Introduce new permission structure for rollout management. (#624)
* Introduce new permission structure for rollout management. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * JavaDocs Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Add target read check for filters. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com>
This commit is contained in:
@@ -71,7 +71,7 @@ public interface RolloutManagement {
|
||||
* otherwise.
|
||||
*
|
||||
*/
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_WRITE)
|
||||
@PreAuthorize(SpringEvalExpressions.IS_SYSTEM_CODE)
|
||||
void handleRollouts();
|
||||
|
||||
/**
|
||||
@@ -123,7 +123,7 @@ public interface RolloutManagement {
|
||||
* @throws ConstraintViolationException
|
||||
* if rollout or group parameters are invalid.
|
||||
*/
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_WRITE)
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_CREATE)
|
||||
Rollout create(@NotNull RolloutCreate create, int amountGroup, @NotNull RolloutGroupConditions conditions);
|
||||
|
||||
/**
|
||||
@@ -157,7 +157,7 @@ public interface RolloutManagement {
|
||||
* @throws ConstraintViolationException
|
||||
* if rollout or group parameters are invalid
|
||||
*/
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_WRITE)
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_CREATE)
|
||||
Rollout create(@NotNull RolloutCreate rollout, @NotNull List<RolloutGroupCreate> groups,
|
||||
RolloutGroupConditions conditions);
|
||||
|
||||
@@ -312,7 +312,7 @@ public interface RolloutManagement {
|
||||
* Only running rollouts can be paused.
|
||||
*
|
||||
*/
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_WRITE)
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_HANDLE)
|
||||
void pauseRollout(@NotNull Long rolloutId);
|
||||
|
||||
/**
|
||||
@@ -329,7 +329,7 @@ public interface RolloutManagement {
|
||||
* if given rollout is not in {@link RolloutStatus#PAUSED}. Only
|
||||
* paused rollouts can be resumed.
|
||||
*/
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_WRITE)
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_HANDLE)
|
||||
void resumeRollout(@NotNull Long rolloutId);
|
||||
|
||||
/**
|
||||
@@ -350,7 +350,7 @@ public interface RolloutManagement {
|
||||
* if given rollout is not in {@link RolloutStatus#READY}. Only
|
||||
* ready rollouts can be started.
|
||||
*/
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_WRITE)
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_HANDLE)
|
||||
Rollout start(@NotNull Long rolloutId);
|
||||
|
||||
/**
|
||||
@@ -368,7 +368,7 @@ public interface RolloutManagement {
|
||||
* reference
|
||||
*
|
||||
*/
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_WRITE)
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_UPDATE)
|
||||
Rollout update(@NotNull RolloutUpdate update);
|
||||
|
||||
/**
|
||||
@@ -379,7 +379,7 @@ public interface RolloutManagement {
|
||||
* @param rolloutId
|
||||
* the ID of the rollout to be deleted
|
||||
*/
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_WRITE)
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_ROLLOUT_MANAGEMENT_DELETE)
|
||||
void delete(@NotNull Long rolloutId);
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user