Unify naming and location of auth RPC services (#46559) (#46596)

This moves packages around and renames things such that all existing
and non-legacy auth RPC services follow the same semantics.

- RPC services are all now under `lib/auth/<rpc_package>/<rpc_package><rpc_version>`
  i.e. lib/auth/accessmonitoringrules/accessmonitoringrulesv1
- Generated proto code imported in lib/auth/grpcserver.go are now
  aliased to <rpc_package><rpc_version>pb
  i.e. accessmonitoringrulesv1pb

lib/auth/kubewaitingcontainer/service.go → lib/auth/kubewaitingcontainer/kubewaitingcontainerv1/service.go

@@ -14,7 +14,7 @@
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-package kubewaitingcontainer
+package kubewaitingcontainerv1
 
 import (
 	"context"

lib/auth/kubewaitingcontainer/service_test.go → lib/auth/kubewaitingcontainer/kubewaitingcontainerv1/service_test.go

@@ -14,7 +14,7 @@
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-package kubewaitingcontainer
+package kubewaitingcontainerv1
 
 import (
 	"context"

lib/auth/loginrule/service.go → lib/auth/loginrule/loginrulev1/service.go

@@ -16,7 +16,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-package loginrule
+package loginrulev1
 
 import (
 	"context"

lib/auth/userloginstate/service.go → lib/auth/userloginstate/userloginstatev1/service.go

@@ -16,7 +16,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-package userloginstate
+package userloginstatev1
 
 import (
 	"context"

lib/auth/userloginstate/service_test.go → lib/auth/userloginstate/userloginstatev1/service_test.go

@@ -16,7 +16,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-package userloginstate
+package userloginstatev1
 
 import (
 	"context"
@@ -28,7 +28,7 @@ import (
 	"github.com/jonboulle/clockwork"
 	"github.com/stretchr/testify/require"
 
-	userloginstatev1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/userloginstate/v1"
+	userloginstatepb "github.com/gravitational/teleport/api/gen/proto/go/teleport/userloginstate/v1"
 	"github.com/gravitational/teleport/api/types"
 	"github.com/gravitational/teleport/api/types/header"
 	"github.com/gravitational/teleport/api/types/trait"
@@ -68,24 +68,24 @@ func TestGetUserLoginStates(t *testing.T) {
 
 	ctx, noAccessCtx, svc := initSvc(t)
 
-	getResp, err := svc.GetUserLoginStates(ctx, &userloginstatev1.GetUserLoginStatesRequest{})
+	getResp, err := svc.GetUserLoginStates(ctx, &userloginstatepb.GetUserLoginStatesRequest{})
 	require.NoError(t, err)
 	require.Empty(t, getResp.UserLoginStates)
 
 	uls1 := newUserLoginState(t, "1", nil, stRoles, stTraits, stRoles, stTraits)
 	uls2 := newUserLoginState(t, "2", nil, stRoles, stTraits, stRoles, stTraits)
 
-	_, err = svc.UpsertUserLoginState(ctx, &userloginstatev1.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls1)})
+	_, err = svc.UpsertUserLoginState(ctx, &userloginstatepb.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls1)})
 	require.NoError(t, err)
 
-	_, err = svc.UpsertUserLoginState(ctx, &userloginstatev1.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls2)})
+	_, err = svc.UpsertUserLoginState(ctx, &userloginstatepb.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls2)})
 	require.NoError(t, err)
 
-	getResp, err = svc.GetUserLoginStates(ctx, &userloginstatev1.GetUserLoginStatesRequest{})
+	getResp, err = svc.GetUserLoginStates(ctx, &userloginstatepb.GetUserLoginStatesRequest{})
 	require.NoError(t, err)
 	require.Empty(t, cmp.Diff([]*userloginstate.UserLoginState{uls1, uls2}, mustFromProtoAll(t, getResp.UserLoginStates...), cmpOpts...))
 
-	_, err = svc.GetUserLoginStates(noAccessCtx, &userloginstatev1.GetUserLoginStatesRequest{})
+	_, err = svc.GetUserLoginStates(noAccessCtx, &userloginstatepb.GetUserLoginStatesRequest{})
 	require.True(t, trace.IsAccessDenied(err))
 }
 
@@ -94,20 +94,20 @@ func TestUpsertUserLoginStates(t *testing.T) {
 
 	ctx, noAccessCtx, svc := initSvc(t)
 
