Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tidy-up Authz gRPC service #90

Merged
merged 3 commits into from
Apr 24, 2024
Merged

Tidy-up Authz gRPC service #90

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
4479d9d
(proto) tidy-up authz service
uatuko Apr 23, 2024
3ad27e6
(svc) tidy-up authz
uatuko Apr 23, 2024
ed804fb
update readme.md
uatuko Apr 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -116,8 +116,8 @@ Listening on [127.0.0.1:8080] ...
-plaintext \
-d '{
"principal_id": "cn7qtdu56a1cqrj8kur0",
"resource_type": "documents",
"resource_id": "65bd28aaa076ee8c8463cff8"
"entity_type": "documents",
"entity_id": "65bd28aaa076ee8c8463cff8"
}' \
localhost:8080 sentium.api.v1.Authz/Grant

Expand All @@ -134,8 +134,8 @@ Listening on [127.0.0.1:8080] ...
-plaintext \
-d '{
"principal_id": "cn7qtdu56a1cqrj8kur0",
"resource_type": "documents",
"resource_id": "65bd28aaa076ee8c8463cff8"
"entity_type": "documents",
"entity_id": "65bd28aaa076ee8c8463cff8"
}' \
localhost:8080 sentium.api.v1.Authz/Check

Expand Down
18 changes: 9 additions & 9 deletions proto/sentium/api/v1/authz.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,9 @@ service Authz {
}

message AuthzCheckRequest {
string principal_id = 1;
string resource_id = 3;
string resource_type = 2;
string principal_id = 1;
string entity_id = 3;
string entity_type = 2;
}

message AuthzCheckResponse {
Expand All @@ -41,19 +41,19 @@ message AuthzCheckResponse {
}

message AuthzGrantRequest {
string principal_id = 1;
string resource_id = 3;
string resource_type = 2;
string principal_id = 1;
string entity_id = 3;
string entity_type = 2;

optional google.protobuf.Struct attrs = 4;
}

message AuthzGrantResponse {}

message AuthzRevokeRequest {
string principal_id = 1;
string resource_id = 3;
string resource_type = 2;
string principal_id = 1;
string entity_id = 3;
string entity_type = 2;
}

message AuthzRevokeResponse {}
12 changes: 5 additions & 7 deletions src/svc/authz.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,7 @@ template <>
rpcCheck::result_type Impl::call<rpcCheck>(
grpcxx::context &ctx, const rpcCheck::request_type &req) {
auto r = db::Tuple::lookup(
ctx.meta(common::space_id_v),
{req.principal_id()},
{req.resource_type(), req.resource_id()});
ctx.meta(common::space_id_v), {req.principal_id()}, {req.entity_type(), req.entity_id()});
return {grpcxx::status::code_t::ok, map(r)};
}

Expand All @@ -26,7 +24,7 @@ rpcGrant::result_type Impl::call<rpcGrant>(
if (auto r = db::Tuple::lookup(
ctx.meta(common::space_id_v),
{req.principal_id()},
{req.resource_type(), req.resource_id()});
{req.entity_type(), req.entity_id()});
r) {
if (req.has_attrs()) {
std::string attrs;
Expand All @@ -51,7 +49,7 @@ rpcRevoke::result_type Impl::call<rpcRevoke>(
if (auto r = db::Tuple::lookup(
ctx.meta(common::space_id_v),
{req.principal_id()},
{req.resource_type(), req.resource_id()});
{req.entity_type(), req.entity_id()});
r) {
db::Tuple::discard(r->id());
}
Expand Down Expand Up @@ -85,8 +83,8 @@ google::rpc::Status Impl::exception() noexcept {
db::Tuple Impl::map(const grpcxx::context &ctx, const rpcGrant::request_type &from) const noexcept {
db::Tuple to({
.lPrincipalId = from.principal_id(),
.rEntityId = from.resource_id(),
.rEntityType = from.resource_type(),
.rEntityId = from.entity_id(),
.rEntityType = from.entity_type(),
.spaceId = std::string(ctx.meta(common::space_id_v)),
});

Expand Down
48 changes: 24 additions & 24 deletions src/svc/authz_test.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,8 @@ TEST_F(svc_AuthzTest, Check) {

rpcCheck::request_type request;
request.set_principal_id(*tuple.lPrincipalId());
request.set_resource_type(tuple.rEntityType());
request.set_resource_id(tuple.rEntityId());
request.set_entity_type(tuple.rEntityType());
request.set_entity_id(tuple.rEntityId());

rpcCheck::result_type result;
EXPECT_NO_THROW(result = svc.call<rpcCheck>(ctx, request));
Expand All @@ -68,8 +68,8 @@ TEST_F(svc_AuthzTest, Check) {

rpcCheck::request_type request;
request.set_principal_id(*tuple.lPrincipalId());
request.set_resource_type(tuple.rEntityType());
request.set_resource_id(tuple.rEntityId());
request.set_entity_type(tuple.rEntityType());
request.set_entity_id(tuple.rEntityId());

rpcCheck::result_type result;
EXPECT_NO_THROW(result = svc.call<rpcCheck>(ctx, request));
Expand Down Expand Up @@ -106,8 +106,8 @@ TEST_F(svc_AuthzTest, Check) {

