JAM POR role updates

bcgov · Dec 4, 2024 · 036a0f2 · 036a0f2
1 parent 6a19d4b
commit 036a0f2
Show file tree

Hide file tree

Showing 5 changed files with 403 additions and 14 deletions.
diff --git a/backend/JAMService/Data/JAMServiceDbContext.cs b/backend/JAMService/Data/JAMServiceDbContext.cs
@@ -29,11 +29,11 @@ protected override void OnModelCreating(ModelBuilder modelBuilder)
         var app = modelBuilder.Entity<Application>().HasData(
              new Application { Id = -1, Name = "JAM_POR", Description = "JUSTIN Protection Order Registry", GroupPath = "/JAM/POR", ValidIDPs = ["azuread"], JUSTINAppName = "POR" });
 
-        modelBuilder.Entity<AppRoleMapping>().HasData(new AppRoleMapping { ApplicationId = -1, Id = -1, IsRealmGroup = true, Description = "Read-only: Current protection orders and expired", SourceRoles = ["POS_VIEW_ALL_USER", "POS_USER"], TargetRoles = ["POR_READ_ONLY"] });
-        modelBuilder.Entity<AppRoleMapping>().HasData(new AppRoleMapping { ApplicationId = -1, Id = -2, IsRealmGroup = true, Description = "Read-only: Current protection orders and expired", SourceRoles = ["POS_SEL_USER", "POS_USER"], TargetRoles = ["POR_READ_ONLY"] });
+        modelBuilder.Entity<AppRoleMapping>().HasData(new AppRoleMapping { ApplicationId = -1, Id = -1, IsRealmGroup = true, Description = "Read-only: Current protection orders and expired", SourceRoles = ["POS_VIEW_ALL_USER", "POS_USER"], TargetRoles = ["POR_READ_EXPIRED_ORDERS"] });
+        modelBuilder.Entity<AppRoleMapping>().HasData(new AppRoleMapping { ApplicationId = -1, Id = -2, IsRealmGroup = true, Description = "Read-only: Current protection orders only", SourceRoles = ["POS_SEL_USER", "POS_USER"], TargetRoles = ["POR_READ_VALID_ONLY"] });
         modelBuilder.Entity<AppRoleMapping>().HasData(new AppRoleMapping { ApplicationId = -1, Id = -3, IsRealmGroup = true, Description = "Regular user: Admin without remove orders permission", SourceRoles = ["POS_USER"], TargetRoles = ["POR_READ_WRITE"] });
-        modelBuilder.Entity<AppRoleMapping>().HasData(new AppRoleMapping { ApplicationId = -1, Id = -4, IsRealmGroup = true, Description = "Admin with remove orders permission", SourceRoles = ["POS_USER", "POS_REMOVE_USER"], TargetRoles = ["POR_READ_WRITE", "POR_DELETE_ORDER"] });
-        modelBuilder.Entity<AppRoleMapping>().HasData(new AppRoleMapping { ApplicationId = -1, Id = -5, IsRealmGroup = true, Description = "BAE Roles, ability to see results on sealed orders queries", SourceRoles = ["POS_USER", "POS_REMOVE_USER", "POS_JUSTIN"], TargetRoles = ["POR_READ_WRITE", "POR_DELETE_ORDER"] });
+        modelBuilder.Entity<AppRoleMapping>().HasData(new AppRoleMapping { ApplicationId = -1, Id = -4, IsRealmGroup = true, Description = "Admin with remove orders permission", SourceRoles = ["POS_USER", "POS_DEL_USER"], TargetRoles = ["POR_ADMIN_WITH_SEALING"] });
+        modelBuilder.Entity<AppRoleMapping>().HasData(new AppRoleMapping { ApplicationId = -1, Id = -5, IsRealmGroup = true, Description = "Ability to seal protection orders and mark as removed", SourceRoles = ["POS_USER", "POS_REMOVE_USER"], TargetRoles = ["POR_ADMIN_WITH_SEALING"] });
 
 
         var mapping = modelBuilder.Entity<IDPMapper>().HasData(

diff --git a/backend/JAMService/JAMService.csproj b/backend/JAMService/JAMService.csproj
@@ -12,6 +12,8 @@
     <ProjectReference Include="..\CommonModels\CommonModels.csproj" />
     <PackageReference Include="Keycloak.Net.Core" Version="1.0.30" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="9.0.0" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="8.0.11" />
+
   </ItemGroup>
 
   <ItemGroup>

diff --git a/backend/JAMService/Migrations/20241204203212_UpdateJAMPORRoles.Designer.cs b/backend/JAMService/Migrations/20241204203212_UpdateJAMPORRoles.Designer.cs