[FEAT] added a description to a scope role to enable tools discern be…

…tween same name roles (#220)
nats-io · Apr 18, 2024 · 1f3ff32 · 1f3ff32
1 parent c2d30e2
commit 1f3ff32
Show file tree

Hide file tree

Showing 2 changed files with 57 additions and 7 deletions.
diff --git a/v2/signingkeys.go b/v2/signingkeys.go
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020 The NATS Authors
+ * Copyright 2020-2024 The NATS Authors
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -67,10 +67,11 @@ func (t *ScopeType) UnmarshalJSON(b []byte) error {
 }
 
 type UserScope struct {
-	Kind     ScopeType            `json:"kind"`
-	Key      string               `json:"key"`
-	Role     string               `json:"role"`
-	Template UserPermissionLimits `json:"template"`
+	Kind        ScopeType            `json:"kind"`
+	Key         string               `json:"key"`
+	Role        string               `json:"role"`
+	Template    UserPermissionLimits `json:"template"`
+	Description string               `json:"description"`
 }
 
 func NewUserScope() *UserScope {

diff --git a/v2/signingkeys_test.go b/v2/signingkeys_test.go
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020 The NATS Authors
+ * Copyright 2020-2024 The NATS Authors
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -251,6 +251,56 @@ func TestGetKeys(t *testing.T) {
 	}
 }
 
+func TestScopeJSON(t *testing.T) {
+	ac, apk := makeAccount(t, nil, nil)
+	pk := publicKey(createAccountNKey(t), t)
+	us := NewUserScope()
+	us.Key = pk
+	us.Role = "Admin"
+	us.Description = "Admin Key"
+	us.Template = UserPermissionLimits{
+		Permissions: Permissions{
+			Pub: Permission{Allow: []string{"foo"}},
+		},
+	}
+	ac.SigningKeys.AddScopedSigner(us)
+
+	token, err := ac.Encode(apk)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	ac, err = DecodeAccountClaims(token)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	s, ok := ac.SigningKeys.GetScope(pk)
+	if !ok {
+		t.Fatal("expected to find a scope admin")
+	}
+	us, ok = s.(*UserScope)
+	if !ok {
+		t.Fatal("expected to find an user scope")
+	}
+
+	if us.Key != pk {
+		t.Fatal("expected public key to match")
+	}
+
+	if !us.Template.Permissions.Pub.Allow.Contains("foo") {
+		t.Fatal("expected permissions to contain foo")
+	}
+
+	if us.Description != "Admin Key" {
+		t.Fatal("expected description to match")
+	}
+
+	if us.Role != "Admin" {
+		t.Fatal("expected role to match")
+	}
+}
+
 func TestJson(t *testing.T) {
 	ac, apk := makeAccount(t, nil, nil)
 	ac.SigningKeys.Add(publicKey(createAccountNKey(t), t))
@@ -278,5 +328,4 @@ func TestJson(t *testing.T) {
 	if len(myAcc.SigningKeys) != 3 {
 		t.Fatalf("Expected 3 signing keys got: %d", len(myAcc.SigningKeys))
 	}
-
 }