From 6ef97e6467021f594ab9457bf70908bbb15d2c84 Mon Sep 17 00:00:00 2001 From: "Yann Esposito (Yogsototh)" Date: Tue, 7 Dec 2021 16:11:48 +0100 Subject: [PATCH] notes/cisco_ft_securex_registration.org --- notes/cisco_ft_securex_registration.org | 41 +++++++++++++------------ 1 file changed, 22 insertions(+), 19 deletions(-) diff --git a/notes/cisco_ft_securex_registration.org b/notes/cisco_ft_securex_registration.org index 55f96d50..096a0dc7 100644 --- a/notes/cisco_ft_securex_registration.org +++ b/notes/cisco_ft_securex_registration.org @@ -52,6 +52,27 @@ Once this list of orgs is found. We should also check the list of pending or rejected OrgAccessRequest for this user in order to prevent the user to request access multiple time. + +** Support Org request to admins + +We need to create another Entity for access request to an Org. + +#+begin_src clojure +(s/defschema OrgAccessRequest + (st/merge + {:id UUID + :idp-mapping IdPMapping + :user-email s/Str + :org-id s/Str + :status (s/enum :pending :accepted :rejected)} + (st/optional-keys + {:user-name s/Str + :user-nick s/Str}))) +#+end_src + +When a user request access to an organization. +We should create this object in DB. + ** Support the mechanism to create a new Org Access Request After the UserIdentity is known and after retrieving the matching orgs, and @@ -77,25 +98,7 @@ Authorization: Bearer ${user-jwt} {"org-id":"the-id-of-the-org-the-user-request-access-to"} #+end_src -** Support Org request to admins - -We need to create another Entity for access request to an Org. - -#+begin_src clojure -(s/defschema OrgAccessRequest - (st/merge - {:id UUID - :idp-mapping IdPMapping - :user-email s/Str - :org-id s/Str - :status (s/enum :pending :accepted :rejected)} - (st/optional-keys - {:user-name s/Str - :user-nick s/Str}))) -#+end_src - -When a user request access to an organization. -We should create this object in DB. +** Org Requests CRUD API There should be a CRUD API restricted to the ~admin/user-mgmt/org-requests~ scope: