From 77f78096fb809d76b0b7df07531d22bcad8a12bd Mon Sep 17 00:00:00 2001 From: "Yann Esposito (Yogsototh)" Date: Fri, 1 Apr 2022 17:38:09 +0200 Subject: [PATCH] notes/cisco_ft_securex_registration.org --- notes/cisco_ft_securex_registration.org | 48 +++++++++++-------------- 1 file changed, 21 insertions(+), 27 deletions(-) diff --git a/notes/cisco_ft_securex_registration.org b/notes/cisco_ft_securex_registration.org index a1351cc9..1f3dd681 100644 --- a/notes/cisco_ft_securex_registration.org +++ b/notes/cisco_ft_securex_registration.org @@ -207,11 +207,24 @@ following schema: #+begin_src clojure (defprotocol OrgAccessRequestService "See iroh-auth.registration.org-access-request.schemas/ServiceFns for schemas." - :extend-via-metadata true + ;; Internal CRUD+Search almost only use iroh-crud + (raw-search-org-access-requests + [this filter-map pagination-params] + "Search all OrgAccessRequest grants") + + (raw-get-org-access-request + [this org-access-request-id] + "Return the OrgAccessRequest grant") + + (raw-patch-org-access-request + [this org-access-request-id org-access-request-patch] + "Update the status of an OrgAccessRequest.") ;; service function for the Admins logged in SecureX ;; User filtered CRUD+Search for REST API related methods - (search-org-access-requests-for-org + ;; The first argument is a RequestIdentity (:identity request) generated from a normal JWT + ;; via the ring-jwt-middleware. + (search-org-access-requests [this request-identity filter-map pagination-params] "Search all OrgAccessRequest of the org of the user of the request-identity") @@ -225,6 +238,8 @@ following schema: Note user creation could be a side effect.") ;; For the New Registration Page (the user logged in via the IdP successfully) + ;; The first argument is a UserIdentity (:identity request) it will not contain + ;; any data related to any org (search-org-access-requests-for-user-identity [this user-identity filter-map pagination-params] "Search all OrgAccessRequest made by this user identity accross all orgs. @@ -233,32 +248,11 @@ following schema: (create-org-access-request [this user-identity org-id] - "Create a new OrgAccessRequest.") + "Create a new OrgAccessRequest. Should potentially send emails along the way") - (delete-org-access-request - [this user-identity org-access-request-id] - "Remove an org request access.") - - ;; Internal CRUD+Search - (raw-search-org-access-requests - [this filter-map pagination-params] - "Search all OrgAccessRequest grants") - - (raw-get-org-access-request - [this org-access-request-id] - "Return the OrgAccessRequest grant") - - (raw-patch-org-access-request - [this org-access-request-id org-access-request-patch] - "Update the status of an OrgAccessRequest.") - - ;; To be used in the `iroh-auth-web-service` directly without any password - (patch-org-access-request - [this org-access-request-id org-access-request-secret org-access-request-patch] - "Similar to patch-org-access-request but for non logged in users can be used by - providing both the OrgAccessRequest id and secret. - That way we could build a URL into emails sent to admins to create - the new user in the correct org.")) + (renew-org-access-request + [this user-identity org-id] + "Renew an OrgAccessRequest. Mainly should send the email again and change the updated-at date.")) #+end_src ***** =1= search/get/patch /Estimate: 1 rcd/