added another default role besides admin to be used for apps

9d75046f · Fabian Seidl · be6e99be · 9d75046f
Commit 9d75046f authored 11 months ago by Fabian Seidl
--- a/controller/controller.go
+++ b/controller/controller.go
@@ -164,7 +164,7 @@ func initialize() error {
 	c.networkElementWatcher = nucleus.NewNetworkElementWatcher(c.mneService, c.eventService)
 	c.networkElementWatcher.SubscribeToNetworkElements(nil)

-	if err := ensureDefaultRoleExists(); err != nil {
+	if err := ensureDefaultRolesExist(); err != nil {
 		return err
 	}

@@ -287,7 +287,21 @@ func createPrincipalNetworkDomain() error {
 	return nil
 }

-func ensureDefaultRoleExists() error {
+func ensureDefaultRolesExist() error {
+	err := ensureAdminRoleExists()
+	if err != nil {
+		return err
+	}
+
+	err = ensureGenericAppRoleExists()
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func ensureAdminRoleExists() error {
 	defaultAdminRoleName := "admin"
 	adminRole, err := c.roleService.Get(store.Query{ID: uuid.Nil, Name: defaultAdminRoleName})
 	if err != nil {
@@ -347,6 +361,44 @@ func ensureDefaultRoleExists() error {
 	return nil
 }

+func ensureGenericAppRoleExists() error {
+	defaultAppRoleName := "app"
+	appRole, err := c.roleService.Get(store.Query{ID: uuid.Nil, Name: defaultAppRoleName})
+	if err != nil {
+		log.Info(err)
+	}
+
+	if appRole == nil {
+		err := c.roleService.Add(rbacImpl.NewRole(uuid.New(), defaultAppRoleName, "generic app role", []string{
+			"/gosdn.pnd.PndService/GetPnd",
+			"/gosdn.pnd.PndService/GetPndList",
+			"/gosdn.networkelement.NetworkElementService/Get",
+			"/gosdn.networkelement.NetworkElementService/GetFlattened",
+			"/gosdn.networkelement.NetworkElementService/GetAll",
+			"/gosdn.networkelement.NetworkElementService/GetAllFlattened",
+			"/gosdn.networkelement.NetworkElementService/GetPath",
+			"/gosdn.networkelement.NetworkElementService/GetIntendedPath",
+			"/gosdn.networkelement.NetworkElementService/GetChange",
+			"/gosdn.networkelement.NetworkElementService/GetChangeList",
+			"/gosdn.networkelement.NetworkElementService/AddList",
+			"/gosdn.networkelement.NetworkElementService/SetChangeList",
+			"/gosdn.networkelement.NetworkElementService/SetPathList",
+			"/gosdn.networkelement.NetworkElementService/DeviceSchema",
+			"/gosdn.networkelement.NetworkElementService/Delete",
+			"/gosdn.networkelement.NetworkElementService/SubscribePath",
+			"/gosdn.plugin_internal.PluginInternalService/AvailablePlugins",
+			"/gosdn.plugin_internal.PluginInternalService/GetPluginSchema",
+			"/gosdn.app.AppService/Register",
+			"/gosdn.app.AppService/Deregister",
+		}))
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
 func ensureDefaultUserExists() error {
 	defaultUserName := "admin"
 	adminUser, err := c.userService.Get(store.Query{ID: uuid.Nil, Name: defaultUserName})