From 82ee9a5613e3e558735c9c349e910daae472cd07 Mon Sep 17 00:00:00 2001 From: George J Padayatti Date: Mon, 4 Dec 2023 18:26:43 +0530 Subject: [PATCH] Fix #591: Test mode Signed-off-by: George J Padayatti --- internal/cmd/start_api.go | 10 +- internal/config/config.go | 1 + internal/http_path/v2/audit_paths.go | 10 +- internal/http_path/v2/config_paths.go | 96 ++++---- internal/http_path/v2/onboard_paths.go | 44 ++-- internal/http_path/v2/routes.go | 197 ++++++++-------- internal/http_path/v2/service_paths.go | 56 ++--- internal/rbac/rbac.go | 296 +++++++++++++------------ 8 files changed, 366 insertions(+), 344 deletions(-) diff --git a/internal/cmd/start_api.go b/internal/cmd/start_api.go index 6ad40c4..85d4f0e 100644 --- a/internal/cmd/start_api.go +++ b/internal/cmd/start_api.go @@ -75,7 +75,7 @@ func StartApiCmdHandler(cmd *cobra.Command, args []string) { } // Load the policy into the enforcer. - _, err = authEnforcer.AddPolicies(rbac.GetRbacPolicies()) + _, err = authEnforcer.AddPolicies(rbac.GetRbacPolicies(loadedConfig.TestMode)) if err != nil { panic(err) } @@ -95,7 +95,13 @@ func StartApiCmdHandler(cmd *cobra.Command, args []string) { // Router router := mux.NewRouter() - v2HttpPaths.SetRoutes(router, authEnforcer) + if loadedConfig.TestMode { + router.StrictSlash(true) + v2HttpPaths.SetRoutes(router, authEnforcer, loadedConfig.TestMode) + } else { + subrouter := router.PathPrefix("/v2").Subrouter() + v2HttpPaths.SetRoutes(subrouter, authEnforcer, loadedConfig.TestMode) + } // Start server and listen in port 80 log.Println("Listening port 80") diff --git a/internal/config/config.go b/internal/config/config.go index 70c919e..b3a561c 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -69,6 +69,7 @@ type Configuration struct { Password string } ApplicationMode string + TestMode bool Organization Organization User User ApiSecretKey string diff --git a/internal/http_path/v2/audit_paths.go b/internal/http_path/v2/audit_paths.go index 90990b9..dbf841d 100644 --- a/internal/http_path/v2/audit_paths.go +++ b/internal/http_path/v2/audit_paths.go @@ -1,9 +1,9 @@ package http_path -const AuditListDataAgreementRecords = "/v2/audit/consent-records" -const AuditDataAgreementRecordRead = "/v2/audit/consent-record/{consentRecordId}" -const AuditListDataAgreements = "/v2/audit/data-agreements" -const AuditReadDataAgreement = "/v2/audit/data-agreement/{dataAgreementId}" +const AuditListDataAgreementRecords = "/audit/consent-records" +const AuditDataAgreementRecordRead = "/audit/consent-record/{consentRecordId}" +const AuditListDataAgreements = "/audit/data-agreements" +const AuditReadDataAgreement = "/audit/data-agreement/{dataAgreementId}" // organization action logs -const AuditGetOrgLogs = "/v2/audit/admin/logs" +const AuditGetOrgLogs = "/audit/admin/logs" diff --git a/internal/http_path/v2/config_paths.go b/internal/http_path/v2/config_paths.go index e266fa7..c178ccf 100644 --- a/internal/http_path/v2/config_paths.go +++ b/internal/http_path/v2/config_paths.go @@ -1,66 +1,66 @@ package http_path // Global policy configuration -const ConfigCreatePolicy = "/v2/config/policy" -const ConfigReadPolicy = "/v2/config/policy/{policyId}" -const ConfigUpdatePolicy = "/v2/config/policy/{policyId}" -const ConfigDeletePolicy = "/v2/config/policy/{policyId}" -const ConfigListPolicies = "/v2/config/policies" -const ConfigListPolicyRevisions = "/v2/config/policy/{policyId}/revisions" +const ConfigCreatePolicy = "/config/policy" +const ConfigReadPolicy = "/config/policy/{policyId}" +const ConfigUpdatePolicy = "/config/policy/{policyId}" +const ConfigDeletePolicy = "/config/policy/{policyId}" +const ConfigListPolicies = "/config/policies" +const ConfigListPolicyRevisions = "/config/policy/{policyId}/revisions" // Data agreements -const ConfigCreateDataAgreement = "/v2/config/data-agreement" -const ConfigReadDataAgreement = "/v2/config/data-agreement/{dataAgreementId}" -const ConfigUpdateDataAgreement = "/v2/config/data-agreement/{dataAgreementId}" -const ConfigDeleteDataAgreement = "/v2/config/data-agreement/{dataAgreementId}" -const ConfigListDataAgreements = "/v2/config/data-agreements" -const ConfigListDataAgreementRevisions = "/v2/config/data-agreement/{dataAgreementId}/revisions" -const ConfigListDataAttributesForDataAgreement = "/v2/config/data-agreement/{dataAgreementId}/data-attributes" +const ConfigCreateDataAgreement = "/config/data-agreement" +const ConfigReadDataAgreement = "/config/data-agreement/{dataAgreementId}" +const ConfigUpdateDataAgreement = "/config/data-agreement/{dataAgreementId}" +const ConfigDeleteDataAgreement = "/config/data-agreement/{dataAgreementId}" +const ConfigListDataAgreements = "/config/data-agreements" +const ConfigListDataAgreementRevisions = "/config/data-agreement/{dataAgreementId}/revisions" +const ConfigListDataAttributesForDataAgreement = "/config/data-agreement/{dataAgreementId}/data-attributes" -const ReadDataAgreementRevision = "/v2/config/data-agreement/{dataAgreementId}/revision/{revisionId}" +const ReadDataAgreementRevision = "/config/data-agreement/{dataAgreementId}/revision/{revisionId}" // Data attributes -const ConfigReadDataAttribute = "/v2/config/data-agreements/data-attribute/{dataAttributeId}" -const ConfigCreateDataAttribute = "/v2/config/data-agreements/data-attribute" -const ConfigUpdateDataAttribute = "/v2/config/data-agreements/data-attribute/{dataAttributeId}" -const ConfigListDataAttributeRevisions = "/v2/config/data-agreements/data-attribute/{dataAttributeId}/revisions" -const ConfigDeleteDataAttribute = "/v2/config/data-agreements/data-attribute/{dataAttributeId}" -const ConfigListDataAttributes = "/v2/config/data-agreements/data-attributes" +const ConfigReadDataAttribute = "/config/data-agreements/data-attribute/{dataAttributeId}" +const ConfigCreateDataAttribute = "/config/data-agreements/data-attribute" +const ConfigUpdateDataAttribute = "/config/data-agreements/data-attribute/{dataAttributeId}" +const ConfigListDataAttributeRevisions = "/config/data-agreements/data-attribute/{dataAttributeId}/revisions" +const ConfigDeleteDataAttribute = "/config/data-agreements/data-attribute/{dataAttributeId}" +const ConfigListDataAttributes = "/config/data-agreements/data-attributes" // Webhooks -const ConfigReadWebhook = "/v2/config/webhook/{webhookId}" -const ConfigCreateWebhook = "/v2/config/webhook" -const ConfigUpdateWebhook = "/v2/config/webhook/{webhookId}" -const ConfigDeleteWebhook = "/v2/config/webhook/{webhookId}" -const ConfigListWebhooks = "/v2/config/webhooks" -const ConfigPingWebhook = "/v2/config/webhook/{webhookId}/ping" -const ConfigListRecentWebhookDeliveries = "/v2/config/webhooks/{webhookId}/deliveries" -const ConfigReadRecentWebhookDelivery = "/v2/config/webhooks/{webhookId}/delivery/{deliveryId}" -const ConfigRedeliverWebhookPayloadByDeliveryID = "/v2/config/webhooks/{webhookId}/delivery/{deliveryId}/redeliver" -const ConfigListWebhookEventTypes = "/v2/config/webhooks/event-types" -const ConfigListWebhookPayloadContentTypes = "/v2/config/webhooks/payload/content-types" +const ConfigReadWebhook = "/config/webhook/{webhookId}" +const ConfigCreateWebhook = "/config/webhook" +const ConfigUpdateWebhook = "/config/webhook/{webhookId}" +const ConfigDeleteWebhook = "/config/webhook/{webhookId}" +const ConfigListWebhooks = "/config/webhooks" +const ConfigPingWebhook = "/config/webhook/{webhookId}/ping" +const ConfigListRecentWebhookDeliveries = "/config/webhooks/{webhookId}/deliveries" +const ConfigReadRecentWebhookDelivery = "/config/webhooks/{webhookId}/delivery/{deliveryId}" +const ConfigRedeliverWebhookPayloadByDeliveryID = "/config/webhooks/{webhookId}/delivery/{deliveryId}/redeliver" +const ConfigListWebhookEventTypes = "/config/webhooks/event-types" +const ConfigListWebhookPayloadContentTypes = "/config/webhooks/payload/content-types" // Organisation identity provider related API(s) -const AddIdentityProvider = "/v2/config/idp/open-id" -const UpdateIdentityProvider = "/v2/config/idp/open-id/{idpId}" -const