Skip to content

Commit

Permalink
feat: make identity header mandatory in API call (#45)
Browse files Browse the repository at this point in the history
  • Loading branch information
FemiNoviaLina authored May 3, 2024
1 parent fc0e9e6 commit 6c8fdc9
Show file tree
Hide file tree
Showing 16 changed files with 270 additions and 67 deletions.
14 changes: 13 additions & 1 deletion .mockery.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -59,4 +59,16 @@ packages:
filename: "relation_service.go"
RelationTransformer:
config:
filename: "relation_transformer.go"
filename: "relation_transformer.go"
github.com/goto/shield/core/user:
config:
dir: "core/mocks"
outpkg: "mocks"
mockname: "{{.InterfaceName}}"
interfaces:
ActivityService:
config:
filename: "activity_service.go"
Repository:
config:
filename: "user_repository.go"
13 changes: 8 additions & 5 deletions core/action/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"fmt"

"github.com/goto/salt/log"
"github.com/goto/shield/core/activity"
"github.com/goto/shield/core/user"
pkgctx "github.com/goto/shield/pkg/context"
)
Expand All @@ -19,7 +20,7 @@ type UserService interface {
}

type ActivityService interface {
Log(ctx context.Context, action string, actor string, data any) error
Log(ctx context.Context, action string, actor activity.Actor, data any) error
}

type Service struct {
Expand All @@ -45,7 +46,7 @@ func (s Service) Get(ctx context.Context, id string) (Action, error) {
func (s Service) Create(ctx context.Context, action Action) (Action, error) {
currentUser, err := s.userService.FetchCurrentUser(ctx)
if err != nil {
s.logger.Error(fmt.Sprintf("%s: %s", user.ErrInvalidEmail.Error(), err.Error()))
return Action{}, fmt.Errorf("%w: %s", user.ErrInvalidEmail, err.Error())
}

newAction, err := s.repository.Create(ctx, action)
Expand All @@ -56,7 +57,8 @@ func (s Service) Create(ctx context.Context, action Action) (Action, error) {
go func() {
ctx := pkgctx.WithoutCancel(ctx)
actionLogData := newAction.ToActionLogData()
if err := s.activityService.Log(ctx, auditKeyActionCreate, currentUser.ID, actionLogData); err != nil {
actor := activity.Actor{ID: currentUser.ID, Email: currentUser.Email}
if err := s.activityService.Log(ctx, auditKeyActionCreate, actor, actionLogData); err != nil {
s.logger.Error(fmt.Sprintf("%s: %s", ErrLogActivity.Error(), err.Error()))
}
}()
Expand All @@ -71,7 +73,7 @@ func (s Service) List(ctx context.Context) ([]Action, error) {
func (s Service) Update(ctx context.Context, id string, action Action) (Action, error) {
currentUser, err := s.userService.FetchCurrentUser(ctx)
if err != nil {
s.logger.Error(fmt.Sprintf("%s: %s", user.ErrInvalidEmail.Error(), err.Error()))
return Action{}, fmt.Errorf("%w: %s", user.ErrInvalidEmail, err.Error())
}

updatedAction, err := s.repository.Update(ctx, Action{
Expand All @@ -86,7 +88,8 @@ func (s Service) Update(ctx context.Context, id string, action Action) (Action,
go func() {
ctx := pkgctx.WithoutCancel(ctx)
actionLogData := updatedAction.ToActionLogData()
if err := s.activityService.Log(ctx, auditKeyActionUpdate, currentUser.ID, actionLogData); err != nil {
actor := activity.Actor{ID: currentUser.ID, Email: currentUser.Email}
if err := s.activityService.Log(ctx, auditKeyActionUpdate, actor, actionLogData); err != nil {
s.logger.Error(fmt.Sprintf("%s: %s", ErrLogActivity.Error(), err.Error()))
}
}()
Expand Down
5 changes: 5 additions & 0 deletions core/activity/activity.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,3 +37,8 @@ type PagedActivity struct {
Count int32
Activities []audit.Log
}

type Actor struct {
ID string
Email string
}
5 changes: 3 additions & 2 deletions core/activity/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ func NewService(appConfig AppConfig, repository Repository) *Service {
}
}

func (s Service) Log(ctx context.Context, action string, actor string, data any) error {
func (s Service) Log(ctx context.Context, action string, actor Actor, data any) error {
if data == nil {
return ErrInvalidData
}
Expand All @@ -33,13 +33,14 @@ func (s Service) Log(ctx context.Context, action string, actor string, data any)
metadata := map[string]string{
"app_name": "shield",
"app_version": s.appConfig.Version,
"email": actor.Email,
}

log := &audit.Log{
Timestamp: time.Now(),
Action: action,
Data: logDataMap,
Actor: actor,
Actor: actor.ID,
Metadata: metadata,
}

Expand Down
11 changes: 7 additions & 4 deletions core/group/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (

"github.com/goto/salt/log"
"github.com/goto/shield/core/action"
"github.com/goto/shield/core/activity"
"github.com/goto/shield/core/namespace"
"github.com/goto/shield/core/relation"
"github.com/goto/shield/core/user"
Expand Down Expand Up @@ -34,7 +35,7 @@ type UserService interface {
}

type ActivityService interface {
Log(ctx context.Context, action string, actor string, data any) error
Log(ctx context.Context, action string, actor activity.Actor, data any) error
}

type Service struct {
Expand Down Expand Up @@ -73,7 +74,8 @@ func (s Service) Create(ctx context.Context, grp Group) (Group, error) {
go func() {
ctx := pkgctx.WithoutCancel(ctx)
groupLogData := newGroup.ToGroupLogData()
if err := s.activityService.Log(ctx, auditKeyGroupCreate, currentUser.ID, groupLogData); err != nil {
actor := activity.Actor{ID: currentUser.ID, Email: currentUser.Email}
if err := s.activityService.Log(ctx, auditKeyGroupCreate, actor, groupLogData); err != nil {
s.logger.Error(fmt.Sprintf("%s: %s", ErrLogActivity.Error(), err.Error()))
}
}()
Expand Down Expand Up @@ -103,7 +105,7 @@ func (s Service) List(ctx context.Context, flt Filter) ([]Group, error) {
func (s Service) Update(ctx context.Context, grp Group) (Group, error) {
currentUser, err := s.userService.FetchCurrentUser(ctx)
if err != nil {
s.logger.Error(fmt.Sprintf("%s: %s", user.ErrInvalidEmail.Error(), err.Error()))
return Group{}, fmt.Errorf("%w: %s", user.ErrInvalidEmail, err.Error())
}

if strings.TrimSpace(grp.ID) != "" {
Expand All @@ -118,7 +120,8 @@ func (s Service) Update(ctx context.Context, grp Group) (Group, error) {
go func() {
ctx := pkgctx.WithoutCancel(ctx)
groupLogData := updatedGroup.ToGroupLogData()
if err := s.activityService.Log(ctx, auditKeyGroupUpdate, currentUser.ID, groupLogData); err != nil {
actor := activity.Actor{ID: currentUser.ID, Email: currentUser.Email}
if err := s.activityService.Log(ctx, auditKeyGroupUpdate, actor, groupLogData); err != nil {
s.logger.Error(fmt.Sprintf("%s: %s", ErrLogActivity.Error(), err.Error()))
}
}()
Expand Down
20 changes: 13 additions & 7 deletions core/mocks/activity_service.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

34 changes: 33 additions & 1 deletion core/mocks/user_repository.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

13 changes: 8 additions & 5 deletions core/namespace/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"fmt"

"github.com/goto/salt/log"
"github.com/goto/shield/core/activity"
"github.com/goto/shield/core/user"
pkgctx "github.com/goto/shield/pkg/context"
)
Expand All @@ -19,7 +20,7 @@ type UserService interface {
}

type ActivityService interface {
Log(ctx context.Context, action string, actor string, data any) error
Log(ctx context.Context, action string, actor activity.Actor, data any) error
}

type Service struct {
Expand All @@ -45,7 +46,7 @@ func (s Service) Get(ctx context.Context, id string) (Namespace, error) {
func (s Service) Create(ctx context.Context, ns Namespace) (Namespace, error) {
currentUser, err := s.userService.FetchCurrentUser(ctx)
if err != nil {
s.logger.Error(fmt.Sprintf("%s: %s", user.ErrInvalidEmail.Error(), err.Error()))
return Namespace{}, fmt.Errorf("%w: %s", user.ErrInvalidEmail, err.Error())
}

newNamespace, err := s.repository.Create(ctx, ns)
Expand All @@ -56,7 +57,8 @@ func (s Service) Create(ctx context.Context, ns Namespace) (Namespace, error) {
go func() {
ctx := pkgctx.WithoutCancel(ctx)
namespaceLogData := newNamespace.ToNameSpaceLogData()
if err := s.activityService.Log(ctx, auditKeyNamespaceCreate, currentUser.ID, namespaceLogData); err != nil {
actor := activity.Actor{ID: currentUser.ID, Email: currentUser.Email}
if err := s.activityService.Log(ctx, auditKeyNamespaceCreate, actor, namespaceLogData); err != nil {
s.logger.Error(fmt.Sprintf("%s: %s", ErrLogActivity.Error(), err.Error()))
}
}()
Expand All @@ -71,7 +73,7 @@ func (s Service) List(ctx context.Context) ([]Namespace, error) {
func (s Service) Update(ctx context.Context, ns Namespace) (Namespace, error) {
currentUser, err := s.userService.FetchCurrentUser(ctx)
if err != nil {
s.logger.Error(fmt.Sprintf("%s: %s", user.ErrInvalidEmail.Error(), err.Error()))
return Namespace{}, fmt.Errorf("%w: %s", user.ErrInvalidEmail, err.Error())
}

updatedNamespace, err := s.repository.Update(ctx, ns)
Expand All @@ -82,7 +84,8 @@ func (s Service) Update(ctx context.Context, ns Namespace) (Namespace, error) {
go func() {
ctx := pkgctx.WithoutCancel(ctx)
namespaceLogData := updatedNamespace.ToNameSpaceLogData()
if err := s.activityService.Log(ctx, auditKeyNamespaceUpdate, currentUser.ID, namespaceLogData); err != nil {
actor := activity.Actor{ID: currentUser.ID, Email: currentUser.Email}
if err := s.activityService.Log(ctx, auditKeyNamespaceUpdate, actor, namespaceLogData); err != nil {
s.logger.Error(fmt.Sprintf("%s: %s", ErrLogActivity.Error(), err.Error()))
}
}()
Expand Down
Loading

0 comments on commit 6c8fdc9

Please sign in to comment.