From 067fb2432b47c462867256a45c5710a6eed6e74a Mon Sep 17 00:00:00 2001 From: Shoubhik Bose Date: Thu, 22 Feb 2018 02:47:03 +0530 Subject: [PATCH] Update pkg structure for authorization (#344) * updated pkg structure * group constants * rename repository * fix tests * add doc + comments * remove doc files * fix doc --- account/identity.go | 2 +- application/application.go | 13 +-- authorization/authorization.go | 15 ++++ authorization/common/authorization_common.go | 22 ------ authorization/doc.go | 2 + authorization/group/doc.go | 2 + authorization/organization/doc.go | 2 + authorization/organization/model/doc.go | 2 + .../model}/organization_model_service.go | 39 ++++----- ...rganization_model_service_blackbox_test.go | 35 ++++---- authorization/organization/organization.go | 18 +++++ authorization/organization/service/doc.go | 2 + .../service}/organization_service.go | 16 ++-- .../organization_service_blackbox_test.go | 31 ++++---- authorization/repositories/repositories.go | 16 ---- authorization/repository/doc.go | 2 + authorization/repository/repository.go | 18 +++++ authorization/resource/doc.go | 2 + authorization/resource/repository/doc.go | 2 + .../resource/{ => repository}/resource.go | 11 +-- .../resource_blackbox_test.go | 9 ++- authorization/resourcetype/doc.go | 2 + authorization/resourcetype/repository/doc.go | 2 + .../repository}/resource_type.go | 2 +- .../resource_type_blackbox_test.go | 8 +- .../resourcetype/scope/repository/doc.go | 2 + .../scope/repository}/resource_type_scope.go | 9 ++- .../resource_type_scope_blackbox_test.go | 13 +-- authorization/role/doc.go | 2 + authorization/role/identityrole/doc.go | 2 + .../role/identityrole/repository/doc.go | 2 + .../repository}/identity_role.go | 21 +++-- .../identity_role_blackbox_test.go | 79 +++++-------------- authorization/role/model/doc.go | 2 + .../model}/role_management_model_service.go | 27 ++++--- ...e_management_model_service_backbox_test.go | 8 +- authorization/role/repository/doc.go | 2 + authorization/role/{ => repository}/role.go | 23 +++--- .../{ => repository}/role_blackbox_test.go | 4 +- authorization/role/service/doc.go | 2 + .../service}/role_management_service.go | 16 ++-- .../role_management_service_blackbox_test.go | 24 +++--- authorization/team/doc.go | 2 + controller/organization.go | 10 +-- controller/organization_blackbox_test.go | 8 +- controller/resource.go | 5 +- controller/resource_roles.go | 14 ++-- controller/resource_roles_blackbox_test.go | 19 ++--- gormapplication/application.go | 19 +++-- main.go | 16 ++-- migration/migration_blackbox_test.go | 8 +- test/authorization.go | 24 +++--- 52 files changed, 334 insertions(+), 304 deletions(-) create mode 100644 authorization/authorization.go delete mode 100644 authorization/common/authorization_common.go create mode 100644 authorization/doc.go create mode 100644 authorization/group/doc.go create mode 100644 authorization/organization/doc.go create mode 100644 authorization/organization/model/doc.go rename authorization/{models => organization/model}/organization_model_service.go (83%) rename authorization/{models => organization/model}/organization_model_service_blackbox_test.go (76%) create mode 100644 authorization/organization/organization.go create mode 100644 authorization/organization/service/doc.go rename authorization/{ => organization/service}/organization_service.go (67%) rename authorization/{ => organization/service}/organization_service_blackbox_test.go (75%) delete mode 100644 authorization/repositories/repositories.go create mode 100644 authorization/repository/doc.go create mode 100644 authorization/repository/repository.go create mode 100644 authorization/resource/doc.go create mode 100644 authorization/resource/repository/doc.go rename authorization/resource/{ => repository}/resource.go (92%) rename authorization/resource/{ => repository}/resource_blackbox_test.go (90%) create mode 100644 authorization/resourcetype/doc.go create mode 100644 authorization/resourcetype/repository/doc.go rename authorization/{resource => resourcetype/repository}/resource_type.go (99%) rename authorization/{resource => resourcetype/repository}/resource_type_blackbox_test.go (82%) create mode 100644 authorization/resourcetype/scope/repository/doc.go rename authorization/{resource => resourcetype/scope/repository}/resource_type_scope.go (94%) rename authorization/{resource => resourcetype/scope/repository}/resource_type_scope_blackbox_test.go (50%) create mode 100644 authorization/role/doc.go create mode 100644 authorization/role/identityrole/doc.go create mode 100644 authorization/role/identityrole/repository/doc.go rename authorization/role/{ => identityrole/repository}/identity_role.go (88%) rename authorization/role/{ => identityrole/repository}/identity_role_blackbox_test.go (52%) create mode 100644 authorization/role/model/doc.go rename authorization/{models => role/model}/role_management_model_service.go (83%) rename authorization/{models => role/model}/role_management_model_service_backbox_test.go (89%) create mode 100644 authorization/role/repository/doc.go rename authorization/role/{ => repository}/role.go (89%) rename authorization/role/{ => repository}/role_blackbox_test.go (97%) create mode 100644 authorization/role/service/doc.go rename authorization/{ => role/service}/role_management_service.go (68%) rename authorization/{ => role/service}/role_management_service_blackbox_test.go (91%) create mode 100644 authorization/team/doc.go diff --git a/account/identity.go b/account/identity.go index 0ceb1ce..9c43377 100644 --- a/account/identity.go +++ b/account/identity.go @@ -8,7 +8,7 @@ import ( "time" "github.com/fabric8-services/fabric8-auth/application/repository" - "github.com/fabric8-services/fabric8-auth/authorization/resource" + resource "github.com/fabric8-services/fabric8-auth/authorization/resource/repository" "github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/gormsupport" "github.com/fabric8-services/fabric8-auth/log" diff --git a/application/application.go b/application/application.go index f3e9889..a8ee954 100644 --- a/application/application.go +++ b/application/application.go @@ -3,8 +3,11 @@ package application import ( "github.com/fabric8-services/fabric8-auth/account" "github.com/fabric8-services/fabric8-auth/auth" - "github.com/fabric8-services/fabric8-auth/authorization/resource" - "github.com/fabric8-services/fabric8-auth/authorization/role" + resource "github.com/fabric8-services/fabric8-auth/authorization/resource/repository" + resourcetype "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/repository" + scope "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/scope/repository" + identityrole "github.com/fabric8-services/fabric8-auth/authorization/role/identityrole/repository" + role "github.com/fabric8-services/fabric8-auth/authorization/role/repository" "github.com/fabric8-services/fabric8-auth/space" "github.com/fabric8-services/fabric8-auth/token/provider" ) @@ -18,9 +21,9 @@ type Application interface { ExternalTokens() provider.ExternalTokenRepository VerificationCodes() account.VerificationCodeRepository ResourceRepository() resource.ResourceRepository - ResourceTypeRepository() resource.ResourceTypeRepository - ResourceTypeScopeRepository() resource.ResourceTypeScopeRepository - IdentityRoleRepository() role.IdentityRoleRepository + ResourceTypeRepository() resourcetype.ResourceTypeRepository + ResourceTypeScopeRepository() scope.ResourceTypeScopeRepository + IdentityRoleRepository() identityrole.IdentityRoleRepository RoleRepository() role.RoleRepository } diff --git a/authorization/authorization.go b/authorization/authorization.go new file mode 100644 index 0000000..fcd4f04 --- /dev/null +++ b/authorization/authorization.go @@ -0,0 +1,15 @@ +package authorization + +const ( + // IdentityResourceTypeOrganization defines the string constant to be used for denoting an organization managed by the authorization framework + IdentityResourceTypeOrganization = "identity/organization" + + // IdentityResourceTypeTeam defines the string constant to be used for denoting a team managed by the authorization framework + IdentityResourceTypeTeam = "identity/team" + + // IdentityResourceTypeGroup defines the string constant to be used for denoting a group managed by the authorization framework + IdentityResourceTypeGroup = "identity/group" + + // IdentityResourceTypeUser defines the string constant to be used for denoting a user managed by the authorization framework + IdentityResourceTypeUser = "identity/user" +) diff --git a/authorization/common/authorization_common.go b/authorization/common/authorization_common.go deleted file mode 100644 index b4e2cd8..0000000 --- a/authorization/common/authorization_common.go +++ /dev/null @@ -1,22 +0,0 @@ -package common - -import ( - uuid "github.com/satori/go.uuid" -) - -const ( - IdentityResourceTypeOrganization = "identity/organization" - IdentityResourceTypeTeam = "identity/team" - IdentityResourceTypeGroup = "identity/group" - IdentityResourceTypeUser = "identity/user" - - OrganizationOwnerRole = "owner" -) - -// This struct is used to return the Organizations for which an Identity is associated -type IdentityOrganization struct { - OrganizationID uuid.UUID - Name string - Member bool - Roles []string -} diff --git a/authorization/doc.go b/authorization/doc.go new file mode 100644 index 0000000..7633dab --- /dev/null +++ b/authorization/doc.go @@ -0,0 +1,2 @@ +// Package authorization provides the APIs for all available authorization concepts. +package authorization diff --git a/authorization/group/doc.go b/authorization/group/doc.go new file mode 100644 index 0000000..c82d98d --- /dev/null +++ b/authorization/group/doc.go @@ -0,0 +1,2 @@ +// Package group provides APIs for managing groups. +package group diff --git a/authorization/organization/doc.go b/authorization/organization/doc.go new file mode 100644 index 0000000..1ac6c97 --- /dev/null +++ b/authorization/organization/doc.go @@ -0,0 +1,2 @@ +// Package organization provides the service, model and repository APIs for managing organizations. +package organization diff --git a/authorization/organization/model/doc.go b/authorization/organization/model/doc.go new file mode 100644 index 0000000..03927d6 --- /dev/null +++ b/authorization/organization/model/doc.go @@ -0,0 +1,2 @@ +// Package model provides the code which encapsulates complex database interactions for managing organizations +package model diff --git a/authorization/models/organization_model_service.go b/authorization/organization/model/organization_model_service.go similarity index 83% rename from authorization/models/organization_model_service.go rename to authorization/organization/model/organization_model_service.go index 412d75f..d3dab22 100644 --- a/authorization/models/organization_model_service.go +++ b/authorization/organization/model/organization_model_service.go @@ -1,13 +1,16 @@ -package models +package model import ( "context" "fmt" "github.com/fabric8-services/fabric8-auth/account" - "github.com/fabric8-services/fabric8-auth/authorization/common" - "github.com/fabric8-services/fabric8-auth/authorization/repositories" - "github.com/fabric8-services/fabric8-auth/authorization/resource" - "github.com/fabric8-services/fabric8-auth/authorization/role" + "github.com/fabric8-services/fabric8-auth/authorization" + organization "github.com/fabric8-services/fabric8-auth/authorization/organization" + + "github.com/fabric8-services/fabric8-auth/authorization/repository" + + resource "github.com/fabric8-services/fabric8-auth/authorization/resource/repository" + identityrole "github.com/fabric8-services/fabric8-auth/authorization/role/identityrole/repository" "github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/log" "github.com/jinzhu/gorm" @@ -16,18 +19,18 @@ import ( type OrganizationModelService interface { CreateOrganization(ctx context.Context, identityID uuid.UUID, organizationName string) (*uuid.UUID, error) - ListOrganizations(ctx context.Context, identityID uuid.UUID) ([]common.IdentityOrganization, error) + ListOrganizations(ctx context.Context, identityID uuid.UUID) ([]organization.IdentityOrganization, error) } // GormOrganizationModelService is the implementation of the interface for // OrganizationService. IMPORTANT NOTE: Transaction control is not provided by this service type GormOrganizationModelService struct { db *gorm.DB - repo repositories.Repositories + repo repository.Repositories } // NewOrganizationModelService creates a new service. -func NewOrganizationModelService(db *gorm.DB, repo repositories.Repositories) OrganizationModelService { +func NewOrganizationModelService(db *gorm.DB, repo repository.Repositories) OrganizationModelService { return &GormOrganizationModelService{ db: db, repo: repo, @@ -46,7 +49,7 @@ func (s *GormOrganizationModelService) CreateOrganization(ctx context.Context, i } // Lookup the organization resource type - resourceType, err := s.repo.ResourceTypeRepository().Lookup(ctx, common.IdentityResourceTypeOrganization) + resourceType, err := s.repo.ResourceTypeRepository().Lookup(ctx, authorization.IdentityResourceTypeOrganization) if err != nil { return nil, err } @@ -76,14 +79,14 @@ func (s *GormOrganizationModelService) CreateOrganization(ctx context.Context, i organizationId = orgIdentity.ID // Lookup the identity/organization owner role - ownerRole, err := s.repo.RoleRepository().Lookup(ctx, common.OrganizationOwnerRole, common.IdentityResourceTypeOrganization) + ownerRole, err := s.repo.RoleRepository().Lookup(ctx, organization.OrganizationOwnerRole, authorization.IdentityResourceTypeOrganization) if err != nil { return nil, errors.NewInternalErrorFromString(ctx, "Error looking up owner role for 'identity/organization' resource type") } // Assign the owner role for the new organization to the current user - identityRole := &role.IdentityRole{ + identityRole := &identityrole.IdentityRole{ IdentityID: userIdentity.ID, ResourceID: res.ResourceID, RoleID: ownerRole.RoleID, @@ -102,11 +105,11 @@ func (s *GormOrganizationModelService) CreateOrganization(ctx context.Context, i } // Returns an array of all organizations in which the specified user is a member or is assigned a role -func (s *GormOrganizationModelService) ListOrganizations(ctx context.Context, identityID uuid.UUID) ([]common.IdentityOrganization, error) { +func (s *GormOrganizationModelService) ListOrganizations(ctx context.Context, identityID uuid.UUID) ([]organization.IdentityOrganization, error) { db := s.db.Model(&account.Identity{}) - findOrganization := func(orgs []common.IdentityOrganization, id uuid.UUID) int { + findOrganization := func(orgs []organization.IdentityOrganization, id uuid.UUID) int { for i, org := range orgs { if org.OrganizationID == id { return i @@ -115,7 +118,7 @@ func (s *GormOrganizationModelService) ListOrganizations(ctx context.Context, id return -1 } - results := []common.IdentityOrganization{} + results := []organization.IdentityOrganization{} // query for organizations in which the user is a member rows, err := db.Unscoped().Raw(`SELECT @@ -148,7 +151,7 @@ func (s *GormOrganizationModelService) ListOrganizations(ctx context.Context, id ) select member_of from m ))`, - common.IdentityResourceTypeOrganization, identityID, identityID).Rows() + authorization.IdentityResourceTypeOrganization, identityID, identityID).Rows() if err != nil { return nil, err @@ -166,7 +169,7 @@ func (s *GormOrganizationModelService) ListOrganizations(ctx context.Context, id idx := findOrganization(results, organizationId) if idx == -1 { - results = append(results, common.IdentityOrganization{ + results = append(results, organization.IdentityOrganization{ OrganizationID: organizationId, Name: name, Member: true, @@ -215,7 +218,7 @@ func (s *GormOrganizationModelService) ListOrganizations(ctx context.Context, id ) select member_id from m ))`, - common.IdentityResourceTypeOrganization, identityID, identityID).Rows() + authorization.IdentityResourceTypeOrganization, identityID, identityID).Rows() if err != nil { return nil, err @@ -234,7 +237,7 @@ func (s *GormOrganizationModelService) ListOrganizations(ctx context.Context, id idx := findOrganization(results, organizationId) if idx == -1 { - results = append(results, common.IdentityOrganization{ + results = append(results, organization.IdentityOrganization{ OrganizationID: organizationId, Name: name, Member: false, diff --git a/authorization/models/organization_model_service_blackbox_test.go b/authorization/organization/model/organization_model_service_blackbox_test.go similarity index 76% rename from authorization/models/organization_model_service_blackbox_test.go rename to authorization/organization/model/organization_model_service_blackbox_test.go index 8c1b858..8e372e9 100644 --- a/authorization/models/organization_model_service_blackbox_test.go +++ b/authorization/organization/model/organization_model_service_blackbox_test.go @@ -1,13 +1,14 @@ -package models_test +package model_test import ( "testing" "github.com/fabric8-services/fabric8-auth/account" - "github.com/fabric8-services/fabric8-auth/authorization/common" - "github.com/fabric8-services/fabric8-auth/authorization/models" - "github.com/fabric8-services/fabric8-auth/authorization/resource" - "github.com/fabric8-services/fabric8-auth/authorization/role" + "github.com/fabric8-services/fabric8-auth/authorization" + "github.com/fabric8-services/fabric8-auth/authorization/organization" + organizationModelService "github.com/fabric8-services/fabric8-auth/authorization/organization/model" + resource "github.com/fabric8-services/fabric8-auth/authorization/resource/repository" + identityrole "github.com/fabric8-services/fabric8-auth/authorization/role/identityrole/repository" "github.com/fabric8-services/fabric8-auth/gormtestsupport" "github.com/fabric8-services/fabric8-auth/test" @@ -18,13 +19,10 @@ import ( type organizationModelServiceBlackBoxTest struct { gormtestsupport.DBTestSuite - repo resource.ResourceRepository identityRepo account.IdentityRepository - identityRoleRepo role.IdentityRoleRepository + identityRoleRepo identityrole.IdentityRoleRepository resourceRepo resource.ResourceRepository - resourceTypeRepo resource.ResourceTypeRepository - roleRepo role.RoleRepository - orgModelService models.OrganizationModelService + orgModelService organizationModelService.OrganizationModelService } func TestRunOrganizationModelServiceBlackBoxTest(t *testing.T) { @@ -33,14 +31,11 @@ func TestRunOrganizationModelServiceBlackBoxTest(t *testing.T) { func (s *organizationModelServiceBlackBoxTest) SetupTest() { s.DBTestSuite.SetupTest() - s.repo = resource.NewResourceRepository(s.DB) s.identityRepo = account.NewIdentityRepository(s.DB) - s.identityRoleRepo = role.NewIdentityRoleRepository(s.DB) + s.identityRoleRepo = identityrole.NewIdentityRoleRepository(s.DB) s.resourceRepo = resource.NewResourceRepository(s.DB) - s.resourceTypeRepo = resource.NewResourceTypeRepository(s.DB) - s.roleRepo = role.NewRoleRepository(s.DB) - s.orgModelService = models.NewOrganizationModelService(s.DB, s.Application) + s.orgModelService = organizationModelService.NewOrganizationModelService(s.DB, s.Application) } func (s *organizationModelServiceBlackBoxTest) TestCreateOrganization() { @@ -62,7 +57,7 @@ func (s *organizationModelServiceBlackBoxTest) TestCreateOrganization() { orgResource, err := s.resourceRepo.Load(s.Ctx, *orgIdentity.IdentityResourceID) require.Nil(s.T(), err, "Could not load the organization's resource") - require.Equal(s.T(), common.IdentityResourceTypeOrganization, orgResource.ResourceType.Name, "Organization resource type is invalid") + require.Equal(s.T(), authorization.IdentityResourceTypeOrganization, orgResource.ResourceType.Name, "Organization resource type is invalid") require.Equal(s.T(), orgResource.Name, "Test Organization ZXYAAA") @@ -73,7 +68,7 @@ func (s *organizationModelServiceBlackBoxTest) TestCreateOrganization() { var roleName string rows.Scan(&roleName) - require.Equal(s.T(), common.OrganizationOwnerRole, roleName, "Only 'owner' role should be assigned during organization creation") + require.Equal(s.T(), organization.OrganizationOwnerRole, roleName, "Only 'owner' role should be assigned during organization creation") roleCount++ } @@ -108,7 +103,7 @@ func (s *organizationModelServiceBlackBoxTest) TestListOrganization() { s.equalOrganization(*orgId2, "One More Test Organization MMMYYY", s.findOrganizationWithID(*orgId2, orgs)) } -func (s *organizationModelServiceBlackBoxTest) findOrganizationWithID(orgId uuid.UUID, orgs []common.IdentityOrganization) *common.IdentityOrganization { +func (s *organizationModelServiceBlackBoxTest) findOrganizationWithID(orgId uuid.UUID, orgs []organization.IdentityOrganization) *organization.IdentityOrganization { for _, org := range orgs { if org.OrganizationID == orgId { return &org @@ -117,11 +112,11 @@ func (s *organizationModelServiceBlackBoxTest) findOrganizationWithID(orgId uuid return nil } -func (s *organizationModelServiceBlackBoxTest) equalOrganization(expectedOrgID uuid.UUID, expectedOrgName string, actualOrg *common.IdentityOrganization) { +func (s *organizationModelServiceBlackBoxTest) equalOrganization(expectedOrgID uuid.UUID, expectedOrgName string, actualOrg *organization.IdentityOrganization) { require.NotNil(s.T(), actualOrg, "Organization is nil") require.Equal(s.T(), expectedOrgID, actualOrg.OrganizationID, "Organization ID is different") require.Equal(s.T(), false, actualOrg.Member, "User should not be a member of newly created organization") require.Equal(s.T(), expectedOrgName, actualOrg.Name, "Organization name is different") require.Equal(s.T(), 1, len(actualOrg.Roles), "New organization should have assigned exactly 1 role") - require.Equal(s.T(), common.OrganizationOwnerRole, actualOrg.Roles[0], "New organization should have assigned owner role") + require.Equal(s.T(), organization.OrganizationOwnerRole, actualOrg.Roles[0], "New organization