retrofitted the creation of internal token permissions (self)
diff --git a/component-test/src/main/java/TestAuthentication.java b/component-test/src/main/java/TestAuthentication.java
index 8e98443..d134b78 100644
--- a/component-test/src/main/java/TestAuthentication.java
+++ b/component-test/src/main/java/TestAuthentication.java
@@ -142,8 +142,9 @@
Collections.addAll(expectedTokenPermissions,
new TokenPermission(horusEndpoint.getPath(), Collections.singleton(AllowedOperation.READ)),
new TokenPermission(maatEndpoint.getPath(), Collections.singleton(AllowedOperation.READ)),
- new TokenPermission("identity-v1/users/{useridentifier}/password", Collections.singleton(AllowedOperation.CHANGE)),
- new TokenPermission("identity-v1/users/{useridentifier}/permissions", Collections.singleton(AllowedOperation.READ)),
+ new TokenPermission("identity-v1/users/{useridentifier}/password",
+ Sets.newHashSet(AllowedOperation.READ, AllowedOperation.CHANGE, AllowedOperation.DELETE)),
+ new TokenPermission("identity-v1/users/{useridentifier}/permissions", Sets.newHashSet(AllowedOperation.READ)),
new TokenPermission("identity-v1/token/_current", Collections.singleton(AllowedOperation.DELETE)));
Assert.assertTrue("Expected: " + expectedTokenPermissions + "\nActual: " + tokenPermissions,
diff --git a/service/src/main/java/io/mifos/identity/internal/command/handler/AuthenticationCommandHandler.java b/service/src/main/java/io/mifos/identity/internal/command/handler/AuthenticationCommandHandler.java
index d6a6589..af81819 100644
--- a/service/src/main/java/io/mifos/identity/internal/command/handler/AuthenticationCommandHandler.java
+++ b/service/src/main/java/io/mifos/identity/internal/command/handler/AuthenticationCommandHandler.java
@@ -15,6 +15,7 @@
*/
package io.mifos.identity.internal.command.handler;
+import com.google.common.collect.Sets;
import com.google.gson.Gson;
import io.mifos.anubis.api.v1.domain.AllowedOperation;
import io.mifos.anubis.api.v1.domain.TokenContent;
@@ -489,10 +490,10 @@
ret.add(new TokenPermission(
applicationName + "/applications/*/permissions/*/users/{useridentifier}/enabled",
- AllowedOperation.ALL));
+ Sets.newHashSet(AllowedOperation.READ, AllowedOperation.CHANGE, AllowedOperation.DELETE)));
ret.add(new TokenPermission(
applicationName + "/users/{useridentifier}/permissions",
- Collections.singleton(AllowedOperation.READ)));
+ Sets.newHashSet(AllowedOperation.READ)));
return ret;
}
@@ -502,10 +503,10 @@
ret.add(new TokenPermission(
applicationName + "/users/{useridentifier}/password",
- Collections.singleton(AllowedOperation.CHANGE)));
+ Sets.newHashSet(AllowedOperation.READ, AllowedOperation.CHANGE, AllowedOperation.DELETE)));
ret.add(new TokenPermission(
applicationName + "/token/_current",
- Collections.singleton(AllowedOperation.DELETE)));
+ Sets.newHashSet(AllowedOperation.DELETE)));
return ret;
}