Skip to content

Commit

Permalink
feat: fetch service data (#60)
Browse files Browse the repository at this point in the history
  • Loading branch information
FemiNoviaLina authored Jun 4, 2024
1 parent 17e3f21 commit 5b52f3a
Show file tree
Hide file tree
Showing 23 changed files with 2,375 additions and 173 deletions.
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ GOVERSION := $(shell go version | cut -d ' ' -f 3 | cut -d '.' -f 2)

.PHONY: build check fmt lint test test-race vet test-cover-html help install proto
.DEFAULT_GOAL := build
PROTON_COMMIT := "633ae3ee704338ef2620c9387849dfede86e8ddf"
PROTON_COMMIT := "e8a584e192f23f999844b027d17bd738c3981973"

install:
@echo "Clean up imports..."
Expand Down
1 change: 1 addition & 0 deletions core/relation/relation.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ type AuthzRepository interface {
DeleteV2(ctx context.Context, rel RelationV2) error
DeleteSubjectRelations(ctx context.Context, resourceType, optionalResourceID string) error
AddV2(ctx context.Context, rel RelationV2) error
LookupResources(ctx context.Context, resourceType, permission, subjectType, subjectID string) ([]string, error)
}

type Relation struct {
Expand Down
4 changes: 4 additions & 0 deletions core/relation/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -170,3 +170,7 @@ func (s Service) DeleteSubjectRelations(ctx context.Context, resourceType, optio

return nil
}

func (s Service) LookupResources(ctx context.Context, resourceType, permission, subjectType, subjectID string) ([]string, error) {
return s.authzRepository.LookupResources(ctx, resourceType, permission, subjectType, subjectID)
}
62 changes: 62 additions & 0 deletions core/servicedata/mocks/relation_service.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

59 changes: 59 additions & 0 deletions core/servicedata/mocks/servicedata_repository.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

65 changes: 63 additions & 2 deletions core/servicedata/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package servicedata

import (
"context"
"slices"

"github.com/goto/shield/core/action"
"github.com/goto/shield/core/namespace"
Expand All @@ -13,8 +14,12 @@ import (
)

const (
keyNamespace = schema.ServiceDataKeyNamespace
editActionID = schema.EditPermission
keyNamespace = schema.ServiceDataKeyNamespace
userNamespace = schema.UserPrincipal
groupNamespace = schema.GroupPrincipal
viewActionID = schema.ViewPermission
editActionID = schema.EditPermission
membershipPermission = schema.MembershipPermission
)

type ResourceService interface {
Expand All @@ -25,6 +30,7 @@ type ResourceService interface {
type RelationService interface {
Create(ctx context.Context, rel relation.RelationV2) (relation.RelationV2, error)
CheckPermission(ctx context.Context, usr user.User, resourceNS namespace.Namespace, resourceIdxa string, action action.Action) (bool, error)
LookupResources(ctx context.Context, resourceType, permission, subjectType, subjectID string) ([]string, error)
}

type ProjectService interface {
Expand Down Expand Up @@ -169,3 +175,58 @@ func (s Service) Upsert(ctx context.Context, sd ServiceData) (ServiceData, error

return returnedServiceData, nil
}

func (s Service) Get(ctx context.Context, filter Filter) ([]ServiceData, error) {
// fetch current user
currentUser, err := s.userService.FetchCurrentUser(ctx)
if err != nil {
return []ServiceData{}, err
}

// validate project and get project id from project slug
if filter.Project != "" {
prj, err := s.projectService.Get(ctx, filter.Project)
if err != nil {
return []ServiceData{}, err
}
filter.Project = prj.ID
}

// build entity ID filter
filter.EntityIDs = [][]string{}
if filter.Namespace == groupNamespace {
filter.EntityIDs = append(filter.EntityIDs, []string{groupNamespace, filter.ID})
}
if filter.Namespace == userNamespace && slices.Contains(filter.Entities, userNamespace) {
filter.EntityIDs = append(filter.EntityIDs, []string{userNamespace, filter.ID})
}
if filter.Namespace == userNamespace && slices.Contains(filter.Entities, groupNamespace) {
entityGroup, err := s.relationService.LookupResources(ctx, groupNamespace, membershipPermission, userNamespace, filter.ID)
if err != nil {
return []ServiceData{}, err
}
for _, ent := range entityGroup {
filter.EntityIDs = append(filter.EntityIDs, []string{groupNamespace, ent})
}
}

// get all service data key resources that visible by current user
viewSD, err := s.relationService.LookupResources(ctx, keyNamespace, viewActionID, userNamespace, currentUser.ID)
if err != nil {
return []ServiceData{}, err
}

serviceData, err := s.repository.Get(ctx, filter)
if err != nil {
return []ServiceData{}, err
}

resultSD := []ServiceData{}
for _, sd := range serviceData {
if slices.Contains(viewSD, sd.Key.ResourceID) {
resultSD = append(resultSD, sd)
}
}

return resultSD, nil
}
Loading

0 comments on commit 5b52f3a

Please sign in to comment.