[BTD-577] Update roles

ministryofjustice · Feb 27, 2025 · fb92832 · fb92832
1 parent 98f9077
commit fb92832
Show file tree

Hide file tree

Showing 9 changed files with 43 additions and 41 deletions.
diff --git a/...main/kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/config/OpenApiConfiguration.kt b/...main/kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/config/OpenApiConfiguration.kt
@@ -8,11 +8,11 @@ import io.swagger.v3.oas.models.servers.Server
 import org.springframework.boot.info.BuildProperties
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
-import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Keys.KEY_LEARNERS
-import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Keys.KEY_MATCHING
+import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Keys.KEY_LEARNERS_RD
+import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Keys.KEY_LEARNERS_UI
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLES
-import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS_MATCH__RW
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS_SEARCH__RO
+import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI
 
 @Configuration
 class OpenApiConfiguration(buildProperties: BuildProperties) {
@@ -31,15 +31,15 @@ class OpenApiConfiguration(buildProperties: BuildProperties) {
     )
     .components(
       Components().addSecuritySchemes(
-        KEY_LEARNERS,
+        KEY_LEARNERS_RD,
         SecurityScheme().addBearerJwtRequirement(ROLE_LEARNER_RECORDS_SEARCH__RO),
       ).addSecuritySchemes(
-        KEY_MATCHING,
-        SecurityScheme().addBearerJwtRequirement(ROLE_LEARNER_RECORDS_MATCH__RW),
+        KEY_LEARNERS_UI,
+        SecurityScheme().addBearerJwtRequirement(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI),
       ),
     )
-    .addSecurityItem(SecurityRequirement().addList(KEY_LEARNERS, ROLES[ROLE_LEARNER_RECORDS_SEARCH__RO]))
-    .addSecurityItem(SecurityRequirement().addList(KEY_MATCHING, ROLES[ROLE_LEARNER_RECORDS_MATCH__RW]))
+    .addSecurityItem(SecurityRequirement().addList(KEY_LEARNERS_RD, ROLES[ROLE_LEARNER_RECORDS_SEARCH__RO]))
+    .addSecurityItem(SecurityRequirement().addList(KEY_LEARNERS_UI, ROLES[ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI]))
 }
 
 private fun SecurityScheme.addBearerJwtRequirement(role: String): SecurityScheme = type(SecurityScheme.Type.HTTP)

diff --git a/src/main/kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/config/Roles.kt b/src/main/kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/config/Roles.kt
@@ -2,23 +2,23 @@ package uk.gov.justice.digital.hmpps.learnerrecordsapi.config
 
 object Keys {
 
-  const val KEY_LEARNERS = "role-learners"
-  const val KEY_MATCHING = "role-matching"
+  const val KEY_LEARNERS_RD = "role-learners-rd"
+  const val KEY_LEARNERS_UI = "role-learners-ui"
 }
 
 object Roles {
 
   const val ROLE_LEARNER_RECORDS_SEARCH__RO =
     "ROLE_LEARNER_RECORDS_SEARCH__RO"
 
-  const val ROLE_LEARNER_RECORDS_MATCH__RW =
-    "ROLE_LEARNER_RECORDS_MATCH__RW"
+  const val ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI =
+    "ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI"
 
   private const val READ = "read"
   private const val WRITE = "write"
 
   val ROLES = mapOf(
     ROLE_LEARNER_RECORDS_SEARCH__RO to listOf(READ),
-    ROLE_LEARNER_RECORDS_MATCH__RW to listOf(READ, WRITE),
+    ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI to listOf(READ, WRITE),
   )
 }
diff --git a/...n/kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/resource/LearnerEventsResource.kt b/...n/kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/resource/LearnerEventsResource.kt
@@ -11,7 +11,7 @@ import org.springframework.web.bind.annotation.RequestHeader
 import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RestController
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.AuditEvent.createAuditEvent
-import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS_SEARCH__RO
+import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.logging.LoggerUtil
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.logging.LoggerUtil.log
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.models.request.LearnerEventsRequest
@@ -21,7 +21,7 @@ import uk.gov.justice.digital.hmpps.learnerrecordsapi.service.LearnerEventsServi
 import uk.gov.justice.hmpps.sqs.audit.HmppsAuditService
 
