New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[CLOUDTRUST-2109] Authorization refactoring #156
Conversation
Pull Request Test Coverage Report for Build 1529
💛 - Coveralls |
7fa2c70
to
c22abf5
Compare
@@ -67,3 +76,76 @@ func (c *configurationDBModule) GetConfiguration(context context.Context, realmI | |||
return config, err | |||
} | |||
} | |||
|
|||
func (c *configurationDBModule) GetAuthorizations(ctx context.Context, realmID string, groupName string) ([]dto.Authorization, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
May be reused in paper-card-service
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When we will retrieve the authorizations to apply authorizations, we will retrieve all of them not just one for a specific realm and group.
@@ -40,6 +42,23 @@ func (ec *component) reportEvent(ctx context.Context, apiCall string, values ... | |||
|
|||
} | |||
|
|||
// Get actions | |||
func (ec *component) GetActions(ctx context.Context) ([]api.ActionRepresentation, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could be part of the common lib
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree this method is very similar for each Component but a simple and elegant way to do it ...
Would you have any idea ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's say we will have a look at this when we'll have time for this... (it almost means never)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not sooner?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Responses directly as comment
@@ -2,6 +2,12 @@ package events_api | |||
|
|||
import "database/sql" | |||
|
|||
// ActionRepresentation struct | |||
type ActionRepresentation struct { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The same structure is used by papercard module.
If for the long term this stays the same, then we can move them in common service
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will move it in common during PR2
schema: | ||
type: array | ||
items: | ||
type: string |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is not the same as you code in the paper card?
/cards/actions:
get:
tags:
- Actions
summary: Get the list of all possible actions
responses:
200:
description: successful operation
content:
application/json:
schema:
type: array
items:
** $ref: '#/components/schemas/Actions' **
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You are right, it was a bug, it is fixed in the PR #159
} | ||
|
||
// ActionRepresentation struct | ||
type ActionRepresentation struct { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as before
@@ -15,6 +15,20 @@ tags: | |||
- name: Roles | |||
description: Roles management | |||
paths: | |||
/actions: | |||
get: | |||
tags: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as before
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
TODO in PR2, thks
@@ -15,6 +15,12 @@ const ( | |||
RegExpTwoDigitsNumber = `^\d{1,2}$` | |||
) | |||
|
|||
// ActionRepresentation struct | |||
type ActionRepresentation struct { | |||
Name *string `json:"name"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same as before
@@ -9,6 +9,20 @@ tags: | |||
- name: Statistics | |||
description: Statistics management | |||
paths: | |||
/statistics/actions: | |||
get: | |||
tags: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same as before
GroudIDs = "groupIds" | ||
GroupID = "groupId" | ||
GroupName = "groupName" | ||
Name = "name" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
name gives enough information?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will fix it
var actions []security.Action | ||
|
||
func newAction(as string, scope security.Scope) security.Action { | ||
a := security.Action{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
from commom-service, master branch:
type Action struct {
Id int
Name string
Scope Scope
}
Id should be defined?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think I can remove this Id, we finally don't use it.
@@ -40,6 +42,23 @@ func (ec *component) reportEvent(ctx context.Context, apiCall string, values ... | |||
|
|||
} | |||
|
|||
// Get actions | |||
func (ec *component) GetActions(ctx context.Context) ([]api.ActionRepresentation, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not sooner?
var actions []security.Action | ||
|
||
func newAction(as string, scope security.Scope) security.Action { | ||
a := security.Action{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same
We plan to split the authorizations refactoring in 2 phases (2 PR).
First, we deploy the 1st PR which contains the authorization edition/management. We perform the authorizations configuration which will be stored in DB. This config will not be used, the JSON is still used to check the authorizations.
Second step, we deploy the 2nd PR which will remove the usage of JSON and compute the authorization from the DB configuration.
This strategy should allow us to minimize the downtime and migration risks.