Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Enforce Right: Manage Products

Description

There should be an Administrative type Right that a User may be assigned via a Role that allows them to Manage (View, Create, Edit) Orderables, TradeItems, CommodityTypes and OrderableDisplayCategory.

Acceptance:

  • there is a new Administrative type of right named ORDERABLES_MANAGE in Reference Data added via new Flyway migration

  • the endpoint's that GET, PUT, POST & DELETE should require the ORDERDABLES_MANAGE (or service level token) for:

    • /api/orderables

    • /api/orderableDisplayCategories

    • /api/tradeItems

    • /api/commodityTypes

  • a 403 is returned if the user doesn't have the right (or a service level token)

  • RAML is updated

  • Check to ensure clients of updated endpoints don't break - raise an issue to the larger group if it does.

Confluence content

mentioned on

QAlity Plus - Test Management

Checklists

Activity

Lucyna Laska 
February 21, 2017 at 12:53 PM

New right ORDERABLES_MANAGE with type: GENERAL_ADMIN is added:

Without that right, is not possible to manage: Orderables, TradeItems and OrderableDisplayCategory.

Problems with commodityTypes occurred, so I created a bug for that: OLMIS-1965.

Josh Zamor 
February 16, 2017 at 4:06 AM

: exactly right, though we'll name the right ORDERABLES_MANAGE. I've updated the description.

Jakub Hopen 
February 15, 2017 at 11:05 AM

since classes and endpoints were changed
OrderableProduct -> Orderable
ProductCategory -> OrderableDisplayCategory
GlobalProduct -> CommodityType
shouldnt also right be named MANAGE_ORDERABLE ?

Done
Pinned fields
Click on the next to a field label to start pinning.

Details

Assignee

Reporter

Labels

Story Points

Original estimate

Time tracking

5h 30m logged1d 5h 30m remaining

Components

Sprint

Fix versions

Priority

Time Assistant

Created January 4, 2017 at 12:29 AM
Updated February 21, 2017 at 12:55 PM
Resolved February 21, 2017 at 12:55 PM