 @RestController
-@PreAuthorize("hasRole('$ROLE_LEARNER_RECORDS_SEARCH__RO')")
+@PreAuthorize("hasRole('$ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI')")
 @RequestMapping(value = ["/learner-events"], produces = ["application/json"])
 class LearnerEventsResource(
   private val learnerEventsService: LearnerEventsService,

diff --git a/src/main/kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/resource/LearnersResource.kt b/src/main/kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/resource/LearnersResource.kt
@@ -11,7 +11,7 @@ import org.springframework.web.bind.annotation.RequestHeader
 import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RestController
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.AuditEvent.createAuditEvent
-import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS_SEARCH__RO
+import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.logging.LoggerUtil
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.logging.LoggerUtil.log
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.models.request.LearnersRequest
@@ -21,7 +21,7 @@ import uk.gov.justice.digital.hmpps.learnerrecordsapi.service.LearnersService
 import uk.gov.justice.hmpps.sqs.audit.HmppsAuditService
 
 @RestController
-@PreAuthorize("hasRole('$ROLE_LEARNER_RECORDS_SEARCH__RO')")
+@PreAuthorize("hasRole('$ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI')")
 @RequestMapping(value = ["/learners"], produces = ["application/json"])
 class LearnersResource(
   private val learnersService: LearnersService,

diff --git a/src/main/kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/resource/MatchResource.kt b/src/main/kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/resource/MatchResource.kt
@@ -12,7 +12,8 @@ import org.springframework.web.bind.annotation.RequestBody
 import org.springframework.web.bind.annotation.RequestHeader
 import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RestController
-import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS_MATCH__RW
+import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS_SEARCH__RO
+import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.logging.LoggerUtil
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.logging.LoggerUtil.log
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.models.request.ConfirmMatchRequest
@@ -23,7 +24,6 @@ import uk.gov.justice.digital.hmpps.learnerrecordsapi.openapi.MatchConfirmApi
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.service.MatchService
 import java.net.URI
 
-@PreAuthorize("hasRole('$ROLE_LEARNER_RECORDS_MATCH__RW')")
 @RestController
 @RequestMapping(value = ["/match"], produces = ["application/json"])
 class MatchResource(
@@ -32,6 +32,7 @@ class MatchResource(
 
   val logger = LoggerUtil.getLogger<MatchResource>()
 
+  @PreAuthorize("hasAnyRole('$ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI', '$ROLE_LEARNER_RECORDS_SEARCH__RO')")
   @GetMapping("/{nomisId}")
   @Tag(name = "Match")
   @MatchCheckApi
@@ -51,6 +52,7 @@ class MatchResource(
     )
   }
 
+  @PreAuthorize("hasRole('$ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI')")
   @PostMapping(value = ["/{nomisId}"])
   @Tag(name = "Match")
   @MatchConfirmApi