DeleteIdentityProvider = "/v2/config/idp/open-id/{idpId}" -const GetIdentityProvider = "/v2/config/idp/open-id/{idpId}" -const ConfigListIdentityProviders = "/v2/config/idp/open-ids" +const AddIdentityProvider = "/config/idp/open-id" +const UpdateIdentityProvider = "/config/idp/open-id/{idpId}" +const DeleteIdentityProvider = "/config/idp/open-id/{idpId}" +const GetIdentityProvider = "/config/idp/open-id/{idpId}" +const ConfigListIdentityProviders = "/config/idp/open-ids" // Individuals -const ConfigCreateIndividual = "/v2/config/individual" -const ConfigReadIndividual = "/v2/config/individual/{individualId}" -const ConfigUpdateIndividual = "/v2/config/individual/{individualId}" -const ConfigDeleteIndividual = "/v2/config/individual/{individualId}" -const ConfigListIndividuals = "/v2/config/individuals" -const ConfigCreateIndividualsInBulk = "/v2/config/individual/upload" +const ConfigCreateIndividual = "/config/individual" +const ConfigReadIndividual = "/config/individual/{individualId}" +const ConfigUpdateIndividual = "/config/individual/{individualId}" +const ConfigDeleteIndividual = "/config/individual/{individualId}" +const ConfigListIndividuals = "/config/individuals" +const ConfigCreateIndividualsInBulk = "/config/individual/upload" // Api key -const ConfigCreateApiKey = "/v2/config/admin/apikey" -const ConfigUpdateApiKey = "/v2/config/admin/apikey/{apiKeyId}" -const ConfigDeleteApiKey = "/v2/config/admin/apikey/{apiKeyId}" -const ConfigListApiKey = "/v2/config/admin/apikeys" +const ConfigCreateApiKey = "/config/admin/apikey" +const ConfigUpdateApiKey = "/config/admin/apikey/{apiKeyId}" +const ConfigDeleteApiKey = "/config/admin/apikey/{apiKeyId}" +const ConfigListApiKey = "/config/admin/apikeys" -const ConfigReadPrivacyDashboard = "/v2/config/privacy-dashboard" +const ConfigReadPrivacyDashboard = "/config/privacy-dashboard" -const ConfigPurgeOrgLogs = "/v2/config/logs/purge" +const ConfigPurgeOrgLogs = "/config/logs/purge" diff --git a/internal/http_path/v2/onboard_paths.go b/internal/http_path/v2/onboard_paths.go index 25ba26f..78139b3 100644 --- a/internal/http_path/v2/onboard_paths.go +++ b/internal/http_path/v2/onboard_paths.go @@ -1,31 +1,31 @@ package http_path // login -const LoginAdminUser = "/v2/onboard/admin/login" -const LoginUser = "/v2/onboard/individual/login" -const OnboardLogoutUser = "/v2/onboard/logout" +const LoginAdminUser = "/onboard/admin/login" +const LoginUser = "/onboard/individual/login" +const OnboardLogoutUser = "/onboard/logout" -const OnboardResetPassword = "/v2/onboard/password/reset" -const OnboardForgotPassword = "/v2/onboard/password/forgot" +const OnboardResetPassword = "/onboard/password/reset" +const OnboardForgotPassword = "/onboard/password/forgot" -// const ValidateUserEmail = "/v2/onboard/validate/email" -// const ValidatePhoneNumber = "/v2/onboard/validate/phone" -// const VerifyPhoneNumber = "/v2/onboard/verify/phone" -// const VerifyOtp = "/v2/onboard/verify/otp" +// const ValidateUserEmail = "/onboard/validate/email" +// const ValidatePhoneNumber = "/onboard/validate/phone" +// const VerifyPhoneNumber = "/onboard/verify/phone" +// const VerifyOtp = "/onboard/verify/otp" -const OnboardRefreshToken = "/v2/onboard/token/refresh" -const ExchangeAuthorizationCode = "/v2/onboard/token/exchange" +const OnboardRefreshToken = "/onboard/token/refresh" +const ExchangeAuthorizationCode = "/onboard/token/exchange" -const GetOrganizationByID = "/v2/onboard/organisation" -const UpdateOrganization = "/v2/onboard/organisation" -const UpdateOrganizationCoverImage = "/v2/onboard/organisation/coverimage" -const UpdateOrganizationLogoImage = "/v2/onboard/organisation/logoimage" -const GetOrganizationCoverImage = "/v2/onboard/organisation/coverimage" -const GetOrganizationLogoImage = "/v2/onboard/organisation/logoimage" +const GetOrganizationByID = "/onboard/organisation" +const UpdateOrganization = "/onboard/organisation" +const UpdateOrganizationCoverImage = "/onboard/organisation/coverimage" +const UpdateOrganizationLogoImage = "/onboard/organisation/logoimage" +const GetOrganizationCoverImage = "/onboard/organisation/coverimage" +const GetOrganizationLogoImage = "/onboard/organisation/logoimage" -const OnboardReadOrganisationAdmin = "/v2/onboard/admin" -const OnboardUpdateOrganisationAdmin = "/v2/onboard/admin" -const OnboardReadOrganisationAdminAvatar = "/v2/onboard/admin/avatarimage" -const OnboardUpdateOrganisationAdminAvatar = "/v2/onboard/admin/avatarimage" +const OnboardReadOrganisationAdmin = "/onboard/admin" +const OnboardUpdateOrganisationAdmin = "/onboard/admin" +const OnboardReadOrganisationAdminAvatar = "/onboard/admin/avatarimage" +const OnboardUpdateOrganisationAdminAvatar = "/onboard/admin/avatarimage" -const OnboardReadStatus = "/v2/onboard/status" +const OnboardReadStatus = "/onboard/status" diff --git a/internal/http_path/v2/routes.go b/internal/http_path/v2/routes.go index 4a1da78..4b1df9f 100644 --- a/internal/http_path/v2/routes.go +++ b/internal/http_path/v2/routes.go @@ -1,6 +1,8 @@ package http_path import ( + "net/http" + auditHandler "github.com/bb-consent/api/internal/handler/v2/audit" apiKeyHandler "github.com/bb-consent/api/internal/handler/v2/config/apikey" dataAgreementHandler "github.com/bb-consent/api/internal/handler/v2/config/dataagreement" @@ -21,148 +23,155 @@ import ( ) // SetRoutes sets the routes that the back end server serves -func SetRoutes(r *mux.Router, e *casbin.Enforcer) { +func SetRoutes(r *mux.Router, e *casbin.Enforcer, testMode bool) { + var wrapper = func(path string, handler http.Handler) *mux.Route { + if testMode { + path = path + "/" + } + return r.Handle(path, handler) + } + // Policy - r.Handle(ConfigReadPolicy, m.Chain(policyHandler.ConfigReadPolicy, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ConfigCreatePolicy, m.Chain(policyHandler.ConfigCreatePolicy, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(ConfigUpdatePolicy, m.Chain(policyHandler.ConfigUpdatePolicy, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(ConfigListPolicyRevisions, m.Chain(policyHandler.ConfigListPolicyRevisions, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ConfigDeletePolicy, m.Chain(policyHandler.ConfigDeletePolicy, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") - r.Handle(ConfigListPolicies, m.Chain(policyHandler.ConfigListPolicies, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigReadPolicy, m.Chain(policyHandler.ConfigReadPolicy, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigCreatePolicy, m.Chain(policyHandler.ConfigCreatePolicy, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(ConfigUpdatePolicy, m.Chain(policyHandler.ConfigUpdatePolicy, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(ConfigListPolicyRevisions, m.Chain(policyHandler.ConfigListPolicyRevisions, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigDeletePolicy, m.Chain(policyHandler.ConfigDeletePolicy, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") + wrapper(ConfigListPolicies, m.Chain(policyHandler.ConfigListPolicies, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") // Data agreement - r.Handle(ConfigReadDataAgreement, m.Chain(dataAgreementHandler.ConfigReadDataAgreement, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ConfigCreateDataAgreement, m.Chain(dataAgreementHandler.ConfigCreateDataAgreement, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(ConfigUpdateDataAgreement, m.Chain(dataAgreementHandler.ConfigUpdateDataAgreement, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(ConfigListDataAgreementRevisions, m.Chain(dataAgreementHandler.ConfigListDataAgreementRevisions, m.Logger(), m.LogApiCalls(), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authorize(e), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ConfigDeleteDataAgreement, m.Chain(dataAgreementHandler.ConfigDeleteDataAgreement, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") - r.Handle(ConfigListDataAgreements, m.Chain(dataAgreementHandler.ConfigListDataAgreements, m.Logger(), m.LogApiCalls(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ConfigListDataAttributesForDataAgreement, m.Chain(dataAgreementHandler.ConfigListDataAttributesForDataAgreement, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigReadDataAgreement, m.Chain(dataAgreementHandler.ConfigReadDataAgreement, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigCreateDataAgreement, m.Chain(dataAgreementHandler.ConfigCreateDataAgreement, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(ConfigUpdateDataAgreement, m.Chain(dataAgreementHandler.ConfigUpdateDataAgreement, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(ConfigListDataAgreementRevisions, m.Chain(dataAgreementHandler.ConfigListDataAgreementRevisions, m.Logger(), m.LogApiCalls(), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authorize(e), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigDeleteDataAgreement, m.Chain(dataAgreementHandler.ConfigDeleteDataAgreement, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") + wrapper(ConfigListDataAgreements, m.Chain(dataAgreementHandler.ConfigListDataAgreements, m.Logger(), m.LogApiCalls(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigListDataAttributesForDataAgreement, m.Chain(dataAgreementHandler.ConfigListDataAttributesForDataAgreement, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") // Data attribute - r.Handle(ConfigUpdateDataAttribute, m.Chain(dataAttributeHandler.ConfigUpdateDataAttribute, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(ConfigListDataAttributes, m.Chain(dataAttributeHandler.ConfigListDataAttributes, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigUpdateDataAttribute, m.Chain(dataAttributeHandler.ConfigUpdateDataAttribute, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(ConfigListDataAttributes, m.Chain(dataAttributeHandler.ConfigListDataAttributes, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") // Organisation webhooks related api(s) - r.Handle(ConfigReadWebhook, m.Chain(webhookHandler.ConfigReadWebhook, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ConfigCreateWebhook, m.Chain(webhookHandler.ConfigCreateWebhook, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(ConfigUpdateWebhook, m.Chain(webhookHandler.ConfigUpdateWebhook, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(ConfigDeleteWebhook, m.Chain(webhookHandler.ConfigDeleteWebhook, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") - r.Handle(ConfigListWebhooks, m.Chain(webhookHandler.ConfigListWebhooks, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ConfigPingWebhook, m.Chain(webhookHandler.ConfigPingWebhook, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(ConfigListRecentWebhookDeliveries, m.Chain(webhookHandler.ConfigListRecentWebhookDeliveries, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ConfigReadRecentWebhookDelivery, m.Chain(webhookHandler.ConfigReadRecentWebhookDelivery, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ConfigRedeliverWebhookPayloadByDeliveryID, m.Chain(webhookHandler.ConfigRedeliverWebhookPayloadByDeliveryID, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(ConfigListWebhookEventTypes, m.Chain(webhookHandler.ConfigListWebhookEventTypes, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ConfigListWebhookPayloadContentTypes, m.Chain(webhookHandler.ConfigListWebhookPayloadContentTypes, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigReadWebhook, m.Chain(webhookHandler.ConfigReadWebhook, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigCreateWebhook, m.Chain(webhookHandler.ConfigCreateWebhook, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(ConfigUpdateWebhook, m.Chain(webhookHandler.ConfigUpdateWebhook, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(ConfigDeleteWebhook, m.Chain(webhookHandler.ConfigDeleteWebhook, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") + wrapper(ConfigListWebhooks, m.Chain(webhookHandler.ConfigListWebhooks, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigPingWebhook, m.Chain(webhookHandler.ConfigPingWebhook, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(ConfigListRecentWebhookDeliveries, m.Chain(webhookHandler.ConfigListRecentWebhookDeliveries, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigReadRecentWebhookDelivery, m.Chain(webhookHandler.ConfigReadRecentWebhookDelivery, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigRedeliverWebhookPayloadByDeliveryID, m.Chain(webhookHandler.ConfigRedeliverWebhookPayloadByDeliveryID, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(ConfigListWebhookEventTypes, m.Chain(webhookHandler.ConfigListWebhookEventTypes, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigListWebhookPayloadContentTypes, m.Chain(webhookHandler.ConfigListWebhookPayloadContentTypes, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") // Organisation identity provider related API(s) - r.Handle(AddIdentityProvider, m.Chain(idpHandler.ConfigCreateIdp, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(UpdateIdentityProvider, m.Chain(idpHandler.UpdateIdentityProvider, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(DeleteIdentityProvider, m.Chain(idpHandler.DeleteIdentityProvider, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") - r.Handle(GetIdentityProvider, m.Chain(idpHandler.GetIdentityProvider, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ConfigListIdentityProviders, m.Chain(idpHandler.ConfigListIdps, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(AddIdentityProvider, m.Chain(idpHandler.ConfigCreateIdp, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(UpdateIdentityProvider, m.Chain(idpHandler.UpdateIdentityProvider, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(DeleteIdentityProvider, m.Chain(idpHandler.DeleteIdentityProvider, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") + wrapper(GetIdentityProvider, m.Chain(idpHandler.GetIdentityProvider, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigListIdentityProviders, m.Chain(idpHandler.ConfigListIdps, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") // Individual related api(s) - r.Handle(ConfigReadIndividual, m.Chain(configIndividualHandler.ConfigReadIndividual, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ConfigCreateIndividual, m.Chain(configIndividualHandler.ConfigCreateIndividual, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(ConfigUpdateIndividual, m.Chain(configIndividualHandler.ConfigUpdateIndividual, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(ConfigListIndividuals, m.Chain(configIndividualHandler.ConfigListIndividuals, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigReadIndividual, m.Chain(configIndividualHandler.ConfigReadIndividual, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigCreateIndividual, m.Chain(configIndividualHandler.ConfigCreateIndividual, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(ConfigUpdateIndividual, m.Chain(configIndividualHandler.ConfigUpdateIndividual, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(ConfigListIndividuals, m.Chain(configIndividualHandler.ConfigListIndividuals, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") // Api key related api(s) - r.Handle(ConfigCreateApiKey, m.Chain(apiKeyHandler.ConfigCreateApiKey, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(ConfigDeleteApiKey, m.Chain(apiKeyHandler.ConfigDeleteApiKey, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") - r.Handle(ConfigUpdateApiKey, m.Chain(apiKeyHandler.ConfigUpdateApiKey, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(ConfigListApiKey, m.Chain(apiKeyHandler.ConfigListApiKey, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigCreateApiKey, m.Chain(apiKeyHandler.ConfigCreateApiKey, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(ConfigDeleteApiKey, m.Chain(apiKeyHandler.ConfigDeleteApiKey, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") + wrapper(ConfigUpdateApiKey, m.Chain(apiKeyHandler.ConfigUpdateApiKey, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(ConfigListApiKey, m.Chain(apiKeyHandler.ConfigListApiKey, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ConfigCreateIndividualsInBulk, m.Chain(configIndividualHandler.ConfigCreateIndividualsInBulk, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(ConfigCreateIndividualsInBulk, m.Chain(configIndividualHandler.ConfigCreateIndividualsInBulk, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(ConfigReadPrivacyDashboard, m.Chain(privacyDashboardHandler.ConfigReadPrivacyDashboard, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ConfigReadPrivacyDashboard, m.Chain(privacyDashboardHandler.ConfigReadPrivacyDashboard, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") // Purge logs - r.Handle(ConfigPurgeOrgLogs, m.Chain(logHandler.ConfigPurgeOrgLogs, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") + wrapper(ConfigPurgeOrgLogs, m.Chain(logHandler.ConfigPurgeOrgLogs, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") // Service api(s) // Data agreements - r.Handle(ServiceReadDataAgreement, m.Chain(serviceHandler.ServiceReadDataAgreement, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ServiceListDataAgreements, m.Chain(serviceHandler.ServiceListDataAgreements, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceReadDataAgreement, m.Chain(serviceHandler.ServiceReadDataAgreement, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceListDataAgreements, m.Chain(serviceHandler.ServiceListDataAgreements, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") // Read an idp - r.Handle(ServiceReadIdp, m.Chain(serviceHandler.ServiceReadIdp, m.LoggerNoAuth(), m.SetApplicationMode(), m.AddContentType())).Methods("GET") + wrapper(ServiceReadIdp, m.Chain(serviceHandler.ServiceReadIdp, m.LoggerNoAuth(), m.SetApplicationMode(), m.AddContentType())).Methods("GET") // Policy - r.Handle(ServiceReadPolicy, m.Chain(serviceHandler.ServiceReadPolicy, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceReadPolicy, m.Chain(serviceHandler.ServiceReadPolicy, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") // Data attributes - r.Handle(ServiceListDataAttributesForDataAgreement, m.Chain(serviceHandler.ServiceListDataAttributesForDataAgreement, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceListDataAttributesForDataAgreement, m.Chain(serviceHandler.ServiceListDataAttributesForDataAgreement, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") // Verification mechanisms - r.Handle(ServiceVerificationListDataAgreements, m.Chain(serviceHandler.ServiceVerificationListDataAgreements, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ServiceVerificationFetchDataAgreementRecord, m.Chain(serviceHandler.ServiceVerificationFetchDataAgreementRecord, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ServiceVerificationFetchDataAgreementRecords, m.Chain(serviceHandler.ServiceVerificationFetchDataAgreementRecords, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceVerificationListDataAgreements, m.Chain(serviceHandler.ServiceVerificationListDataAgreements, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceVerificationFetchDataAgreementRecord, m.Chain(serviceHandler.ServiceVerificationFetchDataAgreementRecord, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceVerificationFetchDataAgreementRecords, m.Chain(serviceHandler.ServiceVerificationFetchDataAgreementRecords, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") // Recording consent - r.Handle(ServiceCreateDraftConsentRecord, m.Chain(serviceHandler.ServiceCreateDraftConsentRecord, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(ServiceCreateDataAgreementRecord, m.Chain(serviceHandler.ServiceCreateDataAgreementRecord, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(ServiceUpdateDataAgreementRecord, m.Chain(serviceHandler.ServiceUpdateDataAgreementRecord, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(ServiceDeleteIndividualDataAgreementRecords, m.Chain(serviceHandler.ServiceDeleteIndividualDataAgreementRecords, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") - r.Handle(ServiceCreatePairedDataAgreementRecord, m.Chain(serviceHandler.ServiceCreatePairedDataAgreementRecord, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(ServiceUpdateSignatureObject, m.Chain(serviceHandler.ServiceUpdateSignatureObject, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(ServiceCreateBlankSignature, m.Chain(serviceHandler.ServiceCreateBlankSignature, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(ServiceCreateDraftConsentRecord, m.Chain(serviceHandler.ServiceCreateDraftConsentRecord, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(ServiceCreateDataAgreementRecord, m.Chain(serviceHandler.ServiceCreateDataAgreementRecord, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(ServiceUpdateDataAgreementRecord, m.Chain(serviceHandler.ServiceUpdateDataAgreementRecord, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(ServiceDeleteIndividualDataAgreementRecords, m.Chain(serviceHandler.ServiceDeleteIndividualDataAgreementRecords, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("DELETE") + wrapper(ServiceCreatePairedDataAgreementRecord, m.Chain(serviceHandler.ServiceCreatePairedDataAgreementRecord, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(ServiceUpdateSignatureObject, m.Chain(serviceHandler.ServiceUpdateSignatureObject, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(ServiceCreateBlankSignature, m.Chain(serviceHandler.ServiceCreateBlankSignature, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(ServiceReadDataAgreementRecord, m.Chain(serviceHandler.ServiceReadDataAgreementRecord, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ServiceFetchIndividualDataAgreementRecords, m.Chain(serviceHandler.ServiceFetchIndividualDataAgreementRecords, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ServiceFetchRecordsForDataAgreement, m.Chain(serviceHandler.ServiceFetchRecordsForDataAgreement, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceReadDataAgreementRecord, m.Chain(serviceHandler.ServiceReadDataAgreementRecord, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceFetchIndividualDataAgreementRecords, m.Chain(serviceHandler.ServiceFetchIndividualDataAgreementRecords, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceFetchRecordsForDataAgreement, m.Chain(serviceHandler.ServiceFetchRecordsForDataAgreement, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ServiceFetchRecordsHistory, m.Chain(serviceHandler.ServiceFetchRecordsHistory, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceFetchRecordsHistory, m.Chain(serviceHandler.ServiceFetchRecordsHistory, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ServiceReadOrganisation, m.Chain(serviceHandler.ServiceReadOrganisation, m.LoggerNoAuth(), m.SetApplicationMode(), m.AddContentType())).Methods("GET") - r.Handle(ServiceReadOrganisationLogoImage, m.Chain(serviceHandler.ServiceReadOrganisationLogoImage, m.LoggerNoAuth(), m.SetApplicationMode(), m.AddContentType())).Methods("GET") - r.Handle(ServiceReadOrganisationCoverImage, m.Chain(serviceHandler.ServiceReadOrganisationCoverImage, m.LoggerNoAuth(), m.SetApplicationMode(), m.AddContentType())).Methods("GET") - r.Handle(ServiceReadOrganisationImage, m.Chain(serviceHandler.ServiceReadOrganisationImage, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceReadOrganisation, m.Chain(serviceHandler.ServiceReadOrganisation, m.LoggerNoAuth(), m.SetApplicationMode(), m.AddContentType())).Methods("GET") + wrapper(ServiceReadOrganisationLogoImage, m.Chain(serviceHandler.ServiceReadOrganisationLogoImage, m.LoggerNoAuth(), m.SetApplicationMode(), m.AddContentType())).Methods("GET") + wrapper(ServiceReadOrganisationCoverImage, m.Chain(serviceHandler.ServiceReadOrganisationCoverImage, m.LoggerNoAuth(), m.SetApplicationMode(), m.AddContentType())).Methods("GET") + wrapper(ServiceReadOrganisationImage, m.Chain(serviceHandler.ServiceReadOrganisationImage, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") // Individual