[Extend Governor APIs] System Extension Resources (#75)

* add system extension resources * Update pkg/api/v1alpha1/sys_extension_resources.go Co-authored-by: Jacob See <5027680+jacobsee@users.noreply.github.com> * use `->>` instead of `->` --------- Co-authored-by: Jacob See <5027680+jacobsee@users.noreply.github.com>
metal-toolbox · Oct 19, 2023 · c7f0dd4 · c7f0dd4
1 parent 9cac4a8
commit c7f0dd4
Show file tree

Hide file tree

Showing 9 changed files with 2,933 additions and 9 deletions.
diff --git a/internal/dbtools/hooks.go b/internal/dbtools/hooks.go
@@ -1126,3 +1126,60 @@ func AuditExtensionResourceDefinitionDeleted(ctx context.Context, exec boil.Cont
 
 	return &event, event.Insert(ctx, exec, boil.Infer())
 }
+
+// AuditSystemExtensionResourceCreated inserts an event representing an extension resource being created
+func AuditSystemExtensionResourceCreated(ctx context.Context, exec boil.ContextExecutor, pID string, actor *models.User, a *models.SystemExtensionResource) (*models.AuditEvent, error) {
+	// TODO non-user API actors don't exist in the governor database,
+	// we need to figure out how to handle that relationship in the audit table
+	var actorID null.String
+	if actor != nil {
+		actorID = null.StringFrom(actor.ID)
+	}
+
+	event := models.AuditEvent{
+		ParentID:  null.StringFrom(pID),
+		ActorID:   actorID,
+		Action:    "extension.resource.created",
+		Changeset: calculateChangeset(&models.SystemExtensionResource{}, a),
+	}
+
+	return &event, event.Insert(ctx, exec, boil.Infer())
+}
+
+// AuditSystemExtensionResourceUpdated inserts an event representing a extension being created
+func AuditSystemExtensionResourceUpdated(ctx context.Context, exec boil.ContextExecutor, pID string, actor *models.User, o, a *models.SystemExtensionResource) (*models.AuditEvent, error) {
+	// TODO non-user API actors don't exist in the governor database,
+	// we need to figure out how to handle that relationship in the audit table
+	var actorID null.String
+	if actor != nil {
+		actorID = null.StringFrom(actor.ID)
+	}
+
+	event := models.AuditEvent{
+		ParentID:  null.StringFrom(pID),
+		ActorID:   actorID,
+		Action:    "extension.resource.updated",
+		Changeset: calculateChangeset(o, a),
+	}
+
+	return &event, event.Insert(ctx, exec, boil.Infer())
+}
+
+// AuditSystemExtensionResourceDeleted inserts an event representing an extension being deleted
+func AuditSystemExtensionResourceDeleted(ctx context.Context, exec boil.ContextExecutor, pID string, actor *models.User, a *models.SystemExtensionResource) (*models.AuditEvent, error) {
+	// TODO non-user API actors don't exist in the governor database,
+	// we need to figure out how to handle that relationship in the audit table
+	var actorID null.String
+	if actor != nil {
+		actorID = null.StringFrom(actor.ID)
+	}
+
+	event := models.AuditEvent{
+		ParentID:  null.StringFrom(pID),
+		ActorID:   actorID,
+		Action:    "extension.resource.deleted",
+		Changeset: calculateChangeset(a, &models.SystemExtensionResource{}),
+	}
+
+	return &event, event.Insert(ctx, exec, boil.Infer())
+}
diff --git a/pkg/api/v1alpha1/router.go b/pkg/api/v1alpha1/router.go
@@ -594,7 +594,6 @@ func (r *Router) Routes(rg *gin.RouterGroup) {
 		"/extensions/:eid",
 		r.AuditMW.AuditWithType("UpdateExtension"),
 		r.AuthMW.AuthRequired(updateScopesWithOpenID("governor:extensions")),
-		r.mwUserAuthRequired(AuthRoleAdmin),
 		r.updateExtension,
 	)
 
@@ -662,6 +661,42 @@ func (r *Router) Routes(rg *gin.RouterGroup) {
 		r.AuthMW.AuthRequired(deleteScopesWithOpenID("governor:extensions")),
 		r.deleteExtensionResourceDefinition,
 	)
+
+	// system-wise extension resources
+	rg.POST(
+		"/extension-resources/:ex-slug/:erd-slug-plural/:erd-version",
+		r.AuditMW.AuditWithType("CreateSystemExtensionResource"),
+		r.AuthMW.AuthRequired(createScopesWithOpenID("governor:extensionresources")),
+		r.createSystemExtensionResource,
+	)
+
+	rg.GET(
+		"/extension-resources/:ex-slug/:erd-slug-plural/:erd-version",
+		r.AuditMW.AuditWithType("ListSystemExtensionResources"),
+		r.AuthMW.AuthRequired(createScopesWithOpenID("governor:extensionresources")),
+		r.listSystemExtensionResources,
+	)
+
+	rg.GET(
+		"/extension-resources/:ex-slug/:erd-slug-plural/:erd-version/:resource-id",
+		r.AuditMW.AuditWithType("GetSystemExtensionResource"),
+		r.AuthMW.AuthRequired(createScopesWithOpenID("governor:extensionresources")),
+		r.getSystemExtensionResource,
+	)
+
+	rg.PATCH(
+		"/extension-resources/:ex-slug/:erd-slug-plural/:erd-version/:resource-id",
+		r.AuditMW.AuditWithType("UpdateSystemExtensionResource"),
+		r.AuthMW.AuthRequired(createScopesWithOpenID("governor:extensionresources")),
+		r.updateSystemExtensionResource,
+	)
+
+	rg.DELETE(
+		"/extension-resources/:ex-slug/:erd-slug-plural/:erd-version/:resource-id",
+		r.AuditMW.AuditWithType("DeleteSystemExtensionResource"),
+		r.AuthMW.AuthRequired(createScopesWithOpenID("governor:extensionresources")),
+		r.deleteSystemExtensionResource,
+	)
 }
 
 func contains(list []string, item string) bool {