Skip to content
This repository has been archived by the owner on Oct 11, 2023. It is now read-only.

Commit

Permalink
Merge pull request #28 from Tecsisa/27-add-updateat-field
Browse files Browse the repository at this point in the history
Add updateAt field (closes #27)
  • Loading branch information
gerson24 authored Sep 23, 2016
2 parents a49a72d + 8b67edd commit b46dd28
Show file tree
Hide file tree
Showing 19 changed files with 721 additions and 399 deletions.
40 changes: 26 additions & 14 deletions api/group.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ type Group struct {
Org string `json:"org, omitempty"`
Urn string `json:"urn, omitempty"`
CreateAt time.Time `json:"createAt, omitempty"`
UpdateAt time.Time `json:"updateAt, omitempty"`
}

func (g Group) String() string {
Expand Down Expand Up @@ -254,30 +255,29 @@ func (api AuthAPI) UpdateGroup(requestInfo RequestInfo, org string, name string,
}
}

// Call repo to retrieve the group
group, err := api.GetGroupByName(requestInfo, org, name)
// Call repo to retrieve the old group
oldGroup, err := api.GetGroupByName(requestInfo, org, name)
if err != nil {
return nil, err
}
oldGroup := group

// Check restrictions
groupsFiltered, err := api.GetAuthorizedGroups(requestInfo, group.Urn, GROUP_ACTION_UPDATE_GROUP, []Group{*group})
groupsFiltered, err := api.GetAuthorizedGroups(requestInfo, oldGroup.Urn, GROUP_ACTION_UPDATE_GROUP, []Group{*oldGroup})
if err != nil {
return nil, err
}
if len(groupsFiltered) < 1 {
return nil, &Error{
Code: UNAUTHORIZED_RESOURCES_ERROR,
Message: fmt.Sprintf("User with externalId %v is not allowed to access to resource %v",
requestInfo.Identifier, group.Urn),
requestInfo.Identifier, oldGroup.Urn),
}
}

// Check if a group with "newName" already exists
newGroup, err := api.GetGroupByName(requestInfo, org, newName)

if err == nil && group.ID != newGroup.ID {
if err == nil && oldGroup.ID != newGroup.ID {
// Group already exists
return nil, &Error{
Code: GROUP_ALREADY_EXIST,
Expand All @@ -286,29 +286,40 @@ func (api AuthAPI) UpdateGroup(requestInfo RequestInfo, org string, name string,
}

if err != nil {
if apiError := err.(*Error); apiError.Code == UNAUTHORIZED_RESOURCES_ERROR || apiError.Code == UNKNOWN_API_ERROR {
if apiError := err.(*Error); apiError.Code != GROUP_BY_ORG_AND_NAME_NOT_FOUND {
return nil, err
}
}

// Get Group updated
groupToUpdate := createGroup(org, newName, newPath)
auxGroup := Group{
Urn: CreateUrn(org, RESOURCE_GROUP, newPath, newName),
}

// Check restrictions
groupsFiltered, err = api.GetAuthorizedGroups(requestInfo, groupToUpdate.Urn, GROUP_ACTION_UPDATE_GROUP, []Group{groupToUpdate})
groupsFiltered, err = api.GetAuthorizedGroups(requestInfo, auxGroup.Urn, GROUP_ACTION_UPDATE_GROUP, []Group{auxGroup})
if err != nil {
return nil, err
}
if len(groupsFiltered) < 1 {
return nil, &Error{
Code: UNAUTHORIZED_RESOURCES_ERROR,
Message: fmt.Sprintf("User with externalId %v is not allowed to access to resource %v",
requestInfo.Identifier, groupToUpdate.Urn),
requestInfo.Identifier, auxGroup.Urn),
}
}

// Update group
group, err = api.GroupRepo.UpdateGroup(*group, newName, newPath, groupToUpdate.Urn)
group := Group{
ID: oldGroup.ID,
Name: newName,
Path: newPath,
Org: oldGroup.Org,
Urn: auxGroup.Urn,
CreateAt: oldGroup.CreateAt,
UpdateAt: time.Now().UTC(),
}

updatedGroup, err := api.GroupRepo.UpdateGroup(group)

// Check unexpected DB error
if err != nil {
Expand All @@ -320,8 +331,8 @@ func (api AuthAPI) UpdateGroup(requestInfo RequestInfo, org string, name string,
}
}