related api(s) - r.Handle(ServiceReadIndividual, m.Chain(serviceIndividualHandler.ServiceReadIndividual, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ServiceCreateIndividual, m.Chain(serviceIndividualHandler.ServiceCreateIndividual, m.Logger(), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(ServiceUpdateIndividual, m.Chain(serviceIndividualHandler.ServiceUpdateIndividual, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(ServiceListIndividuals, m.Chain(serviceIndividualHandler.ServiceListIndividuals, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceReadIndividual, m.Chain(serviceIndividualHandler.ServiceReadIndividual, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(ServiceCreateIndividual, m.Chain(serviceIndividualHandler.ServiceCreateIndividual, m.Logger(), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(ServiceUpdateIndividual, m.Chain(serviceIndividualHandler.ServiceUpdateIndividual, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(ServiceListIndividuals, m.Chain(serviceIndividualHandler.ServiceListIndividuals, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKey(), m.Authenticate(), m.AddContentType())).Methods("GET") // Audit api(s) - r.Handle(AuditListDataAgreementRecords, m.Chain(auditHandler.AuditListDataAgreementRecords, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(AuditDataAgreementRecordRead, m.Chain(auditHandler.AuditDataAgreementRecordRead, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(AuditListDataAgreements, m.Chain(auditHandler.AuditListDataAgreements, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(AuditReadDataAgreement, m.Chain(auditHandler.AuditReadDataAgreement, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(AuditListDataAgreementRecords, m.Chain(auditHandler.AuditListDataAgreementRecords, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(AuditDataAgreementRecordRead, m.Chain(auditHandler.AuditDataAgreementRecordRead, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(AuditListDataAgreements, m.Chain(auditHandler.AuditListDataAgreements, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(AuditReadDataAgreement, m.Chain(auditHandler.AuditReadDataAgreement, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") // organization action logs - r.Handle(AuditGetOrgLogs, m.Chain(auditHandler.AuditGetOrgLogs, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(AuditGetOrgLogs, m.Chain(auditHandler.AuditGetOrgLogs, m.Logger(), m.LogApiCalls(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") // Onboard api(s) - r.Handle(LoginAdminUser, m.Chain(onboardHandler.LoginAdminUser, m.LoggerNoAuth(), m.AddContentType())).Methods("POST") - r.Handle(LoginUser, m.Chain(onboardHandler.LoginUser, m.LoggerNoAuth(), m.AddContentType())).Methods("POST") - r.Handle(OnboardResetPassword, m.Chain(onboardHandler.OnboardResetPassword, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(OnboardLogoutUser, m.Chain(onboardHandler.OnboardLogoutUser, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(LoginAdminUser, m.Chain(onboardHandler.LoginAdminUser, m.LoggerNoAuth(), m.AddContentType())).Methods("POST") + wrapper(LoginUser, m.Chain(onboardHandler.LoginUser, m.LoggerNoAuth(), m.AddContentType())).Methods("POST") + wrapper(OnboardResetPassword, m.Chain(onboardHandler.OnboardResetPassword, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(OnboardLogoutUser, m.Chain(onboardHandler.OnboardLogoutUser, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(OnboardRefreshToken, m.Chain(onboardHandler.OnboardRefreshToken, m.AddContentType())).Methods("POST") - r.Handle(ExchangeAuthorizationCode, m.Chain(onboardHandler.ExchangeAuthorizationCode, m.LoggerNoAuth(), m.SetApplicationMode())).Methods("POST") - r.Handle(OnboardForgotPassword, m.Chain(onboardHandler.OnboardForgotPassword, m.LoggerNoAuth(), m.SetApplicationMode())).Methods("PUT") + wrapper(OnboardRefreshToken, m.Chain(onboardHandler.OnboardRefreshToken, m.AddContentType())).Methods("POST") + wrapper(ExchangeAuthorizationCode, m.Chain(onboardHandler.ExchangeAuthorizationCode, m.LoggerNoAuth(), m.SetApplicationMode())).Methods("POST") + wrapper(OnboardForgotPassword, m.Chain(onboardHandler.OnboardForgotPassword, m.LoggerNoAuth(), m.SetApplicationMode())).Methods("PUT") - r.Handle(GetOrganizationByID, m.Chain(onboardHandler.OnboardReadOrganisation, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(UpdateOrganization, m.Chain(onboardHandler.UpdateOrganization, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(UpdateOrganizationCoverImage, m.Chain(onboardHandler.UpdateOrganizationCoverImage, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(UpdateOrganizationLogoImage, m.Chain(onboardHandler.UpdateOrganizationLogoImage, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") - r.Handle(GetOrganizationCoverImage, m.Chain(onboardHandler.GetOrganizationCoverImage, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(GetOrganizationLogoImage, m.Chain(onboardHandler.GetOrganizationLogoImage, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(GetOrganizationByID, m.Chain(onboardHandler.OnboardReadOrganisation, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(UpdateOrganization, m.Chain(onboardHandler.UpdateOrganization, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(UpdateOrganizationCoverImage, m.Chain(onboardHandler.UpdateOrganizationCoverImage, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(UpdateOrganizationLogoImage, m.Chain(onboardHandler.UpdateOrganizationLogoImage, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("POST") + wrapper(GetOrganizationCoverImage, m.Chain(onboardHandler.GetOrganizationCoverImage, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(GetOrganizationLogoImage, m.Chain(onboardHandler.GetOrganizationLogoImage, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(OnboardReadOrganisationAdmin, m.Chain(onboardHandler.OnboardReadOrganisationAdmin, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(OnboardUpdateOrganisationAdmin, m.Chain(onboardHandler.OnboardUpdateOrganisationAdmin, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(OnboardReadOrganisationAdminAvatar, m.Chain(onboardHandler.OnboardReadOrganisationAdminAvatar, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(OnboardUpdateOrganisationAdminAvatar, m.Chain(onboardHandler.OnboardUpdateOrganisationAdminAvatar, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(OnboardReadOrganisationAdmin, m.Chain(onboardHandler.OnboardReadOrganisationAdmin, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(OnboardUpdateOrganisationAdmin, m.Chain(onboardHandler.OnboardUpdateOrganisationAdmin, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") + wrapper(OnboardReadOrganisationAdminAvatar, m.Chain(onboardHandler.OnboardReadOrganisationAdminAvatar, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(OnboardUpdateOrganisationAdminAvatar, m.Chain(onboardHandler.OnboardUpdateOrganisationAdminAvatar, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("PUT") - r.Handle(OnboardReadStatus, m.Chain(onboardHandler.OnboardReadStatus, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") + wrapper(OnboardReadStatus, m.Chain(onboardHandler.OnboardReadStatus, m.Logger(), m.Authorize(e), m.SetApplicationMode(), m.ValidateAPIKeyAndIndividualId(), m.Authenticate(), m.AddContentType())).Methods("GET") - r.Handle(ServiceShowDataSharingUi, m.Chain(serviceDataSharingHandler.ServiceShowDataSharingUiHandler, m.LoggerNoAuth())).Methods("GET") + wrapper(ServiceShowDataSharingUi, m.Chain(serviceDataSharingHandler.ServiceShowDataSharingUiHandler, m.LoggerNoAuth())).Methods("GET") } diff --git a/internal/http_path/v2/service_paths.go b/internal/http_path/v2/service_paths.go index b19ae7f..9cd74ea 100644 --- a/internal/http_path/v2/service_paths.go +++ b/internal/http_path/v2/service_paths.go @@ -1,50 +1,50 @@ package http_path // Data agreements -const ServiceReadDataAgreement = "/v2/service/data-agreement/{dataAgreementId}" -const ServiceListDataAgreements = "/v2/service/data-agreements" +const ServiceReadDataAgreement = "/service/data-agreement/{dataAgreementId}" +const ServiceListDataAgreements = "/service/data-agreements" // Policy -const ServiceReadPolicy = "/v2/service/policy/{policyId}" +const ServiceReadPolicy = "/service/policy/{policyId}" // Data attributes -const ServiceListDataAttributesForDataAgreement = "/v2/service/data-agreement/{dataAgreementId}/data-attributes" +const ServiceListDataAttributesForDataAgreement = "/service/data-agreement/{dataAgreementId}/data-attributes" // Verification mechanisms -const ServiceVerificationListDataAgreements = "/v2/service/verification/data-agreements" -const ServiceVerificationFetchDataAgreementRecord = "/v2/service/verification/consent-record/{consentRecordId}" -const ServiceVerificationFetchDataAgreementRecords = "/v2/service/verification/consent-records" +const ServiceVerificationListDataAgreements = "/service/verification/data-agreements" +const ServiceVerificationFetchDataAgreementRecord = "/service/verification/consent-record/{consentRecordId}" +const ServiceVerificationFetchDataAgreementRecords = "/service/verification/consent-records" // Recording consent -const ServiceCreateDraftConsentRecord = "/v2/service/individual/record/consent-record/draft" -const ServiceCreateDataAgreementRecord = "/v2/service/individual/record/data-agreement/{dataAgreementId}" -const ServiceReadDataAgreementRecord = "/v2/service/individual/record/data-agreement/{dataAgreementId}" -const ServiceUpdateDataAgreementRecord = "/v2/service/individual/record/consent-record/{consentRecordId}" -const ServiceDeleteIndividualDataAgreementRecords = "/v2/service/individual/record" -const ServiceCreatePairedDataAgreementRecord = "/v2/service/individual/record/consent-record" +const ServiceCreateDraftConsentRecord = "/service/individual/record/consent-record/draft" +const ServiceCreateDataAgreementRecord = "/service/individual/record/data-agreement/{dataAgreementId}" +const ServiceReadDataAgreementRecord = "/service/individual/record/data-agreement/{dataAgreementId}" +const ServiceUpdateDataAgreementRecord = "/service/individual/record/consent-record/{consentRecordId}" +const ServiceDeleteIndividualDataAgreementRecords = "/service/individual/record" +const ServiceCreatePairedDataAgreementRecord = "/service/individual/record/consent-record" -const ServiceCreateBlankSignature = "/v2/service/individual/record/consent-record/{consentRecordId}/signature" -const ServiceUpdateSignatureObject = "/v2/service/individual/record/consent-record/{consentRecordId}/signature" +const ServiceCreateBlankSignature = "/service/individual/record/consent-record/{consentRecordId}/signature" +const ServiceUpdateSignatureObject = "/service/individual/record/consent-record/{consentRecordId}/signature" -const ServiceFetchIndividualDataAgreementRecords = "/v2/service/individual/record/consent-record" -const ServiceFetchRecordsForDataAgreement = "/v2/service/individual/record/data-agreement/{dataAgreementId}/all" +const ServiceFetchIndividualDataAgreementRecords = "/service/individual/record/consent-record" +const ServiceFetchRecordsForDataAgreement = "/service/individual/record/data-agreement/{dataAgreementId}/all" -const ServiceFetchRecordsHistory = "/v2/service/individual/record/consent-record/history" +const ServiceFetchRecordsHistory = "/service/individual/record/consent-record/history" // Idp -const ServiceReadIdp = "/v2/service/idp/open-id" +const ServiceReadIdp = "/service/idp/open-id" // Organisation -const ServiceReadOrganisation = "/v2/service/organisation" -const ServiceReadOrganisationLogoImage = "/v2/service/organisation/logoimage" -const ServiceReadOrganisationCoverImage = "/v2/service/organisation/coverimage" -const ServiceReadOrganisationImage = "/v2/service/image/{imageId}" +const ServiceReadOrganisation = "/service/organisation" +const ServiceReadOrganisationLogoImage = "/service/organisation/logoimage" +const ServiceReadOrganisationCoverImage = "/service/organisation/coverimage" +const ServiceReadOrganisationImage = "/service/image/{imageId}" // Individuals -const ServiceCreateIndividual = "/v2/service/individual" -const ServiceReadIndividual = "/v2/service/individual/{individualId}" -const ServiceUpdateIndividual = "/v2/service/individual/{individualId}" -const ServiceListIndividuals = "/v2/service/individuals" +const ServiceCreateIndividual = "/service/individual" +const ServiceReadIndividual = "/service/individual/{individualId}" +const ServiceUpdateIndividual = "/service/individual/{individualId}" +const ServiceListIndividuals = "/service/individuals" // Data sharing -const ServiceShowDataSharingUi = "/v2/service/data-sharing" +const ServiceShowDataSharingUi = "/service/data-sharing" diff --git a/internal/rbac/rbac.go b/internal/rbac/rbac.go index ed48863..bdb9bcc 100644 --- a/internal/rbac/rbac.go +++ b/internal/rbac/rbac.go @@ -9,153 +9,159 @@ const ( ) // GetRbacPolicies -func GetRbacPolicies() [][]string { +func GetRbacPolicies(testMode bool) [][]string { policies := [][]string{ - {"organisation_admin", "/v2/config/policy", "POST"}, - {"organisation_admin", "/v2/config/policy/{policyId}", "(GET)|(PUT)|(DELETE)"}, - {"organisation_admin", "/v2/config/policy/{policyId}/revisions", "GET"}, - {"organisation_admin", "/v2/config/policies", "GET"}, - {"organisation_admin", "/v2/config/data-agreement/{dataAgreementId}", "(GET)|(PUT)|(DELETE)"}, - {"organisation_admin", "/v2/config/data-agreement", "POST"}, - {"organisation_admin", "/v2/config/data-agreements", "GET"}, - {"organisation_admin", "/v2/config/data-agreement/{dataAgreementId}/revisions", "GET"}, - {"organisation_admin", "/v2/config/data-agreement/{dataAgreementId}/revision/{revisionId}", "GET"}, - {"organisation_admin", "/v2/config/data-agreement/{dataAgreementId}/data-attributes", "GET"}, - {"organisation_admin", "/v2/config/data-agreements/data-attribute", "POST"}, - {"organisation_admin", "/v2/config/data-agreements/data-attribute/{dataAttributeId}", "(GET)|(PUT)|(DELETE)"}, - {"organisation_admin", "/v2/config/data-agreements/data-attribute/{dataAttributeId}/revisions", "GET"}, - {"organisation_admin", "/v2/config/data-agreements/data-attributes", "GET"}, - {"organisation_admin", "/v2/config/webhooks/event-types", "GET"}, - {"organisation_admin", "/v2/config/webhooks/payload/content-types", "GET"}, - {"organisation_admin", "/v2/config/webhooks", "GET"}, - {"organisation_admin", "/v2/config/webhook", "POST"}, - {"organisation_admin", "/v2/config/webhook/{webhookId}", "(GET)|(PUT)|(DELETE)"}, - {"organisation_admin", "/v2/config/webhook/{webhookId}/ping", "POST"}, - {"organisation_admin", "/v2/config/webhooks/{webhookId}/deliveries", "GET"}, - {"organisation_admin", "/v2/config/webhooks/{webhookId}/delivery/{deliveryId}", "GET"}, - {"organisation_admin", "/v2/config/webhooks/{webhookId}/delivery/{deliveryId}/redeliver", "POST"}, - {"organisation_admin", "/v2/config/idp/open-id", "POST"}, - {"organisation_admin", "/v2/config/idp/open-ids", "GET"}, - {"organisation_admin", "/v2/config/idp/open-id/{idpId}", "(GET)|(PUT)|(DELETE)"}, - {"organisation_admin", "/v2/config/individuals", "GET"}, - {"organisation_admin", "/v2/config/individual", "POST"}, - {"organisation_admin", "/v2/config/individual/{individualId}", "(GET)|(PUT)"}, - {"organisation_admin", "/v2/config/admin/apikey", "POST"}, - {"organisation_admin", "/v2/config/admin/apikey/{apiKeyId}", "(PUT)|(DELETE)"}, - {"organisation_admin", "/v2/config/admin/apikeys", "GET"}, - {"user", "/v2/service/data-agreements", "GET"}, - {"user", "/v2/service/data-agreement/{dataAgreementId}", "GET"}, - {"user", "/v2/service/data-agreement/{dataAgreementId}/data-attributes", "GET"}, - {"user", "/v2/service/policy/{policyId}", "GET"}, - {"user", "/v2/service/verification/data-agreements", "GET"}, - {"user", "/v2/service/verification/consent-record/{consentRecordId}", "GET"}, - {"user", "/v2/service/verification/consent-records", "GET"}, - {"user", "/v2/service/individual/record/consent-record