From 20d4171b5f86937eb00851266f29e3996a67075f Mon Sep 17 00:00:00 2001
From: Shelby Holden <sholden@broadinstitute.org>
Date: Fri, 20 Dec 2024 14:54:31 -0500
Subject: [PATCH 1/3] read/alter policies while testing for DT-1100

---
 src/main/resources/reference.conf | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/main/resources/reference.conf b/src/main/resources/reference.conf
index 4477bb032..f5f7d04f6 100644
--- a/src/main/resources/reference.conf
+++ b/src/main/resources/reference.conf
@@ -1484,11 +1484,23 @@ resourceTypes = {
       create_with_parent = {
         description = "Enables creating the request object with a parent"
       }
+      share_policy = {
+        description = "Can grant and revoke a users' permission"
+      }
+      read_policies = {
+        description = "Can read policies"
+      }
+      alter_policies = {
+        description = "Can alter policies"
+      }
+      set_parent = {
+        description = "Set the parent of the snapshot builder request"
+
     }
     ownerRoleName = "owner"
     roles = {
       owner = {
-        roleActions = ["get", "update", "delete", "create_with_parent"]
+        roleActions = ["get", "update", "delete", "create_with_parent", "share_policy", "read_policies", "alter_policies", "set_parent"]
       }
       approver = {
         roleActions = ["get", "approve", "delete"]

From 67159da250e7369c58f4cec7cfd37b68b7a5f91d Mon Sep 17 00:00:00 2001
From: Shelby Holden <sholden@broadinstitute.org>
Date: Fri, 20 Dec 2024 15:19:19 -0500
Subject: [PATCH 2/3] add paren

---
 src/main/resources/reference.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/resources/reference.conf b/src/main/resources/reference.conf
index f5f7d04f6..8e92bf252 100644
--- a/src/main/resources/reference.conf
+++ b/src/main/resources/reference.conf
@@ -1495,7 +1495,7 @@ resourceTypes = {
       }
       set_parent = {
         description = "Set the parent of the snapshot builder request"
-
+      }
     }
     ownerRoleName = "owner"
     roles = {

From ebef50896e49fb01c0c78b749507829d32917b83 Mon Sep 17 00:00:00 2001
From: Shelby Holden <sholden@broadinstitute.org>
Date: Thu, 2 Jan 2025 09:24:55 -0500
Subject: [PATCH 3/3] Add more roles

---
 src/main/resources/reference.conf | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/main/resources/reference.conf b/src/main/resources/reference.conf
index 8e92bf252..bf4000a06 100644
--- a/src/main/resources/reference.conf
+++ b/src/main/resources/reference.conf
@@ -1435,11 +1435,14 @@ resourceTypes = {
       add_child = {
         description = "add a child resource"
       }
+      "list_children" = {
+        description = "List child resources"
+      }
     }
     ownerRoleName = "steward"
     roles = {
       steward = {
-        roleActions = ["share_policy::steward", "share_policy::custodian", "update_passport_identifier", "view_journal"]
+        roleActions = ["share_policy::steward", "share_policy::custodian", "update_passport_identifier", "view_journal", "list_children"]
         includedRoles = ["custodian"]
         descendantRoles = {
           snapshot-builder-request = ["approver"]
@@ -1496,11 +1499,14 @@ resourceTypes = {
       set_parent = {
         description = "Set the parent of the snapshot builder request"
       }
+      get_parent = {
+        description = "Get the parent of the snapshot builder request"
+      }
     }
     ownerRoleName = "owner"
     roles = {
       owner = {
-        roleActions = ["get", "update", "delete", "create_with_parent", "share_policy", "read_policies", "alter_policies", "set_parent"]
+        roleActions = ["get", "update", "delete", "create_with_parent", "share_policy", "read_policies", "alter_policies", "set_parent", "get_parent"]
       }
       approver = {
         roleActions = ["get", "approve", "delete"]