diff --git a/...k/gov/justice/digital/hmpps/learnerrecordsapi/integration/LearnerEventsResourceIntTest.kt b/...k/gov/justice/digital/hmpps/learnerrecordsapi/integration/LearnerEventsResourceIntTest.kt
@@ -11,7 +11,7 @@ import org.springframework.http.MediaType
 import software.amazon.awssdk.services.sqs.model.PurgeQueueRequest
 import software.amazon.awssdk.services.sqs.model.ReceiveMessageRequest
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.HmppsBoldLrsExceptionHandler
-import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS_SEARCH__RO
+import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.integration.wiremock.LRSApiExtension.Companion.lrsApiMock
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.models.lrsapi.response.LearningEvent
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.models.request.Gender
@@ -55,7 +55,7 @@ class LearnerEventsResourceIntTest : IntegrationTestBase() {
       val actualResponse = objectMapper.readValue(
         webTestClient.post()
           .uri("/learner-events")
-          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_SEARCH__RO)))
+          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
           .header("X-Username", "TestUser")
           .bodyValue(getLearningEventsRequest)
           .accept(MediaType.parseMediaType("application/json"))
@@ -105,7 +105,7 @@ class LearnerEventsResourceIntTest : IntegrationTestBase() {
       val actualResponse = objectMapper.readValue(
         webTestClient.post()
           .uri("/learner-events")
-          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_SEARCH__RO)))
+          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
           .header("X-Username", "TestUser")
           .bodyValue(getLearningEventsRequest)
           .accept(MediaType.parseMediaType("application/json"))
@@ -159,7 +159,7 @@ class LearnerEventsResourceIntTest : IntegrationTestBase() {
       val actualResponse = objectMapper.readValue(
         webTestClient.post()
           .uri("/learner-events")
-          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_SEARCH__RO)))
+          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
           .header("X-Username", "TestUser")
           .bodyValue(getLearningEventsRequest)
           .accept(MediaType.parseMediaType("application/json"))
@@ -190,7 +190,7 @@ class LearnerEventsResourceIntTest : IntegrationTestBase() {
       val actualResponse = objectMapper.readValue(
         webTestClient.post()
           .uri("/learner-events")
-          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_SEARCH__RO)))
+          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
           .header("X-Username", "TestUser")
           .bodyValue(getLearningEventsRequest)
           .accept(MediaType.parseMediaType("application/json"))
@@ -221,7 +221,7 @@ class LearnerEventsResourceIntTest : IntegrationTestBase() {
       val actualResponse = objectMapper.readValue(
         webTestClient.post()
           .uri("/learner-events")
-          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_SEARCH__RO)))
+          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
           .header("X-Username", "TestUser")
           .bodyValue(getLearningEventsRequest)
           .accept(MediaType.parseMediaType("application/json"))
@@ -244,7 +244,7 @@ class LearnerEventsResourceIntTest : IntegrationTestBase() {
       val actualResponse = objectMapper.readValue(
         webTestClient.post()
           .uri("/learner-events")
-          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_SEARCH__RO)))
+          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
           .bodyValue(getLearningEventsRequest)
           .accept(MediaType.parseMediaType("application/json"))
           .exchange()
@@ -272,7 +272,7 @@ class LearnerEventsResourceIntTest : IntegrationTestBase() {
       val actualResponse = objectMapper.readValue(
         webTestClient.post()
           .uri("/learner-events")
-          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_SEARCH__RO)))
+          .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
           .header("X-Username", "TestUser")
           .bodyValue(extendedRequestBody)
           .accept(MediaType.parseMediaType("application/json"))
@@ -303,7 +303,7 @@ class LearnerEventsResourceIntTest : IntegrationTestBase() {
     lrsApiMock.stubLearningEventsExactMatchFull()
     webTestClient.post()
       .uri("/learner-events")
-      .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_SEARCH__RO)))
+      .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
       .header("X-Username", "TestUser")
       .bodyValue(getLearningEventsRequest)
       .accept(MediaType.parseMediaType("application/json"))

diff --git a/...lin/uk/gov/justice/digital/hmpps/learnerrecordsapi/integration/LearnersResourceIntTest.kt b/...lin/uk/gov/justice/digital/hmpps/learnerrecordsapi/integration/LearnersResourceIntTest.kt
@@ -11,7 +11,7 @@ import org.springframework.http.MediaType
 import software.amazon.awssdk.services.sqs.model.PurgeQueueRequest
 import software.amazon.awssdk.services.sqs.model.ReceiveMessageRequest
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.HmppsBoldLrsExceptionHandler
-import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS_SEARCH__RO
+import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.integration.wiremock.LRSApiExtension.Companion.lrsApiMock
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.models.lrsapi.response.Learner
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.models.request.Gender
@@ -68,7 +68,7 @@ class LearnersResourceIntTest : IntegrationTestBase() {
     ): Any? {
       val executedRequest = webTestClient.post()
         .uri("/learners")
-        .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_SEARCH__RO)))
+        .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
         .header("X-Username", "TestUser")
         .bodyValue(request)
         .accept(MediaType.parseMediaType("application/json"))
@@ -307,7 +307,7 @@ class LearnersResourceIntTest : IntegrationTestBase() {
 
