Merge pull request #1792 from chashikajw/add-scopes

Add scope based permissions for admin, devportal, backoffice

admin/admin-domain-service/ballerina/KeyManagerClient.bal

@@ -241,7 +241,7 @@ public class KeyManagerClient {
                         certificateValue = check string:fromBytes(encodedBytes);
                     }
                     KeyManager_signingCertificate certificates = {
-                        'type: certificateType,
+                        'type: <"JWKS"|"PEM"|()>certificateType,
                         value: certificateValue
                     };
                     keymanager.signingCertificate = certificates;

admin/admin-domain-service/ballerina/admin-api_service.bal

@@ -25,196 +25,7 @@ service http:InterceptableService /api/admin on ep0 {
         http:Interceptor[] interceptors = [jwtValidationInterceptor, requestErrorInterceptor, responseErrorInterceptor];
         return interceptors;
     }
-    # Retrieve/Search Policies
-    #
-    # + query - **Search**. You can search by providing a keyword. Allowed to search by type and name only. 
-    # + return - OK. List of qualifying Policies is returned. 
-    // resource function get policies/search(string? query) returns PolicyDetailsList {
-    // }
-    # Get all Application Rate Plans
-    #
-    # + accept - Media types acceptable for the response. Default is application/json. 
-    # + return - returns can be any of following types
-    # ApplicationRatePlanList (OK. Policies returned)
-    # NotAcceptableError (Not Acceptable. The requested media type is not supported.)
-    isolated resource function get 'application\-rate\-plans(http:RequestContext requestContext, @http:Header string? accept = "application/json") returns ApplicationRatePlanList|commons:APKError {
-        commons:UserContext authenticatedUserContext = check commons:getAuthenticatedUserContext(requestContext);
-        commons:Organization organization = authenticatedUserContext.organization;
-        ApplicationRatePlanList|commons:APKError appPolicyList = getApplicationUsagePlans(organization);
-        if appPolicyList is ApplicationRatePlanList {
-            log:printDebug(appPolicyList.toString());
-        }
-        return appPolicyList;
-    }
-    # Add an Application Rate Plan
-    #
-    # + 'content\-type - Media type of the entity in the body. Default is application/json. 
-    # + payload - Application level policy object that should to be added 
-    # + return - returns can be any of following types
-    # ApplicationRatePlan (Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity.)
-    # BadRequestError (Bad Request. Invalid request or validation error.)
-    # UnsupportedMediaTypeError (Unsupported Media Type. The entity of the request was not in a supported format.)
-    isolated resource function post 'application\-rate\-plans(http:RequestContext requestContext, @http:Payload ApplicationRatePlan payload, @http:Header string 'content\-type = "application/json") returns ApplicationRatePlan|commons:APKError {
-        commons:UserContext authenticatedUserContext = check commons:getAuthenticatedUserContext(requestContext);
-        commons:Organization organization = authenticatedUserContext.organization;
-        ApplicationRatePlan|commons:APKError createdAppPol = addApplicationUsagePlan(payload, organization);
-        if createdAppPol is ApplicationRatePlan {
-            log:printDebug(createdAppPol.toString());
-        }
-        return createdAppPol;
-    }
-    # Get an Application Rate Plan
-    #
-    # + planId - Policy UUID 
-    # + return - returns can be any of following types
-    # ApplicationRatePlan (OK. Plan returned)
-    # NotFoundError (Not Found. The specified resource does not exist.)
-    # NotAcceptableError (Not Acceptable. The requested media type is not supported.)
-    isolated resource function get 'application\-rate\-plans/[string planId](http:RequestContext requestContext) returns ApplicationRatePlan|commons:APKError {
-        commons:UserContext authenticatedUserContext = check commons:getAuthenticatedUserContext(requestContext);
-        commons:Organization organization = authenticatedUserContext.organization;
-        ApplicationRatePlan|commons:APKError appPolicy = getApplicationUsagePlanById(planId, organization);
-        if appPolicy is ApplicationRatePlan {
-            log:printDebug(appPolicy.toString());
-        }
-        return appPolicy;
-    }
-    # Update an Application Rate Plan
-    #
-    # + planId - Policy UUID 
-    # + 'content\-type - Media type of the entity in the body. Default is application/json. 
-    # + payload - Policy object that needs to be modified 
-    # + return - returns can be any of following types