should have assigned owner role") } diff --git a/authorization/organization/organization.go b/authorization/organization/organization.go new file mode 100644 index 0000000..3ede275 --- /dev/null +++ b/authorization/organization/organization.go @@ -0,0 +1,18 @@ +package organization + +import ( + uuid "github.com/satori/go.uuid" +) + +const ( + // OrganizationOwnerRole is the constant used to denotee the name of the owner's role + OrganizationOwnerRole = "owner" +) + +// IdentityOrganization is used to return the Organizations for which an Identity is associated +type IdentityOrganization struct { + OrganizationID uuid.UUID + Name string + Member bool + Roles []string +} diff --git a/authorization/organization/service/doc.go b/authorization/organization/service/doc.go new file mode 100644 index 0000000..aed1c8b --- /dev/null +++ b/authorization/organization/service/doc.go @@ -0,0 +1,2 @@ +// Package service provides the code which handles the business logic for managing organizations +package service diff --git a/authorization/organization_service.go b/authorization/organization/service/organization_service.go similarity index 67% rename from authorization/organization_service.go rename to authorization/organization/service/organization_service.go index 5e3d6dd..7b383a6 100644 --- a/authorization/organization_service.go +++ b/authorization/organization/service/organization_service.go @@ -1,24 +1,24 @@ -package authorization +package service import ( "context" "github.com/fabric8-services/fabric8-auth/application" - "github.com/fabric8-services/fabric8-auth/authorization/common" - "github.com/fabric8-services/fabric8-auth/authorization/models" + organization "github.com/fabric8-services/fabric8-auth/authorization/organization" + organizationModel "github.com/fabric8-services/fabric8-auth/authorization/organization/model" uuid "github.com/satori/go.uuid" ) type OrganizationService interface { CreateOrganization(ctx context.Context, identityID uuid.UUID, organizationName string) (*uuid.UUID, error) - ListOrganizations(ctx context.Context, identityID uuid.UUID) ([]common.IdentityOrganization, error) + ListOrganizations(ctx context.Context, identityID uuid.UUID) ([]organization.IdentityOrganization, error) } type OrganizationServiceImpl struct { - modelService models.OrganizationModelService + modelService organizationModel.OrganizationModelService db application.DB } -func NewOrganizationService(modelService models.OrganizationModelService, db application.DB) OrganizationService { +func NewOrganizationService(modelService organizationModel.OrganizationModelService, db application.DB) OrganizationService { return &OrganizationServiceImpl{modelService: modelService, db: db} } @@ -35,8 +35,8 @@ func (s *OrganizationServiceImpl) CreateOrganization(ctx context.Context, identi return organizationId, err } -func (s *OrganizationServiceImpl) ListOrganizations(ctx context.Context, identityID uuid.UUID) ([]common.IdentityOrganization, error) { - var orgs []common.IdentityOrganization +func (s *OrganizationServiceImpl) ListOrganizations(ctx context.Context, identityID uuid.UUID) ([]organization.IdentityOrganization, error) { + var orgs []organization.IdentityOrganization var err error err = application.Transactional(s.db, func(appl application.Application) error { orgs, err = s.modelService.ListOrganizations(ctx, identityID) diff --git a/authorization/organization_service_blackbox_test.go b/authorization/organization/service/organization_service_blackbox_test.go similarity index 75% rename from authorization/organization_service_blackbox_test.go rename to authorization/organization/service/organization_service_blackbox_test.go index 2087890..47bd13d 100644 --- a/authorization/organization_service_blackbox_test.go +++ b/authorization/organization/service/organization_service_blackbox_test.go @@ -1,17 +1,20 @@ -package authorization_test +package service_test import ( "testing" "github.com/fabric8-services/fabric8-auth/account" "github.com/fabric8-services/fabric8-auth/authorization" - "github.com/fabric8-services/fabric8-auth/authorization/models" - "github.com/fabric8-services/fabric8-auth/authorization/resource" + "github.com/fabric8-services/fabric8-auth/authorization/organization" + organizationModel "github.com/fabric8-services/fabric8-auth/authorization/organization/model" + organizationService "github.com/fabric8-services/fabric8-auth/authorization/organization/service" + resource "github.com/fabric8-services/fabric8-auth/authorization/resource/repository" + identityrole "github.com/fabric8-services/fabric8-auth/authorization/role/identityrole/repository" + "github.com/fabric8-services/fabric8-auth/gormtestsupport" + "github.com/satori/go.uuid" - "github.com/fabric8-services/fabric8-auth/authorization/common" - "github.com/fabric8-services/fabric8-auth/authorization/role" "github.com/stretchr/testify/require" "github.com/stretchr/testify/suite" ) @@ -20,11 +23,9 @@ type organizationServiceBlackBoxTest struct { gormtestsupport.DBTestSuite repo resource.ResourceRepository identityRepo account.IdentityRepository - identityRoleRepo role.IdentityRoleRepository + identityRoleRepo identityrole.IdentityRoleRepository resourceRepo resource.ResourceRepository - resourceTypeRepo resource.ResourceTypeRepository - roleRepo role.RoleRepository - orgService authorization.OrganizationService + orgService organizationService.OrganizationService } func TestRunOrganizationServiceBlackBoxTest(t *testing.T) { @@ -33,14 +34,10 @@ func TestRunOrganizationServiceBlackBoxTest(t *testing.T) { func (s *organizationServiceBlackBoxTest) SetupTest() { s.DBTestSuite.SetupTest() - s.repo = resource.NewResourceRepository(s.DB) s.identityRepo = account.NewIdentityRepository(s.DB) - s.identityRoleRepo = role.NewIdentityRoleRepository(s.DB) + s.identityRoleRepo = identityrole.NewIdentityRoleRepository(s.DB) s.resourceRepo = resource.NewResourceRepository(s.DB) - s.resourceTypeRepo = resource.NewResourceTypeRepository(s.DB) - s.roleRepo = role.NewRoleRepository(s.DB) - - s.orgService = models.NewOrganizationModelService(s.DB, s.Application) + s.orgService = organizationModel.NewOrganizationModelService(s.DB, s.Application) } func (s *organizationServiceBlackBoxTest) TestCreateOrganization() { @@ -67,7 +64,7 @@ func (s *organizationServiceBlackBoxTest) TestCreateOrganization() { orgResource, err := s.resourceRepo.Load(s.Ctx, *orgIdentity.IdentityResourceID) require.Nil(s.T(), err, "Could not load the organization's resource") - require.Equal(s.T(), common.IdentityResourceTypeOrganization, orgResource.ResourceType.Name, "Organization resource type is invalid") + require.Equal(s.T(), authorization.IdentityResourceTypeOrganization, orgResource.ResourceType.Name, "Organization resource type is invalid") } func (s *organizationServiceBlackBoxTest) TestListOrganization() { @@ -94,5 +91,5 @@ func (s *organizationServiceBlackBoxTest) TestListOrganization() { require.Equal(s.T(), false, org.Member, "User should not be a member of newly created organization") require.Equal(s.T(), "Test Organization MMMYYY", org.Name, "Organization name is different") require.Equal(s.T(), 1, len(org.Roles), "New organization should have assigned exactly 1 role") - require.Equal(s.T(), common.OrganizationOwnerRole, org.Roles[0], "New organization should have assigned