Skip to content

refactor(iam): extract helpers from delete_user, update_user, create_access_key#323

Merged
vieiralucas merged 1 commit intomainfrom
worktree-cleanup+iam-users-split
Apr 13, 2026
Merged

refactor(iam): extract helpers from delete_user, update_user, create_access_key#323
vieiralucas merged 1 commit intomainfrom
worktree-cleanup+iam-users-split

Conversation

@vieiralucas
Copy link
Copy Markdown
Member

@vieiralucas vieiralucas commented Apr 13, 2026
edited by cubic-dev-ai Bot
Loading

Summary

Three IAM user mutations were carrying enough inline detail to obscure their top-level intent.

  • `delete_user`: the four 'cannot delete with X attached' guards (access keys, group membership, managed policies, inline policies) each produced their own `DeleteConflict` with a different remediation hint. Move the four checks into `ensure_user_can_be_deleted` so the `delete_user` body reads as 'check the entity exists, ensure it can be removed, then drop the rows from each keyed-by-username state map'.
  • `update_user`: the rename branch laboriously rewrote five different state maps plus group memberships in line. Move that into `rename_user_references` so `update_user` only handles the user record itself; `rename_user_references` is a single helper that knows about every user-keyed state map and is the place to extend if a new one is added.
  • `create_access_key`: the `UserName` parameter is optional, and the fallback (look up the calling user via their access key id) was taking up half the function. Move it into `resolve_create_access_key_target` so the operation body just resolves the target user, runs the limit check, and persists the new key.

No behavior change. Same lock semantics, same error messages.

Test plan

  • `cargo fmt`
  • `cargo clippy --workspace --all-targets -- -D warnings`
  • `cargo test -p fakecloud-iam` (73 passed)

Summary by cubic

Extracted helpers from IAM user mutations to simplify the code and make intent clear. No behavior changes; errors and locking remain the same.

  • Refactors
    • delete_user: moved dependency checks into ensure_user_can_be_deleted, preserving per-case DeleteConflict messages.
    • update_user: moved rename side-effects into rename_user_references to update all user-keyed maps and group memberships in one place.
    • create_access_key: moved optional UserName resolution into resolve_create_access_key_target, falling back to the caller’s access key ID.

Written for commit 607bd45. Summary will update on new commits.

@vieiralucas
refactor(iam): extract helpers from delete_user, update_user, create_…
607bd45 
…access_key

Three IAM user mutations were carrying enough inline detail to obscure
their top-level intent.

- delete_user: the four 'cannot delete with X attached' guards (access
  keys, group membership, managed policies, inline policies) each
  produced their own DeleteConflict with a different remediation hint.
  Move the four checks into ensure_user_can_be_deleted so the
  delete_user body reads as 'check the entity exists, ensure it can be
  removed, then drop the rows from each keyed-by-username state map'.

- update_user: the rename branch laboriously rewrote five different
  state maps plus group memberships in line. Move that into
  rename_user_references so update_user only handles the user record
  itself; rename_user_references is a single helper that knows about
  every user-keyed state map and is the place to extend if a new one
  is added.

- create_access_key: the UserName parameter is optional, and the
  fallback (look up the calling user via their access key id) was
  taking up half the function. Move it into
  resolve_create_access_key_target so the operation body just resolves
  the target user, runs the limit check, and persists the new key.

No behavior change.
cubic-dev-ai[bot]
cubic-dev-ai Bot reviewed Apr 13, 2026
View reviewed changes
Copy link
Copy Markdown

@cubic-dev-ai cubic-dev-ai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 1 file

@vieiralucas vieiralucas merged commit 448f5e9 into main Apr 13, 2026
22 checks passed
@vieiralucas vieiralucas deleted the worktree-cleanup+iam-users-split branch April 13, 2026 01:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vieiralucas