LogOperation(api.Logger, requestInfo, fmt.Sprintf("Group updated from %+v to %+v", oldGroup, group))
return group, nil
LogOperation(api.Logger, requestInfo, fmt.Sprintf("Group updated from %+v to %+v", oldGroup, updatedGroup))
return updatedGroup, nil

}

Expand Down Expand Up @@ -725,6 +736,7 @@ func createGroup(org string, name string, path string) Group {
Name: name,
Path: path,
CreateAt: time.Now().UTC(),
UpdateAt: time.Now().UTC(),
Urn: urn,
Org: org,
}
Expand Down
12 changes: 6 additions & 6 deletions api/manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -161,9 +161,9 @@ type UserRepo interface {
// if there are problems with database.
GetUsersFiltered(filter *Filter) ([]User, int, error)

// Update user stored in database with new pathPrefix. Throw error if the database restrictions
// Update user stored in database with new fields. Throw error if the database restrictions
// are not satisfied or unexpected error happen.
UpdateUser(user User, newPath string, newUrn string) (*User, error)
UpdateUser(user User) (*User, error)

// Remove user stored in database with its group relationships.
// Throw error if there are problems during transactions.
Expand All @@ -186,9 +186,9 @@ type GroupRepo interface {
// if there are problems with database.
GetGroupsFiltered(org string, filter *Filter) ([]Group, int, error)

// Update group stored in database with new name and pathPrefix.
// Update group stored in database with new fields.
// Throw error if there are problems with database.
UpdateGroup(group Group, newName string, newPath string, newUrn string) (*Group, error)
UpdateGroup(group Group) (*Group, error)

// Remove group stored in database with its user and policy relationships.
// Throw error if there are problems during transactions.
Expand Down Expand Up @@ -237,9 +237,9 @@ type PolicyRepo interface {
// if there are problems with database.
GetPoliciesFiltered(org string, filter *Filter) ([]Policy, int, error)

// Update policy stored in database with new name and pathPrefix. Also it overrides statements.
// Update policy stored in database with new fields. Also it overrides statements if it has.
// Throw error if there are problems with database.
UpdatePolicy(policy Policy, newName string, newPath string, newUrn string, newStatements []Statement) (*Policy, error)
UpdatePolicy(policy Policy) (*Policy, error)

// Remove policy stored in database with its groups relationships.
// Throw error if there are problems during transactions.
Expand Down
43 changes: 29 additions & 14 deletions api/policy.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ type Policy struct {
Org string `json:"org, omitempty"`
Urn string `json:"urn, omitempty"`
CreateAt time.Time `json:"createAt, omitempty"`
UpdateAt time.Time `json:"updateAt, omitempty"`
Statements *[]Statement `json:"statements, omitempty"`
}

Expand Down Expand Up @@ -278,59 +279,72 @@ func (api AuthAPI) UpdatePolicy(requestInfo RequestInfo, org string, policyName

}

// Call repo to retrieve the policy
policyDB, err := api.GetPolicyByName(requestInfo, org, policyName)
// Call repo to retrieve the old policy
oldPolicy, err := api.GetPolicyByName(requestInfo, org, policyName)
if err != nil {
return nil, err
}

// Check restrictions
policiesFiltered, err := api.GetAuthorizedPolicies(requestInfo, policyDB.Urn, POLICY_ACTION_UPDATE_POLICY, []Policy{*policyDB})
policiesFiltered, err := api.GetAuthorizedPolicies(requestInfo, oldPolicy.Urn, POLICY_ACTION_UPDATE_POLICY, []Policy{*oldPolicy})
if err != nil {
return nil, err
}
if len(policiesFiltered) < 1 {
return nil, &Error{
Code: UNAUTHORIZED_RESOURCES_ERROR,
Message: fmt.Sprintf("User with externalId %v is not allowed to access to resource %v",
requestInfo.Identifier, policyDB.Urn),
requestInfo.Identifier, oldPolicy.Urn),
}
}

// Check if policy with "newName" exists
targetPolicy, err := api.GetPolicyByName(requestInfo, org, newName)

if err == nil && targetPolicy.ID != policyDB.ID {
if err == nil && targetPolicy.ID != oldPolicy.ID {
// Policy already exists
return nil, &Error{
Code: POLICY_ALREADY_EXIST,
Message: fmt.Sprintf("Policy name: %v already exists", newName),
}
}

if err != nil {
if apiError := err.(*Error); apiError.Code == UNAUTHORIZED_RESOURCES_ERROR || apiError.Code == UNKNOWN_API_ERROR {
if apiError := err.(*Error); apiError.Code != POLICY_BY_ORG_AND_NAME_NOT_FOUND {
return nil, err
}
}