/draft", "POST"}, - {"user", "/v2/service/individual/record/data-agreement/{dataAgreementId}", "(GET)|(POST)"}, - {"user", "/v2/service/individual/record/consent-record/{consentRecordId}", "PUT"}, - {"user", "/v2/service/individual/record/consent-record", "(GET)|(POST)"}, - {"user", "/v2/service/individual/record/consent-record/{consentRecordId}/signature", "(POST)|(PUT)"}, - {"user", "/v2/service/individual/record/data-agreement/{dataAgreementId}/all", "GET"}, - {"organisation_admin", "/v2/audit/consent-records", "GET"}, - {"organisation_admin", "/v2/audit/consent-record/{consentRecordId}", "GET"}, - {"organisation_admin", "/v2/audit/data-agreements", "GET"}, - {"organisation_admin", "/v2/audit/data-agreement/{dataAgreementId}", "GET"}, - {"organisation_admin", "/v2/audit/admin/logs", "GET"}, - {"organisation_admin", "/v2/onboard/organisation", "(GET)|(PUT)"}, - {"organisation_admin", "/v2/onboard/organisation/coverimage", "(GET)|(POST)"}, - {"organisation_admin", "/v2/onboard/organisation/logoimage", "(GET)|(POST)"}, - {"user", "/v2/onboard/organisation", "GET"}, - {"user", "/v2/onboard/organisation/coverimage", "GET"}, - {"user", "/v2/onboard/organisation/logoimage", "GET"}, - {"organisation_admin", "/v2/onboard/password/reset", "PUT"}, - {"organisation_admin", "/v2/onboard/admin", "(GET)|(PUT)"}, - {"organisation_admin", "/v2/onboard/admin/avatarimage", "(GET)|(PUT)"}, - {"organisation_admin", "/v2/config/individual/upload", "POST"}, - {"organisation_admin", "/v2/config/privacy-dashboard", "GET"}, - {"organisation_admin", "/v2/onboard/status", "GET"}, - {"user", "/v2/onboard/password/reset", "PUT"}, - {"user", "/v2/service/individual/record/consent-record/history", "GET"}, - {"user", "/v2/service/idp/open-id", "GET"}, - {"user", "/v2/service/organisation", "GET"}, - {"user", "/v2/service/organisation/coverimage", "GET"}, - {"user", "/v2/service/organisation/logoimage", "GET"}, - {"user", "/v2/service/individuals", "GET"}, - {"user", "/v2/service/individual", "POST"}, - {"user", "/v2/service/individual/{individualId}", "(GET)|(PUT)"}, - {"user", "/v2/service/image/{imageId}", "GET"}, - {"user", "/v2/service/individual/record", "DELETE"}, - {"user", "/v2/onboard/logout", "POST"}, - {"organisation_admin", "/v2/onboard/logout", "POST"}, - {"audit", "/v2/audit/consent-records", "GET"}, - {"audit", "/v2/audit/consent-record/{consentRecordId}", "GET"}, - {"audit", "/v2/audit/data-agreements", "GET"}, - {"audit", "/v2/audit/data-agreement/{dataAgreementId}", "GET"}, - {"audit", "/v2/audit/admin/logs", "GET"}, - {"config", "/v2/config/policy", "POST"}, - {"config", "/v2/config/policy/{policyId}", "(GET)|(PUT)|(DELETE)"}, - {"config", "/v2/config/policy/{policyId}/revisions", "GET"}, - {"config", "/v2/config/policies", "GET"}, - {"config", "/v2/config/data-agreement/{dataAgreementId}", "(GET)|(PUT)|(DELETE)"}, - {"config", "/v2/config/data-agreement", "POST"}, - {"config", "/v2/config/data-agreements", "GET"}, - {"config", "/v2/config/data-agreement/{dataAgreementId}/revisions", "GET"}, - {"config", "/v2/config/data-agreement/{dataAgreementId}/revision/{revisionId}", "GET"}, - {"config", "/v2/config/data-agreement/{dataAgreementId}/data-attributes", "GET"}, - {"config", "/v2/config/data-agreements/data-attribute/{dataAttributeId}", "PUT"}, - {"config", "/v2/config/data-agreements/data-attributes", "GET"}, - {"config", "/v2/config/webhooks/event-types", "GET"}, - {"config", "/v2/config/webhooks/payload/content-types", "GET"}, - {"config", "/v2/config/webhooks", "GET"}, - {"config", "/v2/config/webhook", "POST"}, - {"config", "/v2/config/webhook/{webhookId}", "(GET)|(PUT)|(DELETE)"}, - {"config", "/v2/config/webhook/{webhookId}/ping", "POST"}, - {"config", "/v2/config/webhooks/{webhookId}/deliveries", "GET"}, - {"config", "/v2/config/webhooks/{webhookId}/delivery/{deliveryId}", "GET"}, - {"config", "/v2/config/webhooks/{webhookId}/delivery/{deliveryId}/redeliver", "POST"}, - {"config", "/v2/config/idp/open-id", "POST"}, - {"config", "/v2/config/idp/open-ids", "GET"}, - {"config", "/v2/config/idp/open-id/{idpId}", "(GET)|(PUT)|(DELETE)"}, - {"config", "/v2/config/individuals", "GET"}, - {"config", "/v2/config/individual", "POST"}, - {"config", "/v2/config/individual/{individualId}", "(GET)|(PUT)"}, - {"config", "/v2/config/admin/apikey", "POST"}, - {"config", "/v2/config/admin/apikey/{apiKeyId}", "(PUT)|(DELETE)"}, - {"config", "/v2/config/admin/apikeys", "GET"}, - {"service", "/v2/service/data-agreements", "GET"}, - {"service", "/v2/service/data-agreement/{dataAgreementId}", "GET"}, - {"service", "/v2/service/data-agreement/{dataAgreementId}/data-attributes", "GET"}, - {"service", "/v2/service/policy/{policyId}", "GET"}, - {"service", "/v2/service/verification/data-agreements", "GET"}, - {"service", "/v2/service/verification/consent-record/{consentRecordId}", "GET"}, - {"service", "/v2/service/verification/consent-records", "GET"}, - {"service", "/v2/service/individual/record/consent-record/draft", "POST"}, - {"service", "/v2/service/individual/record/data-agreement/{dataAgreementId}", "(GET)|(POST)"}, - {"service", "/v2/service/individual/record/consent-record/{consentRecordId}", "PUT"}, - {"service", "/v2/service/individual/record/consent-record", "(GET)|(POST)"}, - {"service", "/v2/service/individual/record/consent-record/{consentRecordId}/signature", "(POST)|(PUT)"}, - {"service", "/v2/service/individual/record/data-agreement/{dataAgreementId}/all", "GET"}, - {"service", "/v2/service/individual/record/consent-record/history", "GET"}, - {"service", "/v2/service/idp/open-id", "GET"}, - {"service", "/v2/service/organisation", "GET"}, - {"service", "/v2/service/organisation/coverimage", "GET"}, - {"service", "/v2/service/organisation/logoimage", "GET"}, - {"service", "/v2/service/individuals", "GET"}, - {"service", "/v2/service/individual", "POST"}, - {"service", "/v2/service/individual/{individualId}", "(GET)|(PUT)"}, - {"service", "/v2/service/image/{imageId}", "GET"}, - {"service", "/v2/service/individual/record", "DELETE"}, - {"onboard", "/v2/onboard/organisation", "(GET)|(PUT)"}, - {"onboard", "/v2/onboard/organisation/coverimage", "(GET)|(POST)"}, - {"onboard", "/v2/onboard/organisation/logoimage", "(GET)|(POST)"}, - {"onboard", "/v2/onboard/organisation", "GET"}, - {"onboard", "/v2/onboard/password/reset", "PUT"}, - {"onboard", "/v2/onboard/admin", "(GET)|(PUT)"}, - {"onboard", "/v2/onboard/admin/avatarimage", "(GET)|(PUT)"}, - {"onboard", "/v2/onboard/status", "GET"}, - {"onboard", "/v2/onboard/logout", "POST"}, - {"config", "/v2/config/logs/purge", "DELETE"}, - {"organisation_admin", "/v2/config/logs/purge", "DELETE"}, + {"organisation_admin", "/config/policy", "POST"}, + {"organisation_admin", "/config/policy/{policyId}", "(GET)|(PUT)|(DELETE)"}, + {"organisation_admin", "/config/policy/{policyId}/revisions", "GET"}, + {"organisation_admin", "/config/policies", "GET"}, + {"organisation_admin", "/config/data-agreement/{dataAgreementId}", "(GET)|(PUT)|(DELETE)"}, + {"organisation_admin", "/config/data-agreement", "POST"}, + {"organisation_admin", "/config/data-agreements", "GET"}, + {"organisation_admin", "/config/data-agreement/{dataAgreementId}/revisions", "GET"}, + {"organisation_admin", "/config/data-agreement/{dataAgreementId}/revision/{revisionId}", "GET"}, + {"organisation_admin", "/config/data-agreement/{dataAgreementId}/data-attributes", "GET"}, + {"organisation_admin", "/config/data-agreements/data-attribute", "POST"}, + {"organisation_admin", "/config/data-agreements/data-attribute/{dataAttributeId}", "(GET)|(PUT)|(DELETE)"}, + {"organisation_admin", "/config/data-agreements/data-attribute/{dataAttributeId}/revisions", "GET"}, + {"organisation_admin", "/config/data-agreements/data-attributes", "GET"}, + {"organisation_admin", "/config/webhooks/event-types", "GET"}, + {"organisation_admin", "/config/webhooks/payload/content-types", "GET"}, + {"organisation_admin", "/config/webhooks", "GET"}, + {"organisation_admin", "/config/webhook", "POST"}, + {"organisation_admin", "/config/webhook/{webhookId}", "(GET)|(PUT)|(DELETE)"}, + {"organisation_admin", "/config/webhook/{webhookId}/ping", "POST"}, + {"organisation_admin", "/config/webhooks/{webhookId}/deliveries", "GET"}, + {"organisation_admin", "/config/webhooks/{webhookId}/delivery/{deliveryId}", "GET"}, + {"organisation_admin", "/config/webhooks/{webhookId}/delivery/{deliveryId}/redeliver", "POST"}, + {"organisation_admin", "/config/idp/open-id", "POST"}, + {"organisation_admin", "/config/idp/open-ids", "GET"}, + {"organisation_admin", "/config/idp/open-id/{idpId}", "(GET)|(PUT)|(DELETE)"}, + {"organisation_admin", "/config/individuals", "GET"}, + {"organisation_admin", "/config/individual", "POST"}, + {"organisation_admin", "/config/individual/{individualId}", "(GET)|(PUT)"}, + {"organisation_admin", "/config/admin/apikey", "POST"}, + {"organisation_admin", "/config/admin/apikey/{apiKeyId}", "(PUT)|(DELETE)"}, + {"organisation_admin", "/config/admin/apikeys", "GET"}, + {"user", "/service/data-agreements", "GET"}, + {"user", "/service/data-agreement/{dataAgreementId}", "GET"}, + {"user", "/service/data-agreement/{dataAgreementId}/data-attributes", "GET"}, + {"user", "/service/policy/{policyId}", "GET"}, + {"user", "/service/verification/data-agreements", "GET"}, + {"user", "/service/verification/consent-record/{consentRecordId}", "GET"}, + {"user", "/service/verification/consent-records", "GET"}, + {"user", "/service/individual/record/consent-record/draft", "POST"}, + {"user", "/service/individual/record/data-agreement/{dataAgreementId}", "(GET)|(POST)"}, + {"user", "/service/individual/record/consent-record/{consentRecordId}", "PUT"}, + {"user", "/service/individual/record/consent-record", "(GET)|(POST)"}, + {"user", "/service/individual/record/consent-record/{consentRecordId}/signature", "(POST)|(PUT)"}, + {"user", "/service/individual/record/data-agreement/{dataAgreementId}/all", "GET"}, + {"organisation_admin", "/audit/consent-records", "GET"}, + {"organisation_admin", "/audit/consent-record/{consentRecordId}", "GET"}, + {"organisation_admin", "/audit/data-agreements", "GET"}, + {"organisation_admin", "/audit/data-agreement/{dataAgreementId}", "GET"}, + {"organisation_admin", "/audit/admin/logs", "GET"}, + {"organisation_admin", "/onboard/organisation", "(GET)|(PUT)"}, + {"organisation_admin", "/onboard/organisation/coverimage", "(GET)|(POST)"}, + {"organisation_admin", "/onboard/organisation/logoimage", "(GET)|(POST)"}, + {"user", "/onboard/organisation", "GET"}, + {"user", "/onboard/organisation/coverimage", "GET"}, + {"user", "/onboard/organisation/logoimage", "GET"}, + {"organisation_admin", "/onboard/password/reset", "PUT"}, + {"organisation_admin", "/onboard/admin", "(GET)|(PUT)"}, + {"organisation_admin", "/onboard/admin/avatarimage", "(GET)|(PUT)"}, + {"organisation_admin", "/config/individual/upload", "POST"}, + {"organisation_admin", "/config/privacy-dashboard", "GET"}, + {"organisation_admin", "/onboard/status", "GET"}, + {"user", "/onboard/password/reset", "PUT"}, + {"user", "/service/individual/record/consent-record/history", "GET"}, + {"user", "/service/idp/open-id", "GET"}, + {"user", "/service/organisation", "GET"}, + {"user", "/service/organisation/coverimage", "GET"}, + {"user", "/service/organisation/logoimage", "GET"}, + {"user", "/service/individuals", "GET"}, + {"user", "/service/individual", "POST"}, + {"user", "/service/individual/{individualId}", "(GET)|(PUT)"}, + {"user", "/service/image/{imageId}", "GET"}, + {"user", "/service/individual/record", "DELETE"}, + {"user", "/onboard/logout", "POST"}, + {"organisation_admin", "/onboard/logout", "POST"}, + {"audit", "/audit/consent-records", "GET"}, + {"audit", "/audit/consent-record/{consentRecordId}", "GET"}, + {"audit", "/audit/data-agreements", "GET"}, + {"audit", "/audit/data-agreement/{dataAgreementId}", "GET"}, + {"audit", "/audit/admin/logs", "GET"}, + {"config", "/config/policy", "POST"}, + {"config", "/config/policy/{policyId}", "(GET)|(PUT)|(DELETE)"}, + {"config", "/config/policy/{policyId}/revisions", "GET"}, + {"config", "/config/policies", "GET"}, + {"config", "/config/data-agreement/{dataAgreementId}", "(GET)|(PUT)|(DELETE)"}, + {"config", "/config/data-agreement", "POST"}, + {"config", "/config/data-agreements", "GET"}, + {"config", "/config/data-agreement/{dataAgreementId}/revisions", "GET"}, + {"config", "/config/data-agreement/{dataAgreementId}/revision/{revisionId}", "GET"}, + {"config", "/config/data-agreement/{dataAgreementId}/data-attributes", "GET"}, + {"config", "/config/data-agreements/data-attribute/{dataAttributeId}", "PUT"}, + {"config", "/config/data-agreements/data-attributes", "GET"}, + {"config", "/config/webhooks/event-types", "GET"}, + {"config", "/config/webhooks/payload/content-types", "GET"}, + {"config", "/config/webhooks", "GET"}, + {"config", "/config/webhook", "POST"}, + {"config", "/config/webhook/{webhookId}", "(GET)|(PUT)|(DELETE)"}, + {"config", "/config/webhook/{webhookId}/ping", "POST"}, + {"config", "/config/webhooks/{webhookId}/deliveries", "GET"}, + {"config", "/config/webhooks/{webhookId}/delivery/{deliveryId}", "GET"}, + {"config", "/config/webhooks/{webhookId}/delivery/{deliveryId}/redeliver", "POST"}, + {"config", "/config/idp/open-id", "POST"}, + {"config", "/config/idp/open-ids", "GET"}, + {"config", "/config/idp/open-id/{idpId}", "(GET)|(PUT)|(DELETE)"}, + {"config", "/config/individuals", "GET"}, + {"config", "/config/individual", "POST"}, + {"config", "/config/individual/{individualId}", "(GET)|(PUT)"}, + {"config", "/config/admin/apikey", "POST"}, + {"config", "/config/admin/apikey/{apiKeyId}", "(PUT)|(DELETE)"}, + {"config", "/config/admin/apikeys", "GET"}, + {"service", "/service/data-agreements", "GET"}, + {"service", "/service/data-agreement/{dataAgreementId}", "GET"}, + {"service", "/service/data-agreement/{dataAgreementId}/data-attributes", "GET"}, + {"service", "/service/policy/{policyId}", "GET"}, + {"service", "/service/verification/data-agreements", "GET"}, + {"service", "/service/verification/consent-record/{consentRecordId}", "GET"}, + {"service", "/service/verification/consent-records", "GET"}, + {"service", "/service/individual/record/consent-record/draft", "POST"}, + {"service", "/service/individual/record/data-agreement/{dataAgreementId}", "(GET)|(POST)"}, + {"service", "/service/individual/record/consent-record/{consentRecordId}", "PUT"}, + {"service", "/service/individual/record/consent-record", "(GET)|(POST)"}, + {"service", "/service/individual/record/consent-record/{consentRecordId}/signature", "(POST)|(PUT)"}, + {"service", "/service/individual/record/data-agreement/{dataAgreementId}/all", "GET"}, + {"service", "/service/individual/record/consent-record/history", "GET"}, + {"service", "/service/idp/open-id", "GET"}, + {"service", "/service/organisation", "GET"}, + {"service", "/service/organisation/coverimage", "GET"}, + {"service", "/service/organisation/logoimage", "GET"}, + {"service", "/service/individuals", "GET"}, + {"service", "/service/individual", "POST"}, + {"service", "/service/individual/{individualId}", "(GET)|(PUT)"}, + {"service", "/service/image/{imageId}", "GET"}, + {"service", "/service/individual/record", "DELETE"}, + {"onboard", "/onboard/organisation", "(GET)|(PUT)"}, + {"onboard", "/onboard/organisation/coverimage", "(GET)|(POST)"}, + {"onboard", "/onboard/organisation/logoimage", "(GET)|(POST)"}, + {"onboard", "/onboard/organisation", "GET"}, + {"onboard", "/onboard/password/reset", "PUT"}, + {"onboard", "/onboard/admin", "(GET)|(PUT)"}, + {"onboard", "/onboard/admin/avatarimage", "(GET)|(PUT)"}, + {"onboard", "/onboard/status", "GET"}, + {"onboard", "/onboard/logout", "POST"}, + {"config", "/config/logs/purge", "DELETE"}, + {"organisation_admin", "/config/logs/purge", "DELETE"}, + } + + for _, policy := range policies { + if !testMode { + policy[1] = "/v2" + policy[1] + "/" // Prefix with '/v2' and suffix with '/' if testmode is false + } } return policies