       val executedRequest = webTestClient.post()
         .uri("/learners")
-        .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_SEARCH__RO)))
+        .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
         .bodyValue(findLearnerByDemographicsRequest)
         .accept(MediaType.parseMediaType("application/json"))
         .exchange()
@@ -338,7 +338,7 @@ class LearnersResourceIntTest : IntegrationTestBase() {
 
       val executedRequest = webTestClient.post()
         .uri("/learners")
-        .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_SEARCH__RO)))
+        .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
         .header("X-Username", "TestUser")
         .bodyValue(extendedRequestBody)
         .accept(MediaType.parseMediaType("application/json"))
@@ -358,7 +358,7 @@ class LearnersResourceIntTest : IntegrationTestBase() {
       lrsApiMock.stubLearnerByDemographicsExactMatch()
       webTestClient.post()
         .uri("/learners")
-        .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_SEARCH__RO)))
+        .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
         .header("X-Username", "TestUser")
         .bodyValue(findLearnerByDemographicsRequest)
         .accept(MediaType.parseMediaType("application/json"))

diff --git a/...kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/integration/MatchResourceIntTest.kt b/...kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/integration/MatchResourceIntTest.kt
@@ -19,7 +19,7 @@ import org.springframework.http.HttpStatus
 import org.springframework.http.MediaType
 import org.springframework.test.web.reactive.server.WebTestClient
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.HmppsBoldLrsExceptionHandler
-import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS_MATCH__RW
+import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.models.db.MatchEntity
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.models.request.ConfirmMatchRequest
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.models.response.CheckMatchResponse
@@ -67,7 +67,7 @@ class MatchResourceIntTest : IntegrationTestBase() {
   ) {
     val executedRequest = webTestClient.get()
       .uri("/match/$nomisId")
-      .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_MATCH__RW)))
+      .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
       .header("X-Username", "TestUser")
       .accept(MediaType.parseMediaType("application/json"))
       .exchange()
@@ -93,7 +93,7 @@ class MatchResourceIntTest : IntegrationTestBase() {
 
   private fun postMatch(nomisId: String, uln: String, expectedStatus: Int): WebTestClient.ResponseSpec = webTestClient.post()
     .uri("/match/$nomisId")
-    .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS_MATCH__RW)))
+    .headers(setAuthorisation(roles = listOf(ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI)))
     .header("X-Username", "TestUser")
     .bodyValue(ConfirmMatchRequest(uln, givenName, familyName, dateOfBirth, gender))
     .accept(MediaType.parseMediaType("application/json"))

diff --git a/...test/kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/integration/OpenApiDocsTest.kt b/...test/kotlin/uk/gov/justice/digital/hmpps/learnerrecordsapi/integration/OpenApiDocsTest.kt
@@ -6,11 +6,11 @@ import org.assertj.core.api.Assertions.assertThat
 import org.junit.jupiter.api.Test
 import org.springframework.boot.test.web.server.LocalServerPort
 import org.springframework.http.MediaType
-import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Keys.KEY_LEARNERS
-import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Keys.KEY_MATCHING
+import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Keys.KEY_LEARNERS_RD
+import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Keys.KEY_LEARNERS_UI
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLES
-import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS_MATCH__RW
 import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS_SEARCH__RO
+import uk.gov.justice.digital.hmpps.learnerrecordsapi.config.Roles.ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI
 
 class OpenApiDocsTest : IntegrationTestBase() {
   @LocalServerPort
@@ -93,8 +93,8 @@ class OpenApiDocsTest : IntegrationTestBase() {
       .expectBody()
 
     val keys = mapOf(
-      KEY_LEARNERS to ROLE_LEARNER_RECORDS_SEARCH__RO,
-      KEY_MATCHING to ROLE_LEARNER_RECORDS_MATCH__RW,
+      KEY_LEARNERS_RD to ROLE_LEARNER_RECORDS_SEARCH__RO,
+      KEY_LEARNERS_UI to ROLE_LEARNER_RECORDS__LEARNER_RECORDS_MATCH_UI,
     )
 
     var index = 0