From 1c0e04915183f45b0456d2a79cded0a6ac0d9a39 Mon Sep 17 00:00:00 2001
From: Darko Draskovic <darko.draskovic@harness.io>
Date: Wed, 27 Nov 2024 17:22:55 +0000
Subject: [PATCH] fix: [CODE-2855]: Use space permissions in labels and rules
 controllers (#3060)

* Use space permissions in labels and rules controllers
---
 app/api/controller/space/label_define.go       | 2 +-
 app/api/controller/space/label_delete.go       | 2 +-
 app/api/controller/space/label_list.go         | 2 +-
 app/api/controller/space/label_save.go         | 2 +-
 app/api/controller/space/label_update.go       | 2 +-
 app/api/controller/space/label_value_define.go | 2 +-
 app/api/controller/space/label_value_delete.go | 2 +-
 app/api/controller/space/label_value_list.go   | 2 +-
 app/api/controller/space/label_value_update.go | 2 +-
 app/api/controller/space/rule_create.go        | 2 +-
 app/api/controller/space/rule_delete.go        | 2 +-
 app/api/controller/space/rule_find.go          | 2 +-
 app/api/controller/space/rule_list.go          | 2 +-
 app/api/controller/space/rule_update.go        | 2 +-
 14 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/app/api/controller/space/label_define.go b/app/api/controller/space/label_define.go
index 990b8eeeb..1ad66366c 100644
--- a/app/api/controller/space/label_define.go
+++ b/app/api/controller/space/label_define.go
@@ -30,7 +30,7 @@ func (c *Controller) DefineLabel(
 	spaceRef string,
 	in *types.DefineLabelInput,
 ) (*types.Label, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_delete.go b/app/api/controller/space/label_delete.go
index e454e4ab7..47b953890 100644
--- a/app/api/controller/space/label_delete.go
+++ b/app/api/controller/space/label_delete.go
@@ -29,7 +29,7 @@ func (c *Controller) DeleteLabel(
 	spaceRef string,
 	key string,
 ) error {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
 	if err != nil {
 		return fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_list.go b/app/api/controller/space/label_list.go
index 8d498b931..a49d92b7a 100644
--- a/app/api/controller/space/label_list.go
+++ b/app/api/controller/space/label_list.go
@@ -30,7 +30,7 @@ func (c *Controller) ListLabels(
 	spaceRef string,
 	filter *types.LabelFilter,
 ) ([]*types.Label, int64, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoView)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceView)
 	if err != nil {
 		return nil, 0, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_save.go b/app/api/controller/space/label_save.go
index 7f32a4945..f947b1195 100644
--- a/app/api/controller/space/label_save.go
+++ b/app/api/controller/space/label_save.go
@@ -30,7 +30,7 @@ func (c *Controller) SaveLabel(
 	spaceRef string,
 	in *types.SaveInput,
 ) (*types.LabelWithValues, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_update.go b/app/api/controller/space/label_update.go
index 7ef005a81..5e544c9e5 100644
--- a/app/api/controller/space/label_update.go
+++ b/app/api/controller/space/label_update.go
@@ -31,7 +31,7 @@ func (c *Controller) UpdateLabel(
 	key string,
 	in *types.UpdateLabelInput,
 ) (*types.Label, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_value_define.go b/app/api/controller/space/label_value_define.go
index 2ae355fde..f72cc06b1 100644
--- a/app/api/controller/space/label_value_define.go
+++ b/app/api/controller/space/label_value_define.go
@@ -31,7 +31,7 @@ func (c *Controller) DefineLabelValue(
 	key string,
 	in *types.DefineValueInput,
 ) (*types.LabelValue, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_value_delete.go b/app/api/controller/space/label_value_delete.go
index ac1fb7845..ff12f82f8 100644
--- a/app/api/controller/space/label_value_delete.go
+++ b/app/api/controller/space/label_value_delete.go
@@ -30,7 +30,7 @@ func (c *Controller) DeleteLabelValue(
 	key string,
 	value string,
 ) error {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
 	if err != nil {
 		return fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_value_list.go b/app/api/controller/space/label_value_list.go
index 169e753b6..551afbaeb 100644
--- a/app/api/controller/space/label_value_list.go
+++ b/app/api/controller/space/label_value_list.go
@@ -31,7 +31,7 @@ func (c *Controller) ListLabelValues(
 	key string,
 	filter *types.ListQueryFilter,
 ) ([]*types.LabelValue, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoView)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceView)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/label_value_update.go b/app/api/controller/space/label_value_update.go
index d12869081..52a888e33 100644
--- a/app/api/controller/space/label_value_update.go
+++ b/app/api/controller/space/label_value_update.go
@@ -32,7 +32,7 @@ func (c *Controller) UpdateLabelValue(
 	value string,
 	in *types.UpdateValueInput,
 ) (*types.LabelValue, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/rule_create.go b/app/api/controller/space/rule_create.go
index c991cd569..772d1e0be 100644
--- a/app/api/controller/space/rule_create.go
+++ b/app/api/controller/space/rule_create.go
@@ -30,7 +30,7 @@ func (c *Controller) RuleCreate(ctx context.Context,
 	spaceRef string,
 	in *rules.CreateInput,
 ) (*types.Rule, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/rule_delete.go b/app/api/controller/space/rule_delete.go
index e51a4350b..451766dba 100644
--- a/app/api/controller/space/rule_delete.go
+++ b/app/api/controller/space/rule_delete.go
@@ -28,7 +28,7 @@ func (c *Controller) RuleDelete(ctx context.Context,
 	spaceRef string,
 	identifier string,
 ) error {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
 	if err != nil {
 		return fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/rule_find.go b/app/api/controller/space/rule_find.go
index e0a303edb..fb41675a0 100644
--- a/app/api/controller/space/rule_find.go
+++ b/app/api/controller/space/rule_find.go
@@ -29,7 +29,7 @@ func (c *Controller) RuleFind(ctx context.Context,
 	spaceRef string,
 	identifier string,
 ) (*types.Rule, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoView)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceView)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/rule_list.go b/app/api/controller/space/rule_list.go
index 9469d3b5a..d11e8f2e1 100644
--- a/app/api/controller/space/rule_list.go
+++ b/app/api/controller/space/rule_list.go
@@ -30,7 +30,7 @@ func (c *Controller) RuleList(ctx context.Context,
 	inherited bool,
 	filter *types.RuleFilter,
 ) ([]types.Rule, int64, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoView)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceView)
 	if err != nil {
 		return nil, 0, fmt.Errorf("failed to acquire access to space: %w", err)
 	}
diff --git a/app/api/controller/space/rule_update.go b/app/api/controller/space/rule_update.go
index 323973bb4..9fd20fee1 100644
--- a/app/api/controller/space/rule_update.go
+++ b/app/api/controller/space/rule_update.go
@@ -31,7 +31,7 @@ func (c *Controller) RuleUpdate(ctx context.Context,
 	identifier string,
 	in *rules.UpdateInput,
 ) (*types.Rule, error) {
-	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionRepoEdit)
+	space, err := c.getSpaceCheckAuth(ctx, session, spaceRef, enum.PermissionSpaceEdit)
 	if err != nil {
 		return nil, fmt.Errorf("failed to acquire access to space: %w", err)
 	}