rpcCheck::request_type request;
request.set_principal_id(*tuple.lPrincipalId());
request.set_resource_type(tuple.rEntityType());
request.set_resource_id(tuple.rEntityId());
request.set_entity_type(tuple.rEntityType());
request.set_entity_id(tuple.rEntityId());

rpcCheck::result_type result;
EXPECT_NO_THROW(result = svc.call<rpcCheck>(ctx, request));
Expand All @@ -122,8 +122,8 @@ TEST_F(svc_AuthzTest, Check) {
{
rpcCheck::request_type request;
request.set_principal_id("non-existent");
request.set_resource_type("svc_AuthzTest");
request.set_resource_id("Check-non_existent");
request.set_entity_type("svc_AuthzTest");
request.set_entity_id("Check-non_existent");

rpcCheck::result_type result;
EXPECT_NO_THROW(result = svc.call<rpcCheck>(ctx, request));
Expand Down Expand Up @@ -151,8 +151,8 @@ TEST_F(svc_AuthzTest, Check) {

rpcCheck::request_type request;
request.set_principal_id(*tuple.lPrincipalId());
request.set_resource_type(tuple.rEntityType());
request.set_resource_id(tuple.rEntityId());
request.set_entity_type(tuple.rEntityType());
request.set_entity_id(tuple.rEntityId());

rpcCheck::result_type result;
EXPECT_NO_THROW(result = svc.call<rpcCheck>(ctx, request));
Expand All @@ -177,8 +177,8 @@ TEST_F(svc_AuthzTest, Grant) {
{
rpcGrant::request_type request;
request.set_principal_id(principal.id());
request.set_resource_type("svc_AuthzTest");
request.set_resource_id("Grant");
request.set_entity_type("svc_AuthzTest");
request.set_entity_id("Grant");

rpcGrant::result_type result;
EXPECT_NO_THROW(result = svc.call<rpcGrant>(ctx, request));
Expand All @@ -202,8 +202,8 @@ TEST_F(svc_AuthzTest, Grant) {

rpcGrant::request_type request;
request.set_principal_id(principal.id());
request.set_resource_type("svc_AuthzTest");
request.set_resource_id("Grant-with_space_id");
request.set_entity_type("svc_AuthzTest");
request.set_entity_id("Grant-with_space_id");

rpcGrant::result_type result;
EXPECT_NO_THROW(result = svc.call<rpcGrant>(ctx, request));
Expand All @@ -224,8 +224,8 @@ TEST_F(svc_AuthzTest, Grant) {

rpcGrant::request_type request;
request.set_principal_id(*tuple.lPrincipalId());
request.set_resource_type(tuple.rEntityType());
request.set_resource_id(tuple.rEntityId());
request.set_entity_type(tuple.rEntityType());
request.set_entity_id(tuple.rEntityId());

const std::string attrs(R"({"foo":"bar"})");
google::protobuf::util::JsonStringToMessage(attrs, request.mutable_attrs());
Expand Down Expand Up @@ -258,8 +258,8 @@ TEST_F(svc_AuthzTest, Grant) {
{
rpcGrant::request_type request;
request.set_principal_id("invalid");
request.set_resource_type("svc_AuthzTest");
request.set_resource_id("Grant-invalid_principal_id");
request.set_entity_type("svc_AuthzTest");
request.set_entity_id("Grant-invalid_principal_id");

rpcGrant::result_type result;
EXPECT_NO_THROW(result = svc.call<rpcGrant>(ctx, request));
Expand All @@ -277,8 +277,8 @@ TEST_F(svc_AuthzTest, Grant) {

rpcGrant::request_type request;
request.set_principal_id(principal.id());
request.set_resource_type("svc_AuthzTest");
request.set_resource_id("Grant-invalid_space_id");
request.set_entity_type("svc_AuthzTest");
request.set_entity_id("Grant-invalid_space_id");

rpcGrant::result_type result;
EXPECT_NO_THROW(result = svc.call<rpcGrant>(ctx, request));
Expand Down Expand Up @@ -309,8 +309,8 @@ TEST_F(svc_AuthzTest, Revoke) {

rpcRevoke::request_type request;
request.set_principal_id(*tuple.lPrincipalId());
request.set_resource_type(tuple.rEntityType());
request.set_resource_id(tuple.rEntityId());
request.set_entity_type(tuple.rEntityType());
request.set_entity_id(tuple.rEntityId());

rpcRevoke::result_type result;
EXPECT_NO_THROW(result = svc.call<rpcRevoke>(ctx, request));
Expand Down Expand Up @@ -339,8 +339,8 @@ TEST_F(svc_AuthzTest, Revoke) {

rpcRevoke::request_type request;
request.set_principal_id(*tuple.lPrincipalId());
request.set_resource_type(tuple.rEntityType());
request.set_resource_id(tuple.rEntityId());
request.set_entity_type(tuple.rEntityType());
request.set_entity_id(tuple.rEntityId());

rpcRevoke::result_type result;
EXPECT_NO_THROW(result = svc.call<rpcRevoke>(ctx, request));
Expand Down
Loading