-	getResp, err := svc.GetUserLoginStates(ctx, &userloginstatev1.GetUserLoginStatesRequest{})
+	getResp, err := svc.GetUserLoginStates(ctx, &userloginstatepb.GetUserLoginStatesRequest{})
 	require.NoError(t, err)
 	require.Empty(t, getResp.UserLoginStates)
 
 	uls1 := newUserLoginState(t, "1", nil, stRoles, stTraits, stRoles, stTraits)
 	uls2 := newUserLoginState(t, "2", nil, stRoles, stTraits, stRoles, stTraits)
 
-	_, err = svc.UpsertUserLoginState(ctx, &userloginstatev1.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls1)})
+	_, err = svc.UpsertUserLoginState(ctx, &userloginstatepb.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls1)})
 	require.NoError(t, err)
 
-	_, err = svc.UpsertUserLoginState(noAccessCtx, &userloginstatev1.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls2)})
+	_, err = svc.UpsertUserLoginState(noAccessCtx, &userloginstatepb.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls2)})
 	require.True(t, trace.IsAccessDenied(err))
 
-	getResp, err = svc.GetUserLoginStates(ctx, &userloginstatev1.GetUserLoginStatesRequest{})
+	getResp, err = svc.GetUserLoginStates(ctx, &userloginstatepb.GetUserLoginStatesRequest{})
 	require.NoError(t, err)
 	require.Empty(t, cmp.Diff([]*userloginstate.UserLoginState{uls1}, mustFromProtoAll(t, getResp.UserLoginStates...), cmpOpts...))
 }
@@ -117,22 +117,22 @@ func TestGetUserLoginState(t *testing.T) {
 
 	ctx, noAccessCtx, svc := initSvc(t)
 
-	getResp, err := svc.GetUserLoginStates(ctx, &userloginstatev1.GetUserLoginStatesRequest{})
+	getResp, err := svc.GetUserLoginStates(ctx, &userloginstatepb.GetUserLoginStatesRequest{})
 	require.NoError(t, err)
 	require.Empty(t, getResp.UserLoginStates)
 
 	uls1 := newUserLoginState(t, "1", nil, stRoles, stTraits, stRoles, stTraits)
 
-	_, err = svc.UpsertUserLoginState(ctx, &userloginstatev1.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls1)})
+	_, err = svc.UpsertUserLoginState(ctx, &userloginstatepb.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls1)})
 	require.NoError(t, err)
 
-	get, err := svc.GetUserLoginState(ctx, &userloginstatev1.GetUserLoginStateRequest{
+	get, err := svc.GetUserLoginState(ctx, &userloginstatepb.GetUserLoginStateRequest{
 		Name: uls1.GetName(),
 	})
 	require.NoError(t, err)
 	require.Empty(t, cmp.Diff(uls1, mustFromProto(t, get), cmpOpts...))
 
-	_, err = svc.GetUserLoginState(noAccessCtx, &userloginstatev1.GetUserLoginStateRequest{
+	_, err = svc.GetUserLoginState(noAccessCtx, &userloginstatepb.GetUserLoginStateRequest{
 		Name: uls1.GetName(),
 	})
 	require.True(t, trace.IsAccessDenied(err))
@@ -143,25 +143,25 @@ func TestDeleteUserLoginState(t *testing.T) {
 
 	ctx, _, svc := initSvc(t)
 
-	getResp, err := svc.GetUserLoginStates(ctx, &userloginstatev1.GetUserLoginStatesRequest{})
+	getResp, err := svc.GetUserLoginStates(ctx, &userloginstatepb.GetUserLoginStatesRequest{})
 	require.NoError(t, err)
 	require.Empty(t, getResp.UserLoginStates)
 
 	uls1 := newUserLoginState(t, "1", nil, stRoles, stTraits, stRoles, stTraits)
 
-	_, err = svc.UpsertUserLoginState(ctx, &userloginstatev1.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls1)})
+	_, err = svc.UpsertUserLoginState(ctx, &userloginstatepb.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls1)})
 	require.NoError(t, err)
 
-	get, err := svc.GetUserLoginState(ctx, &userloginstatev1.GetUserLoginStateRequest{
+	get, err := svc.GetUserLoginState(ctx, &userloginstatepb.GetUserLoginStateRequest{
 		Name: uls1.GetName(),
 	})
 	require.NoError(t, err)
 	require.Empty(t, cmp.Diff(uls1, mustFromProto(t, get), cmpOpts...))
 
