feat(impl):[TRI-259] update docs

eclipse-tractusx · Jan 2, 2024 · c67b95c · c67b95c
1 parent 4e8a355
commit c67b95c
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 14 deletions.
diff --git a/docs/src/docs/administration/configuration.adoc b/docs/src/docs/administration/configuration.adoc
@@ -89,7 +89,7 @@ When IRS calls EDC Discovery Service to fetch connector endpoints for BPNLs, the
 This parameter define how long cache is maintained before it is cleared. Data is in ISO 8601.
 
 == OAuth2 Configuration
-Previously, OAuth2 protocol was used by IRS to protect the APIs and other resources. As reference, latest IRS version that supported OAuth2 protocol was 4.3.0, which can be found here: https://github.com/eclipse-tractusx/item-relationship-service/releases/tag/4.3.0.
+Previously, OAuth2 protocol was used by IRS to protect the APIs and other resources. As a reference, latest IRS version that supported OAuth2 protocol was 4.3.0, which can be found here: https://github.com/eclipse-tractusx/item-relationship-service/releases/tag/4.3.0.
 
 === Semantic Model Provisioning
 The IRS can retrieve semantic models in two ways:

diff --git a/docs/src/docs/arc42/cross-cutting/safety-security.adoc b/docs/src/docs/arc42/cross-cutting/safety-security.adoc
@@ -6,8 +6,7 @@
 
 The IRS API is secured using API Keys (tokens that a client provides when invoking API calls). IRS identifies API clients based on the provided token inside 'X-API-KEY' request header, and then checks the token with configuration. API Keys can be configured with helm configuration entries - check Administration Guide to know how to do this. Every request to the IRS API requires a valid 'X-API-KEY' header to be successfully authenticated.
 
-Currently, IRS API handles two roles: *'admin_irs'* and *'view_irs'.* A valid token with the *'admin_irs'* role can access any endpoint exposed by the IRS API, while a token with the *'view_irs'* role does not have access to policies endpoints and can operate only on resources it owns.
-That means that he only has access to the resources he has created, e.g. jobs and batches.
+Currently, IRS API handles two roles: *'admin_irs'* and *'view_irs'.* A valid token with the *'admin_irs'* role can access any endpoint exposed by the IRS API, including Policies management API. A valid token with the *'view_irs'* role does not have access to policies endpoints.
 This behavior is shown in the table below.
 
 ==== Rights and Roles Matrix of IRS
@@ -19,21 +18,21 @@ This behavior is shown in the table below.
 |                  | Update policy     | PUT /irs/policies/{policyId}    |            | x
 |                  | Delete policy     | DELETE /irs/policies/{policyId} |            | x
 | Aspect models    | Get aspect models | GET /irs/aspectmodels           |  x         | x
-| Job processing   | Register job      | POST /irs/jobs                  | (x)        | x
-|                  | Get jobs          | GET /irs/jobs                   | (x)        | x
-|                  | Get job           | GET /irs/jobs/{jobId}           | (x)        | x
-|                  | Cancel job        | PUT /irs/jobs/{jobId}           | (x)        | x
-| Batch processing | Register order    | POST /irs/orders                | (x)        | x
-|                  | Get order         | GET /irs/orders/{orderId}       | (x)        | x
-|                  | Cancel order      | PUT /irs/orders/{orderId}       | (x)        | x
-|                  | Get batch         | GET /irs/orders/{orderId}/batches/{batchId}  | (x)    | x
+| Job processing   | Register job      | POST /irs/jobs                  |  x        | x
+|                  | Get jobs          | GET /irs/jobs                   |  x        | x
+|                  | Get job           | GET /irs/jobs/{jobId}           |  x        | x
+|                  | Cancel job        | PUT /irs/jobs/{jobId}           |  x        | x
+| Batch processing | Register order    | POST /irs/orders                |  x        | x
+|                  | Get order         | GET /irs/orders/{orderId}       |  x        | x
+|                  | Cancel order      | PUT /irs/orders/{orderId}       |  x        | x
+|                  | Get batch         | GET /irs/orders/{orderId}/batches/{batchId}  | x    | x
 | Environmental- and
-Social Standards   | Register investigation job | POST /ess/bpn/investigations        | (x)    | x
-|                  | Get investigation job      | GET /ess/bpn/investigations{id}     | (x)    | x
+Social Standards   | Register investigation job | POST /ess/bpn/investigations        | x    | x
+|                  | Get investigation job      | GET /ess/bpn/investigations{id}     | x    | x
 |                  | Accept notifications       | POST /ess/notification/receive      | x      | x
 |===
 
-Legend: x = full access to all resources, (x) = access to the resources he owns
+Legend: x = full access to all resources
 
 === IRS as DTR client
 

diff --git a/irs-api/src/main/resources/application.yml b/irs-api/src/main/resources/application.yml
@@ -241,3 +241,4 @@ ess:
     mockEdcResult: { } # Mocked BPN Investigation results
     mockRecursiveEdcAsset: # Mocked BPN Recursive Investigation results
 
+apiAllowedBpn: ${API_ALLOWED_BPN:BPNL00000001CRHK} # BPN value that is allowed to access IRS API
Original file line number	Diff line number	Diff line change
Expand Up		@@ -241,3 +241,4 @@ ess:
		mockEdcResult: { } # Mocked BPN Investigation results
		mockRecursiveEdcAsset: # Mocked BPN Recursive Investigation results

		apiAllowedBpn: ${API_ALLOWED_BPN:BPNL00000001CRHK} # BPN value that is allowed to access IRS API