tree

Showing 4 changed files with 52 additions and 0 deletions.
diff --git a/...rg.wso2.carbon.identity.api.resource.mgt.server.feature/resources/system-api-resource.xml b/...rg.wso2.carbon.identity.api.resource.mgt.server.feature/resources/system-api-resource.xml
@@ -35,6 +35,15 @@
             <Scope displayName="Delete API Resource" name="internal_api_resource_delete"/>
         </Scopes>
     </APIResource>
+    <APIResource name="Shared Application Management API" identifier="/api/server/v1/applications/share"
+                 requiresAuthorization="true"
+                 description="API representation of the Shared Application Management API" type="TENANT_ADMIN">
+        <Scopes>
+            <Scope displayName="Create Shared Application" name="internal_shared_application_create"/>
+            <Scope displayName="View Shared Application" name="internal_shared_application_view"/>
+            <Scope displayName="Delete Shared Application" name="internal_shared_application_delete"/>
+        </Scopes>
+    </APIResource>
     <APIResource name="Application Management API" identifier="/api/server/v1/applications"
                  requiresAuthorization="true"
                  description="API representation of the Application Management API" type="TENANT_ADMIN">

diff --git a/...wso2.carbon.identity.api.resource.mgt.server.feature/resources/system-api-resource.xml.j2 b/...wso2.carbon.identity.api.resource.mgt.server.feature/resources/system-api-resource.xml.j2
@@ -44,6 +44,15 @@
             <Scope displayName="Delete API Resource" name="internal_api_resource_delete"/>
         </Scopes>
     </APIResource>
+    <APIResource name="Shared Application Management API" identifier="/api/server/v1/applications/share"
+                 requiresAuthorization="true"
+                 description="API representation of the Shared Application Management API" type="TENANT_ADMIN">
+        <Scopes>
+            <Scope displayName="Create Shared Application" name="internal_shared_application_create"/>
+            <Scope displayName="View Shared Application" name="internal_shared_application_view"/>
+            <Scope displayName="Delete Shared Application" name="internal_shared_application_delete"/>
+        </Scopes>
+    </APIResource>
     <APIResource name="Application Management API" identifier="/api/server/v1/applications"
                  requiresAuthorization="true"
                  description="API representation of the Application Management API" type="TENANT_ADMIN">

diff --git a/...ore/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml b/...ore/org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml
@@ -787,6 +787,23 @@
         <Scopes>internal_keystore_update</Scopes>
     </Resource>
 
+    <!-- Shared Application Management API -->
+    <Resource context="(.*)/api/server/v1/applications/(.*)/share" secured="true" http-method="GET">
+        <Scopes>internal_shared_application_view</Scopes>
+    </Resource>
+    <Resource context="(.*)/api/server/v1/applications/(.*)/shared-apps" secured="true" http-method="GET">
+        <Scopes>internal_shared_application_view</Scopes>
+    </Resource>
+    <Resource context="(.*)/api/server/v1/applications/(.*)/share" secured="true" http-method="POST">
+        <Scopes>internal_shared_application_create</Scopes>
+    </Resource>
+    <Resource context="(.*)/api/server/v1/applications/(.*)/shared-apps" secured="true" http-method="DELETE">
+        <Scopes>internal_shared_application_delete</Scopes>
+    </Resource>
+    <Resource context="(.*)/api/server/v1/applications/(.*)/share/(.*)" secured="true" http-method="DELETE">
+        <Scopes>internal_shared_application_delete</Scopes>
+    </Resource>
+
     <!-- [Organization] Application Management API -->
     <Resource context="(.*)/o/api/server/v1/applications(.*)" secured="true" http-method="PATCH, PUT">
         <Scopes>internal_org_application_mgt_update</Scopes>

diff --git a/.../org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml.j2 b/.../org.wso2.carbon.identity.core.server.feature/resources/resource-access-control-v2.xml.j2
@@ -809,6 +809,23 @@
             <Scopes>internal_keystore_update</Scopes>
         </Resource>
 
+        <!-- Shared Application Management API -->
+        <Resource context="(.*)/api/server/v1/applications/(.*)/share" secured="true" http-method="GET">
+            <Scopes>internal_shared_application_view</Scopes>
+        </Resource>
+        <Resource context="(.*)/api/server/v1/applications/(.*)/shared-apps" secured="true" http-method="GET">
+            <Scopes>internal_shared_application_view</Scopes>
+        </Resource>
+        <Resource context="(.*)/api/server/v1/applications/(.*)/share" secured="true" http-method="POST">
+            <Scopes>internal_shared_application_create</Scopes>
+        </Resource>
+        <Resource context="(.*)/api/server/v1/applications/(.*)/shared-apps" secured="true" http-method="DELETE">
+            <Scopes>internal_shared_application_delete</Scopes>
+        </Resource>
+        <Resource context="(.*)/api/server/v1/applications/(.*)/share/(.*)" secured="true" http-method="DELETE">
+            <Scopes>internal_shared_application_delete</Scopes>
+        </Resource>
+
         <!-- [Organization] Application Management API -->
         <Resource context="(.*)/o/api/server/v1/applications(.*)" secured="true" http-method="PATCH, PUT">
             <Scopes>internal_org_application_mgt_update</Scopes>