Need a scope to write public safety information

[nasajoey]

The API spec states that only public safety USS can write operations with PriorityElements status = PUBLIC_SAFETY.

We don't have an appropriate scope at the moment.

[issmith1]

USS-API Swagger spec says if a BASIC_USS attempts to PUT an Operation with PriorityStatusEnum.PUBLIC_SAFETY, that data exchange should return 403. We should probably emphasis that elsewhere in the USS Spec.

Today NUSS does not enforce this 403 -- it would be a business validation.

For government USS's running in TCL4, we define some USS identities in the BASIC security role and others in the PUBSAFE role.

[nasajoey]

To others up to speed on the NASA-internal discussions:

1. There already exists a scope for writing public safety operations.
2. The PriorityElements model states in description that writing a public safety operation would require a special scope.
3. No endpoints are currently required to be protected for this (i.e. the uss-api doesn't have the pub safe write scope as allowable on any endpoint).
4. We'll be adding the pub safety write scope to the pub safety role.
5. We'll be creating a new endpoint for writing pub safety operations. This is considered easier for implementers than having to check dependencies between the operation instance and the scopes of the token. All uss's will be required to implement and protect using pub safe write scope for PUTs.

I might be forgetting a couple things. @issmith1 and @myspri can clarify if I misrepresented what we are going to do.

These are all going in the draft-dev branch and will be targeted for Sprint 4. No effect on Sprint 3.

[nasajoey]

Closing. Done. Reopen if I messed it up.