-    # ApplicationRatePlan (OK. Plan updated.)
-    # BadRequestError (Bad Request. Invalid request or validation error.)
-    # NotFoundError (Not Found. The specified resource does not exist.)
-    isolated resource function put 'application\-rate\-plans/[string planId](http:RequestContext requestContext, @http:Payload ApplicationRatePlan payload, @http:Header string 'content\-type = "application/json") returns ApplicationRatePlan|commons:APKError {
-        commons:UserContext authenticatedUserContext = check commons:getAuthenticatedUserContext(requestContext);
-        commons:Organization organization = authenticatedUserContext.organization;
-        ApplicationRatePlan|commons:APKError appPolicy = updateApplicationUsagePlan(planId, payload, organization);
-        if appPolicy is ApplicationRatePlan {
-            log:printDebug(appPolicy.toString());
-        }
-        return appPolicy;
-    }
-    # Delete an Application Rate Plan
-    #
-    # + planId - Policy UUID 
-    # + return - returns can be any of following types
-    # http:Ok (OK. Resource successfully deleted.)
-    # NotFoundError (Not Found. The specified resource does not exist.)
-    isolated resource function delete 'application\-rate\-plans/[string planId](http:RequestContext requestContext) returns http:Ok|commons:APKError {
-        commons:UserContext authenticatedUserContext = check commons:getAuthenticatedUserContext(requestContext);
-        commons:Organization organization = authenticatedUserContext.organization;
-        string|commons:APKError ex = removeApplicationUsagePlan(planId, organization);
-        if ex is commons:APKError {
-            return ex;
-        } else {
-            return http:OK;
-        }
-    }
-    # Get all Business Plans
-    #
-    # + accept - Media types acceptable for the response. Default is application/json. 
-    # + return - returns can be any of following types
-    # BusinessPlanList (OK. Plans returned)
-    # NotAcceptableError (Not Acceptable. The requested media type is not supported.)
-    isolated resource function get 'business\-plans(http:RequestContext requestContext, @http:Header string? accept = "application/json") returns BusinessPlanList|commons:APKError {
-        commons:UserContext authenticatedUserContext = check commons:getAuthenticatedUserContext(requestContext);
-        commons:Organization organization = authenticatedUserContext.organization;
-        BusinessPlanList|commons:APKError subPolicyList = getBusinessPlans(organization);
-        if subPolicyList is BusinessPlanList {
-            log:printDebug(subPolicyList.toString());
-        }
-        return subPolicyList;
-    }
-    # Add a Business Plan
-    #
-    # + 'content\-type - Media type of the entity in the body. Default is application/json. 
-    # + payload - Business Plan object that should to be added 
-    # + return - returns can be any of following types
-    # BusinessPlan (Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity.)
-    # BadRequestError (Bad Request. Invalid request or validation error.)
-    # UnsupportedMediaTypeError (Unsupported Media Type. The entity of the request was not in a supported format.)
-    isolated resource function post 'business\-plans(http:RequestContext requestContext, @http:Payload BusinessPlan payload, @http:Header string 'content\-type = "application/json") returns BusinessPlan|commons:APKError {
-        commons:UserContext authenticatedUserContext = check commons:getAuthenticatedUserContext(requestContext);
-        commons:Organization organization = authenticatedUserContext.organization;
-        BusinessPlan|commons:APKError createdSubPol = addBusinessPlan(payload, organization);
-        if createdSubPol is BusinessPlan {
-            log:printDebug(createdSubPol.toString());
-        }
-        return createdSubPol;
-    }
-    # Get a Business Plan
-    #
-    # + planId - Policy UUID 
-    # + return - returns can be any of following types
-    # BusinessPlan (OK. Plan returned)
-    # NotFoundError (Not Found. The specified resource does not exist.)
-    # NotAcceptableError (Not Acceptable. The requested media type is not supported.)
-    isolated resource function get 'business\-plans/[string planId](http:RequestContext requestContext) returns BusinessPlan|commons:APKError {
-        commons:UserContext authenticatedUserContext = check commons:getAuthenticatedUserContext(requestContext);
-        commons:Organization organization = authenticatedUserContext.organization;
-        BusinessPlan|commons:APKError subPolicy = getBusinessPlanById(planId, organization);
-        if subPolicy is BusinessPlan {
-            log:printDebug(subPolicy.toString());
