From 4be11f88926de9002bb7804fe1502e55f15ed00a Mon Sep 17 00:00:00 2001
From: He Weiwei <hweiwei@vmware.com>
Date: Tue, 2 Jul 2019 14:40:39 +0800
Subject: [PATCH] Fix read permission of project member read api

Signed-off-by: He Weiwei <hweiwei@vmware.com>
---
 src/common/rbac/project/util.go         | 1 +
 src/common/rbac/project/visitor_role.go | 4 ++++
 src/core/api/projectmember_test.go      | 9 +++++++++
 3 files changed, 14 insertions(+)

diff --git a/src/common/rbac/project/util.go b/src/common/rbac/project/util.go
index 2a7a6968d..d94033f0f 100644
--- a/src/common/rbac/project/util.go
+++ b/src/common/rbac/project/util.go
@@ -54,6 +54,7 @@ var (
 		{Resource: rbac.ResourceSelf, Action: rbac.ActionDelete},
 
 		{Resource: rbac.ResourceMember, Action: rbac.ActionCreate},
+		{Resource: rbac.ResourceMember, Action: rbac.ActionRead},
 		{Resource: rbac.ResourceMember, Action: rbac.ActionUpdate},
 		{Resource: rbac.ResourceMember, Action: rbac.ActionDelete},
 		{Resource: rbac.ResourceMember, Action: rbac.ActionList},
diff --git a/src/common/rbac/project/visitor_role.go b/src/common/rbac/project/visitor_role.go
index 4287f97db..000062508 100644
--- a/src/common/rbac/project/visitor_role.go
+++ b/src/common/rbac/project/visitor_role.go
@@ -27,6 +27,7 @@ var (
 			{Resource: rbac.ResourceSelf, Action: rbac.ActionDelete},
 
 			{Resource: rbac.ResourceMember, Action: rbac.ActionCreate},
+			{Resource: rbac.ResourceMember, Action: rbac.ActionRead},
 			{Resource: rbac.ResourceMember, Action: rbac.ActionUpdate},
 			{Resource: rbac.ResourceMember, Action: rbac.ActionDelete},
 			{Resource: rbac.ResourceMember, Action: rbac.ActionList},
@@ -105,6 +106,7 @@ var (
 		"master": {
 			{Resource: rbac.ResourceSelf, Action: rbac.ActionRead},
 
+			{Resource: rbac.ResourceMember, Action: rbac.ActionRead},
 			{Resource: rbac.ResourceMember, Action: rbac.ActionList},
 
 			{Resource: rbac.ResourceMetadata, Action: rbac.ActionCreate},
@@ -172,6 +174,7 @@ var (
 		"developer": {
 			{Resource: rbac.ResourceSelf, Action: rbac.ActionRead},
 
+			{Resource: rbac.ResourceMember, Action: rbac.ActionRead},
 			{Resource: rbac.ResourceMember, Action: rbac.ActionList},
 
 			{Resource: rbac.ResourceLog, Action: rbac.ActionList},
@@ -221,6 +224,7 @@ var (
 		"guest": {
 			{Resource: rbac.ResourceSelf, Action: rbac.ActionRead},
 
+			{Resource: rbac.ResourceMember, Action: rbac.ActionRead},
 			{Resource: rbac.ResourceMember, Action: rbac.ActionList},
 
 			{Resource: rbac.ResourceLog, Action: rbac.ActionList},
diff --git a/src/core/api/projectmember_test.go b/src/core/api/projectmember_test.go
index 6cbef32ea..bd7b7d043 100644
--- a/src/core/api/projectmember_test.go
+++ b/src/core/api/projectmember_test.go
@@ -52,6 +52,15 @@ func TestProjectMemberAPI_Get(t *testing.T) {
 			},
 			code: http.StatusBadRequest,
 		},
+		// 200
+		{
+			request: &testingRequest{
+				method:     http.MethodGet,
+				url:        fmt.Sprintf("/api/projects/1/members/%d", projAdminPMID),
+				credential: admin,
+			},
+			code: http.StatusOK,
+		},
 		// 404
 		{
 			request: &testingRequest{