update sql test data files and auth wrappers

management/internals/modules/permissions/manager.go

@@ -181,3 +181,17 @@ func (m *managerImpl) GetPermissionsByRole(ctx context.Context, role types.UserR
 func (m *managerImpl) SetAccountManager(accountManager account.Manager) {
 	// no-op
 }
+
+// WrapHandler wraps a handler that expects UserAuth with context extraction.
+// Unlike WithPermission, it does not perform any permission checks.
+func WrapHandler(h func(w http.ResponseWriter, r *http.Request, userAuth *auth.UserAuth)) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		userAuth, err := nbcontext.GetUserAuthFromContext(r.Context())
+		if err != nil {
+			log.WithContext(r.Context()).Errorf("failed to get user auth from context: %v", err)
+			util.WriteError(r.Context(), err, w)
+			return
+		}
+		h(w, r, &userAuth)
+	}
+}

management/internals/modules/reverseproxy/domain/manager/api.go

@@ -28,7 +28,7 @@ func RegisterEndpoints(router *mux.Router, manager Manager, permissionsManager p
 	router.HandleFunc("/domains", permissionsManager.WithPermission(modules.Services, operations.Read, h.getAllDomains)).Methods("GET", "OPTIONS")
 	router.HandleFunc("/domains", permissionsManager.WithPermission(modules.Services, operations.Create, h.createCustomDomain)).Methods("POST", "OPTIONS")
 	router.HandleFunc("/domains/{domainId}", permissionsManager.WithPermission(modules.Services, operations.Delete, h.deleteCustomDomain)).Methods("DELETE", "OPTIONS")
-	router.HandleFunc("/domains/{domainId}/validate", permissionsManager.WithPermission(modules.Services, operations.Read, h.triggerCustomDomainValidation)).Methods("GET", "OPTIONS")
+	router.HandleFunc("/domains/{domainId}/validate", permissionsManager.WithPermission(modules.Services, operations.Create, h.triggerCustomDomainValidation)).Methods("GET", "OPTIONS") // TODO: this should be a POST
 }
 
 func domainTypeToApi(t domain.Type) api.ReverseProxyDomainType {