-	_, err = svc.DeleteUserLoginState(ctx, &userloginstatev1.DeleteUserLoginStateRequest{Name: uls1.GetName()})
+	_, err = svc.DeleteUserLoginState(ctx, &userloginstatepb.DeleteUserLoginStateRequest{Name: uls1.GetName()})
 	require.NoError(t, err)
 
-	_, err = svc.GetUserLoginState(ctx, &userloginstatev1.GetUserLoginStateRequest{Name: uls1.GetName()})
+	_, err = svc.GetUserLoginState(ctx, &userloginstatepb.GetUserLoginStateRequest{Name: uls1.GetName()})
 	require.True(t, trace.IsNotFound(err))
 }
 
@@ -170,27 +170,27 @@ func TestDeleteAllAccessLists(t *testing.T) {
 
 	ctx, _, svc := initSvc(t)
 
-	getResp, err := svc.GetUserLoginStates(ctx, &userloginstatev1.GetUserLoginStatesRequest{})
+	getResp, err := svc.GetUserLoginStates(ctx, &userloginstatepb.GetUserLoginStatesRequest{})
 	require.NoError(t, err)
 	require.Empty(t, getResp.UserLoginStates)
 
 	uls1 := newUserLoginState(t, "1", nil, stRoles, stTraits, stRoles, stTraits)
 	uls2 := newUserLoginState(t, "2", nil, stRoles, stTraits, stRoles, stTraits)
 
-	_, err = svc.UpsertUserLoginState(ctx, &userloginstatev1.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls1)})
+	_, err = svc.UpsertUserLoginState(ctx, &userloginstatepb.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls1)})
 	require.NoError(t, err)
 
-	_, err = svc.UpsertUserLoginState(ctx, &userloginstatev1.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls2)})
+	_, err = svc.UpsertUserLoginState(ctx, &userloginstatepb.UpsertUserLoginStateRequest{UserLoginState: conv.ToProto(uls2)})
 	require.NoError(t, err)
 
-	getResp, err = svc.GetUserLoginStates(ctx, &userloginstatev1.GetUserLoginStatesRequest{})
+	getResp, err = svc.GetUserLoginStates(ctx, &userloginstatepb.GetUserLoginStatesRequest{})
 	require.NoError(t, err)
 	require.Empty(t, cmp.Diff([]*userloginstate.UserLoginState{uls1, uls2}, mustFromProtoAll(t, getResp.UserLoginStates...), cmpOpts...))
 
-	_, err = svc.DeleteAllUserLoginStates(ctx, &userloginstatev1.DeleteAllUserLoginStatesRequest{})
+	_, err = svc.DeleteAllUserLoginStates(ctx, &userloginstatepb.DeleteAllUserLoginStatesRequest{})
 	require.NoError(t, err)
 
-	getResp, err = svc.GetUserLoginStates(ctx, &userloginstatev1.GetUserLoginStatesRequest{})
+	getResp, err = svc.GetUserLoginStates(ctx, &userloginstatepb.GetUserLoginStatesRequest{})
 	require.NoError(t, err)
 	require.Empty(t, getResp.UserLoginStates)
 }
@@ -298,7 +298,7 @@ func genUserContext(ctx context.Context, username string, groups []string) conte
 	})
 }
 
-func mustFromProto(t *testing.T, uls *userloginstatev1.UserLoginState) *userloginstate.UserLoginState {
+func mustFromProto(t *testing.T, uls *userloginstatepb.UserLoginState) *userloginstate.UserLoginState {
 	t.Helper()
 
 	out, err := conv.FromProto(uls)
@@ -307,7 +307,7 @@ func mustFromProto(t *testing.T, uls *userloginstatev1.UserLoginState) *userlogi
 	return out
 }
 
-func mustFromProtoAll(t *testing.T, ulsList ...*userloginstatev1.UserLoginState) []*userloginstate.UserLoginState {
+func mustFromProtoAll(t *testing.T, ulsList ...*userloginstatepb.UserLoginState) []*userloginstate.UserLoginState {
 	t.Helper()
 
 	var convertedUlsList []*userloginstate.UserLoginState
@@ -319,3 +319,21 @@ func mustFromProtoAll(t *testing.T, ulsList ...*userloginstatev1.UserLoginState)
 
 	return convertedUlsList
 }
+
+func newUserLoginState(t *testing.T, name string, labels map[string]string, originalRoles []string, originalTraits map[string][]string,
+	roles []string, traits map[string][]string) *userloginstate.UserLoginState {
+	t.Helper()
+
+	uls, err := userloginstate.New(header.Metadata{
+		Name:   name,
+		Labels: labels,
+	}, userloginstate.Spec{
+		OriginalRoles:  originalRoles,
+		OriginalTraits: originalTraits,
+		Roles:          roles,
+		Traits:         traits,
+	})
+	require.NoError(t, err)
+
+	return uls
+}