// Get Policy Updated
policyToUpdate := createPolicy(newName, newPath, org, &newStatements)
auxPolicy := Policy{
Urn: CreateUrn(org, RESOURCE_POLICY, newPath, newName),
}

// Check restrictions
policiesFiltered, err = api.GetAuthorizedPolicies(requestInfo, policyToUpdate.Urn, POLICY_ACTION_UPDATE_POLICY, []Policy{policyToUpdate})
policiesFiltered, err = api.GetAuthorizedPolicies(requestInfo, auxPolicy.Urn, POLICY_ACTION_UPDATE_POLICY, []Policy{auxPolicy})
if err != nil {
return nil, err
}
if len(policiesFiltered) < 1 {
return nil, &Error{
Code: UNAUTHORIZED_RESOURCES_ERROR,
Message: fmt.Sprintf("User with externalId %v is not allowed to access to resource %v",
requestInfo.Identifier, policyToUpdate.Urn),
requestInfo.Identifier, auxPolicy.Urn),
}
}

policy := Policy{
ID: oldPolicy.ID,
Name: newName,
Path: newPath,
Org: oldPolicy.Org,
Urn: auxPolicy.Urn,
CreateAt: oldPolicy.CreateAt,
UpdateAt: time.Now().UTC(),
Statements: &newStatements,
}

// Update policy
policy, err := api.PolicyRepo.UpdatePolicy(*policyDB, newName, newPath, policyToUpdate.Urn, newStatements)
updatedPolicy, err := api.PolicyRepo.UpdatePolicy(policy)

// Check unexpected DB error
if err != nil {
Expand All @@ -342,8 +356,8 @@ func (api AuthAPI) UpdatePolicy(requestInfo RequestInfo, org string, policyName
}
}

LogOperation(api.Logger, requestInfo, fmt.Sprintf("Policy updated from %+v to %+v", policyDB, policy))
return policy, nil
LogOperation(api.Logger, requestInfo, fmt.Sprintf("Policy updated from %+v to %+v", oldPolicy, updatedPolicy))
return updatedPolicy, nil
}

func (api AuthAPI) RemovePolicy(requestInfo RequestInfo, org string, name string) error {
Expand Down Expand Up @@ -443,9 +457,10 @@ func createPolicy(name string, path string, org string, statements *[]Statement)
ID: uuid.NewV4().String(),
Name: name,
Path: path,
CreateAt: time.Now().UTC(),
UpdateAt: time.Now().UTC(),
Org: org,
Urn: urn,
CreateAt: time.Now().UTC(),
Statements: statements,
}

Expand Down
15 changes: 3 additions & 12 deletions api/testutils_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -159,10 +159,8 @@ func (t TestRepo) AddUser(user User) (*User, error) {
return created, err
}

func (t TestRepo) UpdateUser(user User, newPath string, newUrn string) (*User, error) {
func (t TestRepo) UpdateUser(user User) (*User, error) {
t.ArgsIn[UpdateUserMethod][0] = user
t.ArgsIn[UpdateUserMethod][1] = newPath
t.ArgsIn[UpdateUserMethod][2] = newUrn
var updated *User
if t.ArgsOut[UpdateUserMethod][0] != nil {
updated = t.ArgsOut[UpdateUserMethod][0].(*User)
Expand Down Expand Up @@ -363,11 +361,8 @@ func (t TestRepo) RemoveMember(userID string, groupID string) error {
return err
}

func (t TestRepo) UpdateGroup(group Group, newName string, newPath string, newUrn string) (*Group, error) {
func (t TestRepo) UpdateGroup(group Group) (*Group, error) {
t.ArgsIn[UpdateGroupMethod][0] = group
t.ArgsIn[UpdateGroupMethod][1] = newName
t.ArgsIn[UpdateGroupMethod][2] = newPath
t.ArgsIn[UpdateGroupMethod][3] = newUrn

