feat: allow edit role on servicedatakey to be public (#88)

* feat: allow edit role on servicedatakey to be public * feat: allow self onboarding with public servicedata (#89) * feat: allow self onboarding with public servicedata * refactor * chore: add go mod file * chore: add formating directive * fix: err * chore: fmt * test: add test to cover self onboarding scenario * update mock * feat: use caller email if user email is missing in payload
goto · Aug 21, 2024 · 1c1b95d · 1c1b95d
1 parent 509de71
commit 1c1b95d
Show file tree

Hide file tree

Showing 12 changed files with 358 additions and 83 deletions.
diff --git a/core/relation/mocks/authz_repository.go b/core/relation/mocks/authz_repository.go
diff --git a/core/relation/relation.go b/core/relation/relation.go
@@ -31,6 +31,7 @@ type AuthzRepository interface {
 	DeleteSubjectRelations(ctx context.Context, resourceType, optionalResourceID string) error
 	AddV2(ctx context.Context, rel RelationV2) error
 	LookupResources(ctx context.Context, resourceType, permission, subjectType, subjectID string) ([]string, error)
+	CheckIsPublic(ctx context.Context, rel Relation, act action.Action) (bool, error)
 }
 
 type Relation struct {

diff --git a/core/relation/service.go b/core/relation/service.go
@@ -149,6 +149,14 @@ func (s Service) CheckPermission(ctx context.Context, usr user.User, resourceNS
 	}, action)
 }
 
+func (s Service) CheckIsPublic(ctx context.Context, resourceNS namespace.Namespace, resourceIdxa string, action action.Action) (bool, error) {
+	return s.authzRepository.CheckIsPublic(ctx, Relation{
+		ObjectNamespace:  resourceNS,
+		ObjectID:         resourceIdxa,
+		SubjectNamespace: namespace.DefinitionUser,
+	}, action)
+}
+
 func (s Service) BulkCheckPermission(ctx context.Context, rels []Relation, acts []action.Action) ([]Permission, error) {
 	return s.authzRepository.BulkCheck(ctx, rels, acts)
 }

diff --git a/go.mod b/go.mod
@@ -1,6 +1,8 @@
 module github.com/goto/shield
 
-go 1.21
+go 1.21.0
+
+toolchain go1.22.3
 
 require (
 	github.com/MakeNowJust/heredoc v1.0.0
@@ -37,7 +39,7 @@ require (
 	github.com/robfig/cron/v3 v3.0.1
 	github.com/rs/xid v1.5.0
 	github.com/spf13/afero v1.11.0
-	github.com/spf13/cobra v1.8.0
+	github.com/spf13/cobra v1.8.1
 	github.com/stretchr/testify v1.9.0
 	github.com/tidwall/gjson v1.14.4
 	go.nhat.io/otelsql v0.13.0
@@ -46,11 +48,11 @@ require (
 	go.opentelemetry.io/otel v1.27.0
 	go.opentelemetry.io/otel/metric v1.27.0
 	go.opentelemetry.io/otel/trace v1.27.0
-	go.uber.org/zap v1.24.0
+	go.uber.org/zap v1.27.0
 	gocloud.dev v0.28.0
-	golang.org/x/exp v0.0.0-20240604190554-fc45aab8b7f8
-	golang.org/x/net v0.26.0
-	golang.org/x/oauth2 v0.20.0
+	golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56
+	golang.org/x/net v0.27.0
+	golang.org/x/oauth2 v0.21.0
 	google.golang.org/genproto/googleapis/api v0.0.0-20240513163218-0867130af1f8
 	google.golang.org/grpc v1.64.0
 	google.golang.org/protobuf v1.34.2
@@ -81,11 +83,11 @@ require (
 	github.com/cenkalti/backoff v2.2.1+incompatible // indirect
 	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
 	github.com/certifi/gocertifi v0.0.0-20210507211836-431795d63e8d // indirect
-	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/charmbracelet/glamour v0.6.0 // indirect
 	github.com/cli/safeexec v1.0.1 // indirect
 	github.com/containerd/continuity v0.3.0 // indirect
-	github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/dlclark/regexp2 v1.9.0 // indirect
 	github.com/docker/go-connections v0.4.0 // indirect
@@ -128,7 +130,7 @@ require (
 	github.com/magiconair/properties v1.8.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/mattn/go-runewidth v0.0.14 // indirect
+	github.com/mattn/go-runewidth v0.0.16 // indirect
 	github.com/microcosm-cc/bluemonday v1.0.21 // indirect
 	github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db // indirect
 	github.com/muesli/reflow v0.3.0 // indirect
@@ -141,7 +143,7 @@ require (
 	github.com/pelletier/go-toml/v2 v2.2.2 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
-	github.com/rivo/uniseg v0.4.4 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
 	github.com/rs/zerolog v1.33.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/sagikazarmark/locafero v0.6.0 // indirect
@@ -179,14 +181,14 @@ require (
 	go.uber.org/atomic v1.11.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	golang.org/x/arch v0.8.0 // indirect
-	golang.org/x/crypto v0.24.0 // indirect
-	golang.org/x/mod v0.18.0 // indirect
+	golang.org/x/crypto v0.25.0 // indirect
+	golang.org/x/mod v0.19.0 // indirect
 	golang.org/x/sync v0.7.0 // indirect
-	golang.org/x/sys v0.21.0 // indirect
-	golang.org/x/term v0.21.0 // indirect
+	golang.org/x/sys v0.22.0 // indirect
+	golang.org/x/term v0.22.0 // indirect
 	golang.org/x/text v0.16.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
-	golang.org/x/tools v0.22.0 // indirect
+	golang.org/x/tools v0.23.0 // indirect
 	golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
 	google.golang.org/api v0.171.0 // indirect
 	google.golang.org/genproto v0.0.0-20240213162025-012b6fc9bca9 // indirect