[Misc] Add $XSAPPNAMECallback & $XSAPPNAME.mtcallback scope to xs-sec…

…urity.json (#21)
cap-js · Jul 19, 2024 · 91a5519 · 91a5519
1 parent 060cb4e
commit 91a5519
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 0 deletions.
diff --git a/files/xs-security.json.hbs b/files/xs-security.json.hbs
@@ -0,0 +1,18 @@
+{
+  "scopes": [
+    {
+      "name": "$XSAPPNAME.Callback",
+      "description": "Subscription via SaaS Registry for CAP Operator",
+      "grant-as-authority-to-apps": [
+        "$XSAPPNAME(application,sap-provisioning,tenant-onboarding)"
+      ]
+    },
+    {
+      "name": "$XSAPPNAME.mtcallback",
+      "description": "Subscription via SaaS Registry",
+      "grant-as-authority-to-apps": [
+        "$XSAPPNAME(application,sap-provisioning,tenant-onboarding)"
+      ]
+    }
+  ]
+}
diff --git a/lib/add.js b/lib/add.js
@@ -132,6 +132,12 @@ module.exports = class CapOperatorAddPlugin extends cds.add.Plugin {
         if (hasXsuaa) {
             const xsuaaaYaml = yaml.parse(Mustache.render( await read(join(__dirname, '../files/xsuaa.yaml.hbs')), project))
             await cds.add.merge(xsuaaaYaml).into(valuesYaml)
+
+            await cds.add.merge(__dirname, '../files/xs-security.json.hbs').into('xs-security.json', {
+                project,
+                additions: [{ in: 'scopes', where: { name: '$XSAPPNAME.Callback' }},
+                            { in: 'scopes', where: { name: '$XSAPPNAME.mtcallback' }}]
+              })
         }
 
         if (hasApprouter || exists('approuter')) {

diff --git a/test/add.test.js b/test/add.test.js
@@ -35,6 +35,9 @@ describe('cds add cap-operator', () => {
         expect(getFileHash(join(__dirname,'files/expectedChart/Chart.yaml'))).to.equal(getFileHash(join(bookshop, 'chart/Chart.yaml')))
         expect(getFileHash(join(__dirname,'files/expectedChart/values.schema.json'))).to.equal(getFileHash(join(bookshop, 'chart/values.schema.json')))
         expect(getFileHash(join(__dirname,'files/expectedChart/values.yaml'))).to.equal(getFileHash(join(bookshop, 'chart/values.yaml')))
+
+        // Check changes to xs-security.json
+        expect(getFileHash(join(__dirname,'files/xs-security.json'))).to.equal(getFileHash(join(bookshop, 'xs-security.json')))
     })
 
     it('Add cap-operator chart with force', async () => {

diff --git a/test/files/xs-security.json b/test/files/xs-security.json
@@ -0,0 +1,21 @@
+{
+  "scopes": [
+    {
+      "name": "$XSAPPNAME.mtcallback",
+      "description": "Subscription via SaaS Registry",
+      "grant-as-authority-to-apps": [
+        "$XSAPPNAME(application,sap-provisioning,tenant-onboarding)"
+      ]
+    },
+    {
+      "name": "$XSAPPNAME.Callback",
+      "description": "Subscription via SaaS Registry for CAP Operator",
+      "grant-as-authority-to-apps": [
+        "$XSAPPNAME(application,sap-provisioning,tenant-onboarding)"
+      ]
+    }
+  ],
+  "attributes": [],
+  "role-templates": [],
+  "authorities-inheritance": false
+}