Replace uses of 'archives/write' permission with 'resources/read'

BlueBrain · Sep 19, 2023 · 872ea4b · 872ea4b
1 parent 32f1b6c
commit 872ea4b
Show file tree

Hide file tree

Showing 6 changed files with 3 additions and 14 deletions.
diff --git a/delta/app/src/main/resources/app.conf b/delta/app/src/main/resources/app.conf
@@ -112,7 +112,6 @@ app {
       "schemas/write",
       "files/write",
       "storages/write",
-      "archives/write",
       "version/read",
       "quotas/read",
       "supervision/read"
@@ -139,7 +138,6 @@ app {
       "schemas/write",
       "files/write",
       "storages/write",
-      "archives/write",
       "version/read",
       "quotas/read"
     ]

diff --git a/.../archive/src/main/scala/ch/epfl/bluebrain/nexus/delta/plugins/archive/model/package.scala b/.../archive/src/main/scala/ch/epfl/bluebrain/nexus/delta/plugins/archive/model/package.scala
@@ -38,6 +38,6 @@ package object model {
     */
   object permissions {
     final val read: Permission  = Permissions.resources.read
-    final val write: Permission = Permission.unsafe("archives/write")
+    final val write: Permission = Permissions.resources.read
   }
 }
diff --git a/...hive/src/test/scala/ch/epfl/bluebrain/nexus/delta/plugins/archive/ArchiveRoutesSpec.scala b/...hive/src/test/scala/ch/epfl/bluebrain/nexus/delta/plugins/archive/ArchiveRoutesSpec.scala
@@ -81,9 +81,7 @@ class ArchiveRoutesSpec extends BaseRouteSpec with StorageFixtures with TryValue
 
   private val perms = Seq(
     Permissions.resources.write,
-    Permissions.resources.read,
-    model.permissions.read,
-    model.permissions.write
+    Permissions.resources.read
   )
 
   private val asSubject     = addCredentials(OAuth2BearerToken("user"))

diff --git a/docs/src/main/paradox/docs/delta/api/archives-api.md b/docs/src/main/paradox/docs/delta/api/archives-api.md
@@ -10,10 +10,7 @@ Each archive...
 
 @@@ note { .tip title="Authorization notes" }	
 
-When modifying archives, the caller must have `archives/write` permissions on the current path of the project or the 
-ancestor paths.
-
-When reading archives, the caller must have `resources/read` permissions on the current path of the project or the 
+For both reading and modifying archives, the caller must have `resources/read` permissions on the current path of the project or the 
 ancestor paths.
 
 Please visit @ref:[Authentication & authorization](authentication.md) section to learn more about it.

diff --git a/docs/src/main/paradox/docs/delta/api/assets/permissions/permissions-get.json b/docs/src/main/paradox/docs/delta/api/assets/permissions/permissions-get.json
@@ -18,7 +18,6 @@
     "acls/read",
     "projects/read",
     "permissions/read",
-    "archives/write",
     "organizations/create",
     "views/query",
     "storages/write",

diff --git a/docs/src/main/paradox/docs/delta/api/permissions-api.md b/docs/src/main/paradox/docs/delta/api/permissions-api.md
@@ -66,9 +66,6 @@ Currently, the following permissions are required:
 - default permissions for storages
     - `storages/write`
 
-- default permissions for archives
-    - `archives/write`
-
 - default permissions for the version endpoint
     - `version/read`