owner role") + require.Equal(s.T(), organization.OrganizationOwnerRole, org.Roles[0], "New organization should have assigned owner role") } diff --git a/authorization/repositories/repositories.go b/authorization/repositories/repositories.go deleted file mode 100644 index 4ff93f6..0000000 --- a/authorization/repositories/repositories.go +++ /dev/null @@ -1,16 +0,0 @@ -package repositories - -import ( - "github.com/fabric8-services/fabric8-auth/account" - "github.com/fabric8-services/fabric8-auth/authorization/resource" - "github.com/fabric8-services/fabric8-auth/authorization/role" -) - -// This lets us avoid an import cycle, which Go doesn't allow -type Repositories interface { - Identities() account.IdentityRepository - ResourceRepository() resource.ResourceRepository - ResourceTypeRepository() resource.ResourceTypeRepository - RoleRepository() role.RoleRepository - IdentityRoleRepository() role.IdentityRoleRepository -} diff --git a/authorization/repository/doc.go b/authorization/repository/doc.go new file mode 100644 index 0000000..12fa75c --- /dev/null +++ b/authorization/repository/doc.go @@ -0,0 +1,2 @@ +// Package repository provides the interface for authorization-related repository types. +package repository diff --git a/authorization/repository/repository.go b/authorization/repository/repository.go new file mode 100644 index 0000000..22310a3 --- /dev/null +++ b/authorization/repository/repository.go @@ -0,0 +1,18 @@ +package repository + +import ( + "github.com/fabric8-services/fabric8-auth/account" + resource "github.com/fabric8-services/fabric8-auth/authorization/resource/repository" + resourcetype "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/repository" + identityrole "github.com/fabric8-services/fabric8-auth/authorization/role/identityrole/repository" + role "github.com/fabric8-services/fabric8-auth/authorization/role/repository" +) + +// This lets us avoid an import cycle, which Go doesn't allow +type Repositories interface { + Identities() account.IdentityRepository + ResourceRepository() resource.ResourceRepository + ResourceTypeRepository() resourcetype.ResourceTypeRepository + RoleRepository() role.RoleRepository + IdentityRoleRepository() identityrole.IdentityRoleRepository +} diff --git a/authorization/resource/doc.go b/authorization/resource/doc.go new file mode 100644 index 0000000..dba9a1a --- /dev/null +++ b/authorization/resource/doc.go @@ -0,0 +1,2 @@ +// Package resource provides the service, model and repository APIs for managing resources. +package resource diff --git a/authorization/resource/repository/doc.go b/authorization/resource/repository/doc.go new file mode 100644 index 0000000..6cc2046 --- /dev/null +++ b/authorization/resource/repository/doc.go @@ -0,0 +1,2 @@ +// Package repository provides the APIs for making 'resource' related database interactions. +package repository diff --git a/authorization/resource/resource.go b/authorization/resource/repository/resource.go similarity index 92% rename from authorization/resource/resource.go rename to authorization/resource/repository/resource.go index 37f2fe2..b771da0 100644 --- a/authorization/resource/resource.go +++ b/authorization/resource/repository/resource.go @@ -1,4 +1,4 @@ -package resource +package repository import ( "context" @@ -11,6 +11,7 @@ import ( "fmt" "github.com/fabric8-services/fabric8-auth/application/repository" + resourcetype "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/repository" "github.com/goadesign/goa" errs "github.com/pkg/errors" "github.com/satori/go.uuid" @@ -24,7 +25,7 @@ type Resource struct { // The parent resource ID ParentResourceID *string // The resource type - ResourceType ResourceType + ResourceType resourcetype.ResourceType // The identifier for the resource type ResourceTypeID uuid.UUID // Resource name @@ -45,12 +46,12 @@ func (m Resource) GetLastModified() time.Time { // GormResourceRepository is the implementation of the storage interface for Resource. type GormResourceRepository struct { db *gorm.DB - resourceTypeRepo ResourceTypeRepository + resourceTypeRepo resourcetype.ResourceTypeRepository } // NewResourceRepository creates a new storage type. func NewResourceRepository(db *gorm.DB) ResourceRepository { - return &GormResourceRepository{db: db, resourceTypeRepo: NewResourceTypeRepository(db)} + return &GormResourceRepository{db: db, resourceTypeRepo: resourcetype.NewResourceTypeRepository(db)} } // ResourceRepository represents the storage interface. @@ -80,7 +81,7 @@ func (m *GormResourceRepository) Load(ctx context.Context, id string) (*Resource return nil, errs.WithStack(errors.NewNotFoundError("resource", id)) } - err = m.db.Table(ResourceType{}.TableName()).Where("resource_type_id = ?", native.ResourceTypeID).Find(&native.ResourceType).Error + err = m.db.Table(resourcetype.ResourceType{}.TableName()).Where("resource_type_id = ?", native.ResourceTypeID).Find(&native.ResourceType).Error if err == gorm.ErrRecordNotFound { return nil, errs.WithStack(errors.NewNotFoundError("resource_type", id)) } diff --git a/authorization/resource/resource_blackbox_test.go b/authorization/resource/repository/resource_blackbox_test.go similarity index 90% rename from authorization/resource/resource_blackbox_test.go rename to authorization/resource/repository/resource_blackbox_test.go index 06c1a22..b77b120 100644 --- a/authorization/resource/resource_blackbox_test.go +++ b/authorization/resource/repository/resource_blackbox_test.go @@ -1,10 +1,11 @@ -package resource_test +package repository_test import ( "testing" "github.com/fabric8-services/fabric8-auth/account" - "github.com/fabric8-services/fabric8-auth/authorization/resource" + resource "github.com/fabric8-services/fabric8-auth/authorization/resource/repository" + resourcetype "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/repository" "github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/gormtestsupport" @@ -18,7 +19,7 @@ type resourceBlackBoxTest struct { gormtestsupport.DBTestSuite repo resource.ResourceRepository identityRepo account.IdentityRepository - resourceTypeRepo resource.ResourceTypeRepository + resourceTypeRepo resourcetype.ResourceTypeRepository } func TestRunResourceBlackBoxTest(t *testing.T) { @@ -29,7 +30,7 @@ func (s *resourceBlackBoxTest) SetupTest() { s.DBTestSuite.SetupTest() s.repo = resource.NewResourceRepository(s.DB) s.identityRepo = account.NewIdentityRepository(s.DB) - s.resourceTypeRepo = resource.NewResourceTypeRepository(s.DB) + s.resourceTypeRepo = resourcetype.NewResourceTypeRepository(s.DB) } func (s *resourceBlackBoxTest) TestOKToDelete() { diff --git a/authorization/resourcetype/doc.go b/authorization/resourcetype/doc.go new file mode 100644 index 0000000..39d9dee --- /dev/null +++ b/authorization/resourcetype/doc.go @@ -0,0 +1,2 @@ +// Package resourcetype provides the service, model and repository APIs for managing resource types. +package resourcetype diff --git a/authorization/resourcetype/repository/doc.go b/authorization/resourcetype/repository/doc.go new file mode 100644 index 0000000..6a131b9 --- /dev/null +++ b/authorization/resourcetype/repository/doc.go @@ -0,0 +1,2 @@ +// Package repository provides the APIs for making resource_type related database interactions. +package repository diff --git a/authorization/resource/resource_type.go