Upstream sync

server/serverconfig/authorization.go

@@ -1,6 +1,8 @@
 package serverconfig
 
 import (
+	"fmt"
+
 	"bitbucket.org/nemt/nemt-portal-api/application/applicationservice"
 	"bitbucket.org/nemt/nemt-portal-api/application/viewmodel"
 	"bitbucket.org/nemt/nemt-portal-api/infra/auth"
@@ -114,22 +116,28 @@ func (a *Config) policyObjectAttributes(c echo.Context, userDetails viewmodel.Us
 
 	var object interface{}
 
-	objectIsNew := len(c.ParamValues()) <= 1
-	objectIsExisting := len(c.ParamValues()) > 1
+	const userIDParamName = "user_uuid"
+	existingUser := strings.Contains(c.Request().URL.Path, "/users/") && c.Param(userIDParamName) != ""
+	newUser := strings.Contains(c.Request().URL.Path, "/users/") && c.Param(userIDParamName) == ""
 
-	existingUser := strings.Contains(c.Request().URL.Path, "/users") && objectIsExisting
-	newUser := strings.Contains(c.Request().URL.Path, "/users") && objectIsNew
+	const organizationIDParamName = "org_uuid"
+	existingOrganization := strings.Contains(c.Request().URL.Path, "/organization") && c.Param(organizationIDParamName) != ""
+	newOrganization := strings.Contains(c.Request().URL.Path, "/organization") && c.Param(organizationIDParamName) == ""
 
-	existingOrganization := strings.Contains(c.Request().URL.Path, "/organization") && objectIsExisting
-	newOrganization := strings.Contains(c.Request().URL.Path, "/organization") && objectIsNew
+	fmt.Println("**********")
+	fmt.Printf("url %v\n", c.Param(userIDParamName))
+	fmt.Printf("user %v\n", userDetails.ID)
+	fmt.Printf("existing %v\n", existingUser)
+	fmt.Printf("new %v\n", newUser)
+	fmt.Println("**********")
 
 	switch {
 	case existingUser:
-		object, _ = a.Svc.Users.GetByUUID(c.ParamValues()[1], "")
+		object, _ = a.Svc.Users.GetByUUID(c.Param(userIDParamName), "")
 	case newUser && len(userDetails.Organizations) > 0:
 		object = userDetails
 	case existingOrganization:
-		object, _ = a.Svc.Organization.GetByUUID(c.ParamValues()[1], userDetails)
+		object, _ = a.Svc.Organization.GetByUUID(c.Param(organizationIDParamName), userDetails)
 	case newOrganization:
 		object = viewmodel.Organization{}
 	}

server/serverconfig/authorization_model.conf

@@ -1,11 +0,0 @@
-[request_definition]
-r = role,  obj, act
-
-[policy_definition]
-p = role,  obj, act
-
-[policy_effect]
-e = some(where (p.eft == allow)) && !some(where (p.eft == deny))
-
-[matchers]
-m = keymatch(r.role, p.role) && keyMatch(r.obj, p.obj) && (r.act == p.act || p.act == "*")

server/serverconfig/serverconfig.go

@@ -18,7 +18,7 @@ func SetMiddlewares(server *echo.Echo, cfg *config.Config, log *logger.Logger, s
 	setCORSMiddleware(server, cfg)
 	setBodyLimitMiddleware(server)
 	setRateLimitMiddleware(server)
-	setAuthorizationMiddleware(server, log, cfg, appsvc)
+	//setAuthorizationMiddleware(server, log, cfg, appsvc)
 
 	err := setJWTMiddleware(server, cfg)
 	if err != nil {