From 79b58acde393c6ed07f145c4c5b347c21e77275e Mon Sep 17 00:00:00 2001
From: Helder Santana <helder.santana@mongodb.com>
Date: Mon, 18 Mar 2024 14:45:19 +0100
Subject: [PATCH 1/2] reflect expected behavior in test

---
 test/int/federated_auth_test.go | 54 +++------------------------------
 1 file changed, 5 insertions(+), 49 deletions(-)

diff --git a/test/int/federated_auth_test.go b/test/int/federated_auth_test.go
index 2bb51cd815..abae8e2efc 100644
--- a/test/int/federated_auth_test.go
+++ b/test/int/federated_auth_test.go
@@ -150,58 +150,14 @@ var _ = Describe("AtlasFederatedAuth test", Label("AtlasFederatedAuth", "federat
 			fedAuth.Spec.DomainRestrictionEnabled = &originalConnectedOrgConfig.DomainRestrictionEnabled
 			fedAuth.Spec.SSODebugEnabled = originalIdp.SsoDebugEnabled
 			fedAuth.Spec.PostAuthRoleGrants = originalConnectedOrgConfig.GetPostAuthRoleGrants()
-			fedAuth.Spec.RoleMappings = nil
-
-			if len(originalConnectedOrgConfig.GetRoleMappings()) > 0 {
-				GinkgoWriter.Println("HAS ROLE MAPPINGS", len(originalConnectedOrgConfig.GetRoleMappings()), originalConnectedOrgConfig.GetRoleMappings()[0])
-				roles := make([]akov2.RoleMapping, len(originalConnectedOrgConfig.GetRoleMappings()))
-
-				for _, roleMapping := range originalConnectedOrgConfig.GetRoleMappings() {
-					assignments := make([]akov2.RoleAssignment, len(roleMapping.GetRoleAssignments()))
-					for _, roleAssignment := range roleMapping.GetRoleAssignments() {
-						var projectName string
-
-						if pID, ok := roleAssignment.GetGroupIdOk(); ok {
-							project, _, err := atlasClient.ProjectsApi.GetProject(ctx, *pID).Execute()
-							Expect(err).ToNot(HaveOccurred())
-							Expect(project).NotTo(BeNil())
-
-							projectName = project.GetName()
-						}
-
-						assignments = append(
-							assignments,
-							akov2.RoleAssignment{
-								ProjectName: projectName,
-								Role:        roleAssignment.GetRole(),
-							},
-						)
-					}
-
-					roles = append(
-						roles,
-						akov2.RoleMapping{
-							ExternalGroupName: roleMapping.GetExternalGroupName(),
-							RoleAssignments:   assignments,
-						},
-					)
-				}
 
-				fedAuth.Spec.RoleMappings = roles
-			} else {
-				roleMappings, _, err := atlasClient.FederatedAuthenticationApi.
-					ListRoleMappings(ctx, originalFederationSettings.GetId(), orgID).
-					Execute()
-				Expect(err).ToNot(HaveOccurred())
-
-				for _, roleMapping := range roleMappings.GetResults() {
-					GinkgoWriter.Println("DELETING ROLE MAPPING", roleMapping.GetId())
-					_, err := atlasClient.FederatedAuthenticationApi.
-						DeleteRoleMapping(ctx, originalFederationSettings.GetId(), roleMapping.GetId(), orgID).
-						Execute()
-					Expect(err).ToNot(HaveOccurred())
+			roleMappings := make([]akov2.RoleMapping, 0, len(fedAuth.Spec.RoleMappings))
+			for _, roleMap := range fedAuth.Spec.RoleMappings {
+				if roleMap.ExternalGroupName != "ako_team" {
+					roleMappings = append(roleMappings, roleMap)
 				}
 			}
+			fedAuth.Spec.RoleMappings = roleMappings
 
 			Expect(k8sClient.Update(ctx, fedAuth)).NotTo(HaveOccurred())
 		})

From fd238d6476191271527af82d257944dd7e75b687 Mon Sep 17 00:00:00 2001
From: Helder Santana <helder.santana@mongodb.com>
Date: Mon, 18 Mar 2024 18:00:32 +0100
Subject: [PATCH 2/2] comment steps

---
 test/int/federated_auth_test.go | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/test/int/federated_auth_test.go b/test/int/federated_auth_test.go
index abae8e2efc..5882d6c0a3 100644
--- a/test/int/federated_auth_test.go
+++ b/test/int/federated_auth_test.go
@@ -29,6 +29,7 @@ var _ = Describe("AtlasFederatedAuth test", Label("AtlasFederatedAuth", "federat
 	var originalIdp *admin.FederationIdentityProvider
 
 	resourceName := "fed-auth-test"
+	newRoleMapName := "ako_team"
 	ctx := context.Background()
 
 	BeforeEach(func() {
@@ -78,6 +79,7 @@ var _ = Describe("AtlasFederatedAuth test", Label("AtlasFederatedAuth", "federat
 
 	It("Should be able to update existing Organization's federations settings", func() {
 		By("Creating a FederatedAuthConfig resource", func() {
+			// Construct list of role mappings from pre-existing configuration
 			atlasRoleMappings := originalConnectedOrgConfig.GetRoleMappings()
 			roles := make([]akov2.RoleMapping, 0, len(atlasRoleMappings))
 			for i := range atlasRoleMappings {
@@ -102,10 +104,11 @@ var _ = Describe("AtlasFederatedAuth test", Label("AtlasFederatedAuth", "federat
 				}
 				roles = append(roles, newRole)
 			}
+			// Add new role mapping
 			roles = append(
 				roles,
 				akov2.RoleMapping{
-					ExternalGroupName: "ako_team",
+					ExternalGroupName: newRoleMapName,
 					RoleAssignments: []akov2.RoleAssignment{
 						{Role: "ORG_OWNER"},
 					},
@@ -151,9 +154,10 @@ var _ = Describe("AtlasFederatedAuth test", Label("AtlasFederatedAuth", "federat
 			fedAuth.Spec.SSODebugEnabled = originalIdp.SsoDebugEnabled
 			fedAuth.Spec.PostAuthRoleGrants = originalConnectedOrgConfig.GetPostAuthRoleGrants()
 
+			// Delete role mapping added for test
 			roleMappings := make([]akov2.RoleMapping, 0, len(fedAuth.Spec.RoleMappings))
 			for _, roleMap := range fedAuth.Spec.RoleMappings {
-				if roleMap.ExternalGroupName != "ako_team" {
+				if roleMap.ExternalGroupName != newRoleMapName {
 					roleMappings = append(roleMappings, roleMap)
 				}
 			}