Auth Release Notes for 1.8.12-GA

Table of Contents

New Features & Notable Changes
New Seed Data

New Features & Notable Changes

Introduce communication preferences support
- Add id field to the ApproverRef DTO sent in the CartApprovalRequestEventListener.

New Seed Data

Note that the following seed data does not have to be manually inserted when using the AuthenticationService’s DataInitializers (e.g. AuthorizedClientDataInitializer, PermissionDataInitializer, PermissionScopeDataInitializer, SecurityScopeDataInitializer, etc.) or the Broadleaf Initializer

Permissions, Scopes, and Client for PaymentTransactionService’s TransactionSummaryEndpoint

New permissions and scopes have been added and should be inserted into the auth database with the following SQL:

-- New scopes, permissions, and role assignments
INSERT INTO blc_security_scope (id, name, open) VALUES ('-216', 'SYSTEM_TRANSACTION_SUMMARY', 'N');
INSERT INTO blc_permission_scope (id, permission, is_permission_root, scope_id) VALUES ('-216', 'SYSTEM_TRANSACTION_SUMMARY', 'Y', '-216');
INSERT INTO blc_user_permission (id, archived, last_updated, name, is_account_perm, user_assignable) VALUES ('-250', 'N', '1970-01-01 00:00:00.000000', 'ALL_SYSTEM_TRANSACTION_SUMMARY', 'N', 'Y');
INSERT INTO blc_user_permission (id, archived, last_updated, name, is_account_perm, user_assignable) VALUES ('-251', 'N', '1970-01-01 00:00:00.000000', 'READ_SYSTEM_TRANSACTION_SUMMARY', 'N', 'Y');

INSERT INTO blc_client_permissions (id, permission) VALUES ('orderopsclient', 'ALL_SYSTEM_TRANSACTION_SUMMARY');
INSERT INTO blc_client_scopes (id, scope) VALUES ('orderopsclient', 'SYSTEM_TRANSACTION_SUMMARY');

If you’re consuming the openapi client for use with OpenAPI, the following permission updates are necessary:

INSERT INTO blc_client_scopes (id, scope) VALUES ('openapi', 'SYSTEM_TRANSACTION_SUMMARY');
INSERT INTO blc_client_permissions (id, permission) VALUES ('openapi', 'ALL_SYSTEM_TRANSACTION_SUMMARY');

Permissions and Scopes for NotificationService’s UserResolver

To support communication preferences, additional permissions and scopes for the notification client should be inserted into the auth database with the following SQL:

-- Additional scopes permissions for NotificationServices client
INSERT INTO blc_client_scopes (id, scope) VALUES ('notificationclient', 'CUSTOMER');
INSERT INTO blc_client_scopes (id, scope) VALUES ('notificationclient', 'ACCOUNT');
INSERT INTO blc_client_scopes (id, scope) VALUES ('notificationclient', 'ACCOUNT_MEMBER');
INSERT INTO blc_client_scopes (id, scope) VALUES ('notificationclient', 'ADMIN_USER');

INSERT INTO blc_client_permissions (id, permission) VALUES ('notificationclient', 'READ_CUSTOMER');
INSERT INTO blc_client_permissions (id, permission) VALUES ('notificationclient', 'READ_ACCOUNT');
INSERT INTO blc_client_permissions (id, permission) VALUES ('notificationclient', 'READ_ACCOUNT_MEMBER');
INSERT INTO blc_client_permissions (id, permission) VALUES ('notificationclient', 'READ_ADMIN_USER');

Permissions for Product Business Types

New permissions and scopes have been added and should be inserted into the auth database with the following SQL:

-- New scopes
INSERT INTO blc_security_scope (id, name, open) VALUES ('-90', 'PRODUCT_BUSINESS_TYPE', 'N');
INSERT INTO blc_permission_scope (id, permission, is_permission_root, scope_id) VALUES ('-136', 'PRODUCT_BUSINESS_TYPE', 'Y', '-90');

-- New permissions
INSERT INTO blc_user_permission (id, archived, last_updated, name, is_account_perm, user_assignable) VALUES ('-130', 'N', '2023-08-24 18:35:15.90846', 'READ_PRODUCT_BUSINESS_TYPE', 'N', 'Y');
INSERT INTO blc_user_permission (id, archived, last_updated, name, is_account_perm, user_assignable) VALUES ('-131', 'N', '2023-08-24 18:35:15.917353', 'ALL_PRODUCT_BUSINESS_TYPE', 'N', 'Y');

-- Add permissions to admin roles
INSERT INTO blc_role_permission_xref (role_id, permission_id) VALUES ('-2', '-131');
INSERT INTO blc_role_permission_xref (role_id, permission_id) VALUES ('-7', '-131');
INSERT INTO blc_role_permission_xref (role_id, permission_id) VALUES ('-201', '-131');
INSERT INTO blc_role_permission_xref (role_id, permission_id) VALUES ('-202', '-131');

-- Add client scopes and permissions
INSERT INTO blc_client_scopes (id, scope) VALUES ('anonymous', 'PRODUCT_BUSINESS_TYPE');
INSERT INTO blc_client_permissions (id, permission) VALUES ('anonymous', 'READ_PRODUCT_BUSINESS_TYPE');