b/authorization/resourcetype/repository/resource_type.go similarity index 99% rename from authorization/resource/resource_type.go rename to authorization/resourcetype/repository/resource_type.go index 7ed132d..f44954a 100644 --- a/authorization/resource/resource_type.go +++ b/authorization/resourcetype/repository/resource_type.go @@ -1,4 +1,4 @@ -package resource +package repository import ( "context" diff --git a/authorization/resource/resource_type_blackbox_test.go b/authorization/resourcetype/repository/resource_type_blackbox_test.go similarity index 82% rename from authorization/resource/resource_type_blackbox_test.go rename to authorization/resourcetype/repository/resource_type_blackbox_test.go index 52f6965..7b65fe2 100644 --- a/authorization/resource/resource_type_blackbox_test.go +++ b/authorization/resourcetype/repository/resource_type_blackbox_test.go @@ -1,9 +1,9 @@ -package resource_test +package repository_test import ( "testing" - "github.com/fabric8-services/fabric8-auth/authorization/resource" + resourcetype "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/repository" //"github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/gormtestsupport" @@ -13,7 +13,7 @@ import ( type resourceTypeBlackBoxTest struct { gormtestsupport.DBTestSuite - repo resource.ResourceTypeRepository + repo resourcetype.ResourceTypeRepository } var knownResourceTypes = [2]string{"openshift.io/resource/area", "identity/organization"} @@ -24,7 +24,7 @@ func TestRunResourceTypeBlackBoxTest(t *testing.T) { func (s *resourceTypeBlackBoxTest) SetupTest() { s.DBTestSuite.SetupTest() - s.repo = resource.NewResourceTypeRepository(s.DB) + s.repo = resourcetype.NewResourceTypeRepository(s.DB) } func (s *resourceTypeBlackBoxTest) TestDefaultResourceTypesExist() { diff --git a/authorization/resourcetype/scope/repository/doc.go b/authorization/resourcetype/scope/repository/doc.go new file mode 100644 index 0000000..4489caf --- /dev/null +++ b/authorization/resourcetype/scope/repository/doc.go @@ -0,0 +1,2 @@ +// Package repository provides the APIs for making 'resource_type_scope' related database interactions. +package repository diff --git a/authorization/resource/resource_type_scope.go b/authorization/resourcetype/scope/repository/resource_type_scope.go similarity index 94% rename from authorization/resource/resource_type_scope.go rename to authorization/resourcetype/scope/repository/resource_type_scope.go index b29616b..086f116 100644 --- a/authorization/resource/resource_type_scope.go +++ b/authorization/resourcetype/scope/repository/resource_type_scope.go @@ -1,9 +1,10 @@ -package resource +package repository import ( "context" "time" + resourcetype "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/repository" "github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/gormsupport" "github.com/fabric8-services/fabric8-auth/log" @@ -22,7 +23,7 @@ type ResourceTypeScope struct { // This is the primary key value ResourceTypeScopeID uuid.UUID `sql:"type:uuid default uuid_generate_v4()" gorm:"primary_key" gorm:"column:resource_type_scope_id"` // The resource type that this scope belongs to - ResourceType ResourceType `gorm:"ForeignKey:ResourceTypeID;AssociationForeignKey:ResourceTypeID"` + ResourceType resourcetype.ResourceType `gorm:"ForeignKey:ResourceTypeID;AssociationForeignKey:ResourceTypeID"` // The foreign key value for ResourceType ResourceTypeID uuid.UUID // The name of this scope @@ -55,7 +56,7 @@ type ResourceTypeScopeRepository interface { CheckExists(ctx context.Context, id string) (bool, error) Load(ctx context.Context, ID uuid.UUID) (*ResourceTypeScope, error) LookupForType(ctx context.Context, resourceTypeID uuid.UUID) ([]ResourceTypeScope, error) - List(ctx context.Context, resourceType *ResourceType) ([]ResourceTypeScope, error) + List(ctx context.Context, resourceType *resourcetype.ResourceType) ([]ResourceTypeScope, error) } // TableName overrides the table name settings in Gorm to force a specific table name @@ -180,7 +181,7 @@ func (m *GormResourceTypeScopeRepository) Delete(ctx context.Context, id uuid.UU } // List return all resource type scopes -func (m *GormResourceTypeScopeRepository) List(ctx context.Context, resourceType *ResourceType) ([]ResourceTypeScope, error) { +func (m *GormResourceTypeScopeRepository) List(ctx context.Context, resourceType *resourcetype.ResourceType) ([]ResourceTypeScope, error) { defer goa.MeasureSince([]string{"goa", "db", "resource_type_scope", "list"}, time.Now()) var rows []ResourceTypeScope diff --git a/authorization/resource/resource_type_scope_blackbox_test.go b/authorization/resourcetype/scope/repository/resource_type_scope_blackbox_test.go similarity index 50% rename from authorization/resource/resource_type_scope_blackbox_test.go rename to authorization/resourcetype/scope/repository/resource_type_scope_blackbox_test.go index ff3033e..4166dd6 100644 --- a/authorization/resource/resource_type_scope_blackbox_test.go +++ b/authorization/resourcetype/scope/repository/resource_type_scope_blackbox_test.go @@ -1,9 +1,10 @@ -package resource_test +package repository_test import ( "testing" - "github.com/fabric8-services/fabric8-auth/authorization/resource" + resourcetype "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/repository" + scope "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/scope/repository" "github.com/fabric8-services/fabric8-auth/gormtestsupport" "github.com/stretchr/testify/suite" @@ -11,8 +12,8 @@ import ( type resourceTypeScopeBlackBoxTest struct { gormtestsupport.DBTestSuite - repo resource.ResourceTypeScopeRepository - resourceTypeRepo resource.ResourceTypeRepository + repo scope.ResourceTypeScopeRepository + resourceTypeRepo resourcetype.ResourceTypeRepository } func TestRunResourceTypeScopeBlackBoxTest(t *testing.T) { @@ -22,6 +23,6 @@ func TestRunResourceTypeScopeBlackBoxTest(t *testing.T) { func (s *resourceTypeScopeBlackBoxTest) SetupTest() { s.DBTestSuite.SetupTest() s.DB.LogMode(true) - s.repo = resource.NewResourceTypeScopeRepository(s.DB) - s.resourceTypeRepo = resource.NewResourceTypeRepository(s.DB) + s.repo = scope.NewResourceTypeScopeRepository(s.DB) + s.resourceTypeRepo = resourcetype.NewResourceTypeRepository(s.DB) } diff --git a/authorization/role/doc.go b/authorization/role/doc.go new file mode 100644 index 0000000..fe8c8ce --- /dev/null +++ b/authorization/role/doc.go @@ -0,0 +1,2 @@ +// Package role provides the service, model and repository APIs for managing roles. +package role diff --git a/authorization/role/identityrole/doc.go b/authorization/role/identityrole/doc.go new file mode 100644 index 0000000..2702824 --- /dev/null +++ b/authorization/role/identityrole/doc.go @@ -0,0 +1,2 @@ +// Package identityrole provides the service, model and repository APIs for managing identity and role associations. +package identityrole diff --git a/authorization/role/identityrole/repository/doc.go b/authorization/role/identityrole/repository/doc.go new file mode 100644 index 0000000..3d9fa8a --- /dev/null +++ b/authorization/role/identityrole/repository/doc.go @@ -0,0 +1,2 @@ +// Package repository provides the wrappers for 'identity_role' related database interactions. +package repository diff --git a/authorization/role/identity_role.go b/authorization/role/identityrole/repository/identity_role.go similarity index 