fix read ad rules

2023-05-04 15:54:50 +02:00 · 2023-05-04 15:54:50 +02:00 · 2a06eff235
parent 9ba715860e
commit 2a06eff235
3 changed files with 3 additions and 1 deletions
--- a/opa/ad/read.rego
+++ b/opa/ad/read.rego
@ -3,7 +3,7 @@ package AD.READ
 default allow := false

 allow {
-    input.userUuid == input.owner
+    input.owner == input.requester
 }

 allow {
--- a/src/modules/authorization/adapters/primaries/authorization.controller.ts
+++ b/src/modules/authorization/adapters/primaries/authorization.controller.ts
@ -25,6 +25,7 @@ export class AuthorizationController {
  @GrpcMethod('AuthorizationService', 'Decide')
  async decide(data: DecisionRequest): Promise<AuthorizationPresenter> {
    try {
+      console.log(data);
      const authorization: Authorization = await this._queryBus.execute(
        new DecisionQuery(data.uuid, data.domain, data.action, data.context),
      );
--- a/src/modules/authorization/domain/dtos/domain.enum.ts
+++ b/src/modules/authorization/domain/dtos/domain.enum.ts
@ -1,4 +1,5 @@
 export enum Domain {
  USER = 'USER',
  ADMIN = 'ADMIN',
+  AD = 'AD',
 }