feat: warn when setting project/org

When setting the project or organization, it will now warn you if the project does not exist, your current user does not have access to it or if the organization is not in the list of available organizations. We don't error out to still support some use-cases where a user might not have the permission to get a project or might not be fully part of an org but might still have access to some resource in it.
ninech · Dec 4, 2024 · 1dc96f2 · 1dc96f2
1 parent 1c075ea
commit 1dc96f2
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 2 deletions.
diff --git a/auth/set_org.go b/auth/set_org.go
@@ -2,9 +2,12 @@ package auth
 
 import (
 	"context"
+	"fmt"
+	"slices"
 
 	"github.com/ninech/nctl/api"
 	"github.com/ninech/nctl/api/config"
+	"github.com/ninech/nctl/internal/format"
 )
 
 type SetOrgCmd struct {
@@ -20,5 +23,19 @@ func (s *SetOrgCmd) Run(ctx context.Context, client *api.Client) error {
 		return whoamicmd.Run(ctx, client)
 	}
 
-	return config.SetContextOrganization(client.KubeconfigPath, client.KubeconfigContext, s.Organization)
+	userInfo, err := api.GetUserInfoFromToken(client.Token(ctx))
+	if err != nil {
+		return err
+	}
+
+	if err := config.SetContextOrganization(client.KubeconfigPath, client.KubeconfigContext, s.Organization); err != nil {
+		return err
+	}
+
+	if !slices.Contains(userInfo.Orgs, s.Organization) {
+		format.PrintWarningf("%s is not in list of available Organizations, you might not have access to all resources.\n", s.Organization)
+	}
+
+	fmt.Println(format.SuccessMessagef("📝", "set active Organization to %s", s.Organization))
+	return nil
 }
diff --git a/auth/set_project.go b/auth/set_project.go
@@ -2,15 +2,44 @@ package auth
 
 import (
 	"context"
+	"fmt"
 
+	management "github.com/ninech/apis/management/v1alpha1"
 	"github.com/ninech/nctl/api"
 	"github.com/ninech/nctl/api/config"
+	"github.com/ninech/nctl/internal/format"
+	"k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/types"
 )
 
 type SetProjectCmd struct {
 	Name string `arg:"" predictor:"resource_name" help:"Name of the default project to be used."`
 }
 
 func (s *SetProjectCmd) Run(ctx context.Context, client *api.Client) error {
-	return config.SetContextProject(client.KubeconfigPath, client.KubeconfigContext, s.Name)
+	org, err := client.Organization()
+	if err != nil {
+		return err
+	}
+
+	// we get the project without using the result to be sure it exists and the
+	// user has access.
+	if err := client.Get(ctx, types.NamespacedName{Name: s.Name, Namespace: org}, &management.Project{}); err != nil {
+		if !errors.IsNotFound(err) && !errors.IsForbidden(err) {
+			return err
+		}
+		if errors.IsNotFound(err) {
+			format.PrintWarningf("did not find Project %s in your Organization %s.\n", s.Name, org)
+		}
+		if errors.IsForbidden(err) {
+			format.PrintWarningf("you are not allowed to get the Project %s, you might not have access to all resources.\n", s.Name)
+		}
+	}
+
+	if err := config.SetContextProject(client.KubeconfigPath, client.KubeconfigContext, s.Name); err != nil {
+		return err
+	}
+
+	fmt.Println(format.SuccessMessagef("📝", "set active Project to %s", s.Name))
+	return nil
 }