88% rename from authorization/role/identity_role.go rename to authorization/role/identityrole/repository/identity_role.go index ce3b8e9..ac8c074 100644 --- a/authorization/role/identity_role.go +++ b/authorization/role/identityrole/repository/identity_role.go @@ -1,12 +1,14 @@ -package role +package repository import ( "context" "time" "github.com/fabric8-services/fabric8-auth/account" - "github.com/fabric8-services/fabric8-auth/application/repository" - "github.com/fabric8-services/fabric8-auth/authorization/resource" + applicationRepository "github.com/fabric8-services/fabric8-auth/application/repository" + resource "github.com/fabric8-services/fabric8-auth/authorization/resource/repository" + resourcetype "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/repository" + role "github.com/fabric8-services/fabric8-auth/authorization/role/repository" "github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/gormsupport" "github.com/fabric8-services/fabric8-auth/log" @@ -31,7 +33,7 @@ type IdentityRole struct { Resource resource.Resource // The role that is assigned RoleID uuid.UUID - Role Role + Role role.Role } // TableName overrides the table name settings in Gorm to force a specific table name @@ -57,7 +59,7 @@ func NewIdentityRoleRepository(db *gorm.DB) IdentityRoleRepository { // IdentityRoleRepository represents the storage interface. type IdentityRoleRepository interface { - repository.Exister + applicationRepository.Exister Load(ctx context.Context, ID uuid.UUID) (*IdentityRole, error) Create(ctx context.Context, u *IdentityRole) error Save(ctx context.Context, u *IdentityRole) error @@ -88,7 +90,12 @@ func (m *GormIdentityRoleRepository) Load(ctx context.Context, id uuid.UUID) (*I // CheckExists returns nil if the given ID exists otherwise returns an error func (m *GormIdentityRoleRepository) CheckExists(ctx context.Context, id string) error { defer goa.MeasureSince([]string{"goa", "db", "identity_role", "exists"}, time.Now()) - return repository.CheckExists(ctx, m.db, m.TableName(), id) + var native IdentityRole + err := m.db.Table(m.TableName()).Where("identity_role_id = ?", id).Find(&native).Error + if err == gorm.ErrRecordNotFound { + return errors.NewNotFoundError("identity_role", id) + } + return nil } // Create creates a new record. @@ -162,7 +169,7 @@ func (m *GormIdentityRoleRepository) List(ctx context.Context) ([]IdentityRole, defer goa.MeasureSince([]string{"goa", "db", "identity_role", "list"}, time.Now()) var rows []IdentityRole - err := m.db.Model(&resource.ResourceType{}).Find(&rows).Error + err := m.db.Model(&resourcetype.ResourceType{}).Find(&rows).Error if err != nil && err != gorm.ErrRecordNotFound { return nil, errs.WithStack(err) } diff --git a/authorization/role/identity_role_blackbox_test.go b/authorization/role/identityrole/repository/identity_role_blackbox_test.go similarity index 52% rename from authorization/role/identity_role_blackbox_test.go rename to authorization/role/identityrole/repository/identity_role_blackbox_test.go index f8589d6..f19c70a 100644 --- a/authorization/role/identity_role_blackbox_test.go +++ b/authorization/role/identityrole/repository/identity_role_blackbox_test.go @@ -1,13 +1,17 @@ -package role_test +package repository_test import ( "testing" "github.com/fabric8-services/fabric8-auth/account" - "github.com/fabric8-services/fabric8-auth/authorization/resource" - "github.com/fabric8-services/fabric8-auth/authorization/role" + resource "github.com/fabric8-services/fabric8-auth/authorization/resource/repository" + resourcetype "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/repository" + scope "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/scope/repository" + identityrole "github.com/fabric8-services/fabric8-auth/authorization/role/identityrole/repository" + role "github.com/fabric8-services/fabric8-auth/authorization/role/repository" "github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/gormtestsupport" + testsupport "github.com/fabric8-services/fabric8-auth/test" "github.com/satori/go.uuid" "github.com/stretchr/testify/assert" @@ -17,25 +21,25 @@ import ( type identityRoleBlackBoxTest struct { gormtestsupport.DBTestSuite - repo role.IdentityRoleRepository + repo identityrole.IdentityRoleRepository identityRepo account.IdentityRepository resourceRepo resource.ResourceRepository - resourceTypeRepo resource.ResourceTypeRepository - resourceTypeScopeRepo resource.ResourceTypeScopeRepository + resourceTypeRepo resourcetype.ResourceTypeRepository + resourceTypeScopeRepo scope.ResourceTypeScopeRepository roleRepo role.RoleRepository } func TestRunIdentityRoleBlackBoxTest(t *testing.T) { - suite.Run(t, &roleBlackBoxTest{DBTestSuite: gormtestsupport.NewDBTestSuite()}) + suite.Run(t, &identityRoleBlackBoxTest{DBTestSuite: gormtestsupport.NewDBTestSuite()}) } func (s *identityRoleBlackBoxTest) SetupTest() { s.DBTestSuite.SetupTest() s.DB.LogMode(true) - s.repo = role.NewIdentityRoleRepository(s.DB) + s.repo = identityrole.NewIdentityRoleRepository(s.DB) s.identityRepo = account.NewIdentityRepository(s.DB) - s.resourceTypeRepo = resource.NewResourceTypeRepository(s.DB) - s.resourceTypeScopeRepo = resource.NewResourceTypeScopeRepository(s.DB) + s.resourceTypeRepo = resourcetype.NewResourceTypeRepository(s.DB) + s.resourceTypeScopeRepo = scope.NewResourceTypeScopeRepository(s.DB) s.roleRepo = role.NewRoleRepository(s.DB) } @@ -80,8 +84,9 @@ func (s *identityRoleBlackBoxTest) TestExistsRole() { // Check not existing err := s.repo.CheckExists(s.Ctx, uuid.NewV4().String()) // then - require.IsType(s.T(), errors.NotFoundError{}, err) + require.IsType(t, errors.NotFoundError{}, err) }) + } func (s *identityRoleBlackBoxTest) TestOKToSave() { @@ -96,52 +101,8 @@ func (s *identityRoleBlackBoxTest) TestOKToSave() { //assert.Equal(s.T(), identityRole.Name, updatedIdentityRole.Name) } -func createAndLoadIdentityRole(s *identityRoleBlackBoxTest) *role.IdentityRole { - identity := &account.Identity{ - ID: uuid.NewV4(), - Username: "identity_role_blackbox_test_someuserTestIdentity2", - ProviderType: account.KeycloakIDP} - - err := s.identityRepo.Create(s.Ctx, identity) - require.Nil(s.T(), err, "Could not create identity") - - resourceType, err := s.resourceTypeRepo.Lookup(s.Ctx, "openshift.io/resource/area") - require.Nil(s.T(), err, "Could not lookup resource type") - - res := &resource.Resource{ - ResourceID: uuid.NewV4().String(), - ParentResourceID: nil, - ResourceType: *resourceType, - } - - err = s.resourceRepo.Create(s.Ctx, res) - require.Nil(s.T(), err, "Could not create resource") - - r := &role.Role{ - RoleID: uuid.NewV4(), - ResourceType: *resourceType, - ResourceTypeID: resourceType.ResourceTypeID, - Name: "identity_role_blackbox_test_admin" + uuid.NewV4().String(), - //Scopes: []resource.ResourceTypeScope{*resourceTypeScope}, - } - - err = s.roleRepo.Create(s.Ctx, r) - require.Nil(s.T(), err, "Could not create role") - - identityRole := &role.IdentityRole{ - IdentityRoleID: uuid.NewV4(), - Identity: *identity, - Resource: *res, - Role: *r, - } - - err = s.repo.Create(s.Ctx, identityRole) - require.Nil(s.T(), err, "Could not create identity role") - - createdIdentityRole, err := s.repo.Load(s.Ctx, identityRole.IdentityRoleID) - require.Nil(s.T(), err, "Could not load identity