This Repository is depricated. The code was moved into The autoupdate repository. The service is not used anymore.
The permisson service is a service and a libary for OpenSlides4 that tells, if a user can see specific content.
go build ./cmd/permission/ && ./permission
The docker build uses the datastore-reader-service as default. Either configure it to use the fake services (see environment variables below) or make sure the service inside the docker container can connect to the datastore-reader. For example with the docker argument --network host.
docker build . --tag openslides-permission
docker run --network host openslides-permission
To restart the service when ever a source file has shanged, the tool CompileDaemon can help.
go get github.com/githubnemo/CompileDaemon
CompileDaemon -log-prefix=false -build "go build ./cmd/permission" -command "./permission"
The make target build-dev creates a docker image that uses this tool:
make build-dev
docker run -v $(pwd)/cert:/root/cert --network host openslides-permission-dev
curl http://localhost:9005/internal/permission/is_allowed -d '{"name":"topic.create","user_id":1}'
The business logic are the cases, when the permission case should return true or false or restrict some fqfields.
To test only the to business logic run:
tests/run.sh
If a test case fails, a message like:
FAIL: TestCases/motion/create.yml:create_amentment_with_wrong_perm (0.00s)
is shown. To test only this case, run:
tests/run.sh TestCases/motion/create.yml:create_amentment_with_wrong_perm
To see the coverage for all business logic in the browser, run:
make cover
go test ./...
There is a make target, that creates and runs the docker-test-container:
make run-tests
There are some permission routes, that are autogenerated. The list of these simple routes are fetched from the backend service.
When the list of these routes chances, the code has to be updated with
go generate ./...
PERMISSION_HOST: Host where the http service listens to. Default is an empty string which means all devices.PERMISSION_PORT: Port where the http services listens to. Default is 9005.DATASTORE: Sets the datastore service.fake(default) orservice.DATASTORE_READER_HOST: Host of the datastore reader. The default islocalhost.DATASTORE_READER_PORT: Port of the datastore reader. The default is9010.DATASTORE_READER_PROTOCOL: Protocol of the datastore reader. The default ishttp.