Removed wildcard permissions from permission schema.

chrisknoll · chrisknoll · commit 1327d980fff6 · 2025-03-25T09:44:38.000-04:00
Permissions schema MUST be entity specific, not global otherwise deleting a single entity will delete the global permission.
diff --git a/src/main/java/org/ohdsi/webapi/security/model/ConceptSetPermissionSchema.java b/src/main/java/org/ohdsi/webapi/security/model/ConceptSetPermissionSchema.java
@@ -11,17 +11,14 @@ public class ConceptSetPermissionSchema extends EntityPermissionSchema {
     private static Map<String, String> writePermissions = new HashMap<String, String>() {{
         put("conceptset:%s:put", "Update Concept Set with ID = %s");
         put("conceptset:%s:items:put", "Update Items of Concept Set with ID = %s");
-        put("conceptset:*:annotation:put", "Create Concept Set Annotation");
         put("conceptset:%s:annotation:*:delete", "Delete Annotations of Concept Set with ID = %s");
-        put("conceptset:*:annotation:*:delete", "Delete Annotations of any Concept Set");
         put("conceptset:%s:delete", "Delete Concept Set with ID = %s");
     }};
 
     private static Map<String, String> readPermissions = new HashMap<String, String>() {{
         put("conceptset:%s:get", "view conceptset  definition with id %s");
         put("conceptset:%s:expression:get", "Resolve concept set %s expression");
         put("conceptset:%s:annotation:get", "Resolve concept set annotations");
-        put("conceptset:*:annotation:get", "Resolve concept set annotations");
         put("conceptset:%s:version:*:expression:get", "Get expression for concept set %s items for default source");
     }};
 
diff --git a/src/main/java/org/ohdsi/webapi/security/model/PathwayAnalysisPermissionSchema.java b/src/main/java/org/ohdsi/webapi/security/model/PathwayAnalysisPermissionSchema.java
@@ -17,9 +17,6 @@ public class PathwayAnalysisPermissionSchema extends EntityPermissionSchema {
   private static Map<String, String> readPermissions = new HashMap<String, String>() {{                                     
 	put("pathway-analysis:%s:get", "Get Pathways Analysis instance");
 	put("pathway-analysis:%s:generation:get", "Get Pathways Analysis generations list");
-	put("pathway-analysis:generation:*:get", "Get Pathways Analysis generation instance");
-	put("pathway-analysis:generation:*:result:get", "Get Pathways Analysis generation results");
-	put("pathway-analysis:generation:*:design:get", "Get Pathways Analysis generation design");
 	put("pathway-analysis:%s:version:get", "Get list of pathway analysis versions");
 	put("pathway-analysis:%s:version:*:get", "Get pathway analysis version");
       }
