Add support for permission arrays in route policies (#2113)

Part of OPS-3897.

Author: MarceloRGonc

packages/server/api/src/app/core/security/route-policies/route-security-policy-factory.ts

@@ -18,7 +18,7 @@ export function getOrganizationScopedRoutePolicy({
 }: {
   allowedPrincipals: readonly PrincipalType[];
   organizationIdSource?: PropertySource;
-  permission?: Permission;
+  permission?: Permission | readonly Permission[];
 }): AuthenticatedRoutePolicy {
   return {
     routeAccessType: RouteAccessType.AUTHENTICATED,
@@ -38,7 +38,7 @@ export function getProjectScopedRoutePolicy({
 }: {
   allowedPrincipals: readonly PrincipalType[];
   projectIdSource?: PropertySource;
-  permission?: Permission;
+  permission?: Permission | readonly Permission[];
 }): AuthenticatedRoutePolicy {
   return {
     routeAccessType: RouteAccessType.AUTHENTICATED,

packages/server/api/src/app/core/security/route-policies/route-security-policy.ts

@@ -22,14 +22,14 @@ export type OrganizationAuthorizationPolicy = {
   authorizationScope: AuthorizationScope.ORGANIZATION;
   allowedPrincipals: readonly PrincipalType[];
   organizationIdSource: PropertySource;
-  permission?: Permission;
+  permission?: Permission | readonly Permission[];
 };
 
 export type ProjectAuthorizationPolicy = {
   authorizationScope: AuthorizationScope.PROJECT;
   allowedPrincipals: readonly PrincipalType[];
   projectIdSource: PropertySource;
-  permission?: Permission;
+  permission?: Permission | readonly Permission[];
 };
 
 export type RouteSecurityPolicy = AuthenticatedRoutePolicy | PublicRoutePolicy;