-        }
-        return subPolicy;
-    }
-    # Update a Business Plan
-    #
-    # + planId - Policy UUID 
-    # + 'content\-type - Media type of the entity in the body. Default is application/json. 
-    # + payload - Plan object that needs to be modified 
-    # + return - returns can be any of following types
-    # BusinessPlan (OK. Plan updated.)
-    # BadRequestError (Bad Request. Invalid request or validation error.)
-    # NotFoundError (Not Found. The specified resource does not exist.)
-    isolated resource function put 'business\-plans/[string planId](http:RequestContext requestContext, @http:Payload BusinessPlan payload, @http:Header string 'content\-type = "application/json") returns BusinessPlan|commons:APKError {
-        commons:UserContext authenticatedUserContext = check commons:getAuthenticatedUserContext(requestContext);
-        commons:Organization organization = authenticatedUserContext.organization;
-        return updateBusinessPlan(planId, payload, organization);
-    }
-    # Delete a Business Plan
-    #
-    # + planId - Policy UUID 
-    # + return - returns can be any of following types
-    # http:Ok (OK. Resource successfully deleted.)
-    # NotFoundError (Not Found. The specified resource does not exist.)
-    isolated resource function delete 'business\-plans/[string planId](http:RequestContext requestContext) returns http:Ok|commons:APKError {
-        commons:UserContext authenticatedUserContext = check commons:getAuthenticatedUserContext(requestContext);
-        commons:Organization organization = authenticatedUserContext.organization;
-        string|commons:APKError ex = removeBusinessPlan(planId, organization);
-        if ex is commons:APKError {
-            return ex;
-        } else {
-            return http:OK;
-        }
-    }
-    # Export a Throttling Policy
-    #
-    # + policyId - UUID of the ThrottlingPolicy 
-    # + name - Throttling Policy Name 
-    # + 'type - Type of the Throttling Policy 
-    # + format - Format of output documents. Can be YAML or JSON. 
-    # + return - returns can be any of following types
-    # ExportPolicy (OK. Export Successful.)
-    # NotFoundError (Not Found. The specified resource does not exist.)
-    # InternalServerErrorError (Internal Server Error.)
-    // resource function get throttling/policies/export(string? policyId, string? name, string? 'type, string? format) returns ExportPolicy|NotFoundError|InternalServerErrorError {
-    // }
-    # Import a Throttling Policy
-    #
-    # + overwrite - Update an existing throttling policy with the same name. 
-    # + request - parameter description 
-    # + return - returns can be any of following types
-    # http:Ok (Created. Throttling Policy Imported Successfully.)
-    # ForbiddenError (Forbidden. The request must be conditional but no condition has been specified.)
-    # NotFoundError (Not Found. The specified resource does not exist.)
-    # ConflictError (Conflict. Specified resource already exists.)
-    # InternalServerErrorError (Internal Server Error.)
-    // resource function post throttling/policies/'import(boolean? overwrite, http:Request request) returns http:Ok|ForbiddenError|NotFoundError|ConflictError|InternalServerErrorError {
-    // }
+
     # Get all Deny Policies
     #
     # + accept - Media types acceptable for the response. Default is application/json. 
@@ -435,18 +246,6 @@ service http:InterceptableService /api/admin on ep0 {
             return http:OK;
         }
     }
-    # Retrieve Admin Settings
-    #
-    # + return - returns can be any of following types
-    # Settings (OK. Settings returned)
-    # NotFoundError (Not Found. The specified resource does not exist.)
-    resource function get settings(http:RequestContext requestContext) returns Settings|NotFoundError|commons:APKError {
-        commons:UserContext authenticatedUserContext = check commons:getAuthenticatedUserContext(requestContext);
-        commons:Organization organization = authenticatedUserContext.organization;
-
-        SettingsClient settingsClient = new;
-        return settingsClient.getSettings(organization);
-    }
     # Get all Key managers
     #
     # + return - OK. KeyManagers returned 
@@ -513,13 +312,6 @@ service http:InterceptableService /api/admin on ep0 {
         http:Ok okResponse = {};
         return okResponse;
     }
-    # Retrieve Well-known information from Key Manager Well-known Endpoint
-    #
-    # + request - parameter description 
-    # + return - OK. KeyManagers returned 
-    // resource function post 'key\-managers/discover(http:Request request) returns OkKeyManagerWellKnownResponse {
-    // }
-
 
     # Retrieve All Pending Workflow Processes
     #