We need to implement authorization checks for the creation of companies within our application.
The solution should use Keycloak to manage and verify permissions. Specifically, we need to:
Define a create_company permission in Keycloak.
Assign this permission to the appropriate role (e.g., admin, superuser).
Ensure that our application checks this permission when a user attempts to create a company.
Tasks
Configure Keycloak
[x] Create the create_company permission.
[x] Assign the permission to relevant roles.
Create Policy
[x] Creation of a policy to ensure that the user has the authorisation to perform the action
[x] Apply this policy to the company creation endpoint.
Testing
[x] Write tests to verify that unauthorized users cannot create companies.
[x] Write tests to verify that authorized users can create companies
We need to implement authorization checks for the creation of companies within our application. The solution should use Keycloak to manage and verify permissions. Specifically, we need to:
create_companypermission in Keycloak.admin,superuser).Tasks
create_companypermission.