From 2a06eff23537ee955a1ba144db5fbdf808723649 Mon Sep 17 00:00:00 2001
From: sbriat <sylvain.briat@free.fr>
Date: Thu, 4 May 2023 15:54:50 +0200
Subject: [PATCH] fix read ad rules

---
 opa/ad/read.rego                                                | 2 +-
 .../adapters/primaries/authorization.controller.ts              | 1 +
 src/modules/authorization/domain/dtos/domain.enum.ts            | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/opa/ad/read.rego b/opa/ad/read.rego
index ed974fe..9c7adc2 100644
--- a/opa/ad/read.rego
+++ b/opa/ad/read.rego
@@ -3,7 +3,7 @@ package AD.READ
 default allow := false
 
 allow {
-    input.userUuid == input.owner
+    input.owner == input.requester
 }
 
 allow {
diff --git a/src/modules/authorization/adapters/primaries/authorization.controller.ts b/src/modules/authorization/adapters/primaries/authorization.controller.ts
index b975371..cefd9be 100644
--- a/src/modules/authorization/adapters/primaries/authorization.controller.ts
+++ b/src/modules/authorization/adapters/primaries/authorization.controller.ts
@@ -25,6 +25,7 @@ export class AuthorizationController {
   @GrpcMethod('AuthorizationService', 'Decide')
   async decide(data: DecisionRequest): Promise<AuthorizationPresenter> {
     try {
+      console.log(data);
       const authorization: Authorization = await this._queryBus.execute(
         new DecisionQuery(data.uuid, data.domain, data.action, data.context),
       );
diff --git a/src/modules/authorization/domain/dtos/domain.enum.ts b/src/modules/authorization/domain/dtos/domain.enum.ts
index 1fa511a..9d24c49 100644
--- a/src/modules/authorization/domain/dtos/domain.enum.ts
+++ b/src/modules/authorization/domain/dtos/domain.enum.ts
@@ -1,4 +1,5 @@
 export enum Domain {
   USER = 'USER',
   ADMIN = 'ADMIN',
+  AD = 'AD',
 }