Skip to content

refactor(user_roles): implement parent group info based role APIs #8896

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 10 commits into
base: main
Choose a base branch
from
Open

refactor(user_roles): implement parent group info based role APIs #8896

wants to merge 10 commits into from

Conversation

kanikabansal-juspay
Copy link
Contributor

@kanikabansal-juspay kanikabansal-juspay commented Aug 11, 2025
edited
Loading

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

POST /user/role/v2

  • Creates a role using parent_groups (with name + scopes) instead of granular groups.
  • Internally maps parent_groups + scopes to existing granular permissions for DB storage.

GET /user/role/list/?entity_type={entity_type}&groups=true

  • Replicates existing /user/role/list functionality but replaces the groups field with a parent_groups array containing:
    • name
    • description
    • scopes

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Motivation and Context

We are standardizing all role-related APIs (/role/list, /role/v2) to use parent group + scopes rather than granular permissions like we use in the Invite api.

Improves readability for FE consumers and ensures consistency across role creation and retrieval.

How did you test it?

  1. Create Custom Role
    Request:
curl --location 'http://localhost:8080/user/role/v2' \
--header 'Cookie: *******
--header 'Content-Type: application/json' \
--data '{
    "role_scope": "merchant",
    "parent_groups": [
         {
            "name": "Operations",
            "scopes": [
                "read",
                "write"
            ]
        },
        {
            "name": "Connectors",
            "scopes": [
                "write"
            ]
        },
        {
            "name": "Analytics",
            "scopes": [
                "read"
               
            ]
        },
        {
            "name": "Internal",
            "scopes": [
                "read",
                "write"
               
            ]
        }

    ],
    "role_name": "roles_123"
}'
  1. Get Role Info List
curl --location 'http://localhost:8080/user/role/list/?entity_type=merchant&groups=true' \
--header 'Cookie: *******

Response:

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible

@kanikabansal-juspay kanikabansal-juspay requested review from a team as code owners August 11, 2025 08:29
@semanticdiff-com SemanticDiff.com
Copy link

semanticdiff-com bot commented Aug 11, 2025
edited
Loading

Review changes with  SemanticDiff

Changed Files
File Status
  crates/router/src/routes/app.rs  97% smaller
  crates/router/src/core/user_role.rs  96% smaller
  crates/common_enums/src/enums.rs  93% smaller
  crates/api_models/src/events/user_role.rs  62% smaller
  crates/router/src/services/authorization/permission_groups.rs  47% smaller
  crates/router/src/routes/lock_utils.rs  36% smaller
  crates/router/src/core/user_role/role.rs  33% smaller
  crates/router/src/routes/user_role.rs  13% smaller
  crates/api_models/src/user_role/role.rs  7% smaller
  crates/router_env/src/logger/types.rs  0% smaller

@kanikabansal-juspay kanikabansal-juspay self-assigned this Aug 11, 2025
@kanikabansal-juspay kanikabansal-juspay linked an issue Aug 11, 2025 that may be closed by this pull request
refactor: parent group info based standardized role APIs juspay/hyperswitch-control-center#3426
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@kanikabansal-juspay kanikabansal-juspay

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

refactor: parent group info based standardized role APIs
1 participant
@kanikabansal-juspay