var updated *Group
if t.ArgsOut[UpdateGroupMethod][0] != nil {
Expand Down Expand Up @@ -433,12 +428,8 @@ func (t TestRepo) AddPolicy(policy Policy) (*Policy, error) {
return created, err
}

func (t TestRepo) UpdatePolicy(policy Policy, newName string, newPath string, newUrn string, newStatements []Statement) (*Policy, error) {
func (t TestRepo) UpdatePolicy(policy Policy) (*Policy, error) {
t.ArgsIn[UpdatePolicyMethod][0] = policy
t.ArgsIn[UpdatePolicyMethod][1] = newName
t.ArgsIn[UpdatePolicyMethod][2] = newPath
t.ArgsIn[UpdatePolicyMethod][3] = newUrn
t.ArgsIn[UpdatePolicyMethod][4] = newStatements

var updated *Policy
if t.ArgsOut[UpdatePolicyMethod][0] != nil {
Expand Down
31 changes: 22 additions & 9 deletions api/user.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ type User struct {
Path string `json:"path, omitempty"`
Urn string `json:"urn, omitempty"`
CreateAt time.Time `json:"createAt, omitempty"`
UpdateAt time.Time `json:"updateAt, omitempty"`
}

func (u User) String() string {
Expand Down Expand Up @@ -203,40 +204,51 @@ func (api AuthAPI) UpdateUser(requestInfo RequestInfo, externalId string, newPat
}

// Call repo to retrieve the user
userDB, err := api.GetUserByExternalID(requestInfo, externalId)
oldUser, err := api.GetUserByExternalID(requestInfo, externalId)
if err != nil {
return nil, err
}

// Check restrictions
usersFiltered, err := api.GetAuthorizedUsers(requestInfo, userDB.Urn, USER_ACTION_UPDATE_USER, []User{*userDB})
usersFiltered, err := api.GetAuthorizedUsers(requestInfo, oldUser.Urn, USER_ACTION_UPDATE_USER, []User{*oldUser})
if err != nil {
return nil, err
}
if len(usersFiltered) < 1 {
return nil, &Error{
Code: UNAUTHORIZED_RESOURCES_ERROR,
Message: fmt.Sprintf("User with externalId %v is not allowed to access to resource %v",
requestInfo.Identifier, userDB.Urn),
requestInfo.Identifier, oldUser.Urn),
}
}

userToUpdate := createUser(externalId, newPath)
auxUser := User{
Urn: CreateUrn("", RESOURCE_USER, newPath, externalId),
}

// Check restrictions
usersFiltered, err = api.GetAuthorizedUsers(requestInfo, userToUpdate.Urn, USER_ACTION_GET_USER, []User{userToUpdate})
usersFiltered, err = api.GetAuthorizedUsers(requestInfo, auxUser.Urn, USER_ACTION_GET_USER, []User{auxUser})
if err != nil {
return nil, err
}
if len(usersFiltered) < 1 {
return nil, &Error{
Code: UNAUTHORIZED_RESOURCES_ERROR,
Message: fmt.Sprintf("User with externalId %v is not allowed to access to resource %v",
requestInfo.Identifier, userToUpdate.Urn),
requestInfo.Identifier, auxUser.Urn),
}
}

user, err := api.UserRepo.UpdateUser(*userDB, newPath, userToUpdate.Urn)
user := User{
ID: oldUser.ID,
ExternalID: oldUser.ExternalID,
Path: newPath,
CreateAt: oldUser.CreateAt,
UpdateAt: time.Now().UTC(),
Urn: auxUser.Urn,
}

updatedUser, err := api.UserRepo.UpdateUser(user)

// Check unexpected DB error
if err != nil {
Expand All @@ -248,8 +260,8 @@ func (api AuthAPI) UpdateUser(requestInfo RequestInfo, externalId string, newPat
}
}

LogOperation(api.Logger, requestInfo, fmt.Sprintf("User updated from %+v to %+v", userDB, user))
return user, nil
LogOperation(api.Logger, requestInfo, fmt.Sprintf("User updated from %+v to %+v", oldUser, updatedUser))
return updatedUser, nil

}

Expand Down Expand Up @@ -355,6 +367,7 @@ func createUser(externalId string, path string) User {
ExternalID: externalId,
Path: path,
CreateAt: time.Now().UTC(),
UpdateAt: time.Now().UTC(),
Urn: urn,
}

Expand Down
Loading

0 comments on commit b46dd28

Please sign in to comment.