role") - require.Equal(s.T(), identityRole.Identity.Username, createdIdentityRole.Identity.Username) - require.Equal(s.T(), identityRole.Resource.ResourceID, createdIdentityRole.Resource.ResourceID) - - return createdIdentityRole +func createAndLoadIdentityRole(s *identityRoleBlackBoxTest) *identityrole.IdentityRole { + ir, err := testsupport.CreateRandomIdentityRole(s.Ctx, s.DB) + require.NoError(s.T(), err) + return ir } diff --git a/authorization/role/model/doc.go b/authorization/role/model/doc.go new file mode 100644 index 0000000..4d1f662 --- /dev/null +++ b/authorization/role/model/doc.go @@ -0,0 +1,2 @@ +// Package model provides the code which encapsulates complex database interactions for managing role assignments +package model diff --git a/authorization/models/role_management_model_service.go b/authorization/role/model/role_management_model_service.go similarity index 83% rename from authorization/models/role_management_model_service.go rename to authorization/role/model/role_management_model_service.go index fe6bc20..0949ca9 100644 --- a/authorization/models/role_management_model_service.go +++ b/authorization/role/model/role_management_model_service.go @@ -1,11 +1,12 @@ -package models +package model import ( "context" "github.com/fabric8-services/fabric8-auth/account" - "github.com/fabric8-services/fabric8-auth/authorization/repositories" - "github.com/fabric8-services/fabric8-auth/authorization/resource" - "github.com/fabric8-services/fabric8-auth/authorization/role" + "github.com/fabric8-services/fabric8-auth/authorization/repository" + resource "github.com/fabric8-services/fabric8-auth/authorization/resource/repository" + identityrole "github.com/fabric8-services/fabric8-auth/authorization/role/identityrole/repository" + role "github.com/fabric8-services/fabric8-auth/authorization/role/repository" "github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/log" "github.com/goadesign/goa" @@ -16,27 +17,27 @@ import ( // RoleManagementModelService defines the service contract for managing role assignments type RoleManagementModelService interface { - ListByResource(ctx context.Context, resourceID string) ([]role.IdentityRole, error) + ListByResource(ctx context.Context, resourceID string) ([]identityrole.IdentityRole, error) } // NewRoleManagementModelService creates a new service to manage role assignments -func NewRoleManagementModelService(db *gorm.DB, repo repositories.Repositories) *GormRoleManagementModelService { +func NewRoleManagementModelService(db *gorm.DB, repo repository.Repositories) *GormRoleManagementModelService { return &GormRoleManagementModelService{ - db: db, - repositories: repo, + db: db, + repository: repo, } } // GormRoleManagementModelService implements the RoleManagementModelService to manage role assignments type GormRoleManagementModelService struct { - db *gorm.DB - repositories repositories.Repositories + db *gorm.DB + repository repository.Repositories } // ListByResource lists role assignments of a specific resource. -func (r *GormRoleManagementModelService) ListByResource(ctx context.Context, resourceID string) ([]role.IdentityRole, error) { +func (r *GormRoleManagementModelService) ListByResource(ctx context.Context, resourceID string) ([]identityrole.IdentityRole, error) { defer goa.MeasureSince([]string{"goa", "db", "identity_role", "list"}, time.Now()) - var identityRoles []role.IdentityRole + var identityRoles []identityrole.IdentityRole r.db = r.db.Debug() db := r.db.Raw(`WITH RECURSIVE q AS ( @@ -125,7 +126,7 @@ func (r *GormRoleManagementModelService) ListByResource(ctx context.Context, res return identityRoles, errors.NewInternalError(ctx, err) } - ir := role.IdentityRole{ + ir := identityrole.IdentityRole{ IdentityRoleID: identityRoleIDAsUUID, Identity: account.Identity{ ID: identityIDAsUUID, diff --git a/authorization/models/role_management_model_service_backbox_test.go b/authorization/role/model/role_management_model_service_backbox_test.go similarity index 89% rename from authorization/models/role_management_model_service_backbox_test.go rename to authorization/role/model/role_management_model_service_backbox_test.go index f47689c..b1580cf 100644 --- a/authorization/models/role_management_model_service_backbox_test.go +++ b/authorization/role/model/role_management_model_service_backbox_test.go @@ -1,9 +1,9 @@ -package models_test +package model_test import ( "testing" - "github.com/fabric8-services/fabric8-auth/authorization/models" + rolemodel "github.com/fabric8-services/fabric8-auth/authorization/role/model" "github.com/fabric8-services/fabric8-auth/gormtestsupport" testsupport "github.com/fabric8-services/fabric8-auth/test" @@ -14,7 +14,7 @@ import ( type roleManagementModelServiceBlackboxTest struct { gormtestsupport.DBTestSuite - repo models.RoleManagementModelService + repo rolemodel.RoleManagementModelService } func TestRunroleManagementModelServiceBlackboxTest(t *testing.T) { @@ -23,7 +23,7 @@ func TestRunroleManagementModelServiceBlackboxTest(t *testing.T) { func (s *roleManagementModelServiceBlackboxTest) SetupTest() { s.DBTestSuite.SetupTest() - s.repo = models.NewRoleManagementModelService(s.DB, s.Application) + s.repo = rolemodel.NewRoleManagementModelService(s.DB, s.Application) } func (s *roleManagementModelServiceBlackboxTest) TestGetIdentityRoleByResource() { diff --git a/authorization/role/repository/doc.go b/authorization/role/repository/doc.go new file mode 100644 index 0000000..8242bbf --- /dev/null +++ b/authorization/role/repository/doc.go @@ -0,0 +1,2 @@ +// Package repository provides the wrappers for 'role' related database interactions. +package repository diff --git a/authorization/role/role.go b/authorization/role/repository/role.go similarity index 89% rename from authorization/role/role.go rename to authorization/role/repository/role.go index 2fc8d91..bc97a6e 100644 --- a/authorization/role/role.go +++ b/authorization/role/repository/role.go @@ -1,10 +1,11 @@ -package role +package repository import ( "context" "time" - "github.com/fabric8-services/fabric8-auth/authorization/resource" + resourcetype "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/repository" + scope "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/scope/repository" "github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/gormsupport" "github.com/fabric8-services/fabric8-auth/log" @@ -22,7 +23,7 @@ type Role struct { // This is the primary key value RoleID uuid.UUID `sql:"type:uuid default uuid_generate_v4()" gorm:"primary_key" gorm:"column:role_id"` // The resource type that this role applies to - ResourceType resource.ResourceType `gorm:"ForeignKey:ResourceTypeID;AssociationForeignKey:ResourceTypeID"` + ResourceType resourcetype.ResourceType `gorm:"ForeignKey:ResourceTypeID;AssociationForeignKey:ResourceTypeID"` // The foreign key value for ResourceType ResourceTypeID uuid.UUID // The name of this role @@ -30,7 +31,7 @@ type Role struct { } // The scopes associated with this role -//Scopes []resource.ResourceTypeScope `gorm:"many2many:role_scope;AssociationForeignKey:resourceTypeScopeID;ForeignKey:roleID"` +//Scopes []scope.ResourceTypeScope `gorm:"many2many:role_scope;AssociationForeignKey:resourceTypeScopeID;ForeignKey:roleID"` // TableName overrides the table name settings in Gorm to force a specific table name // in the database. @@ -48,8 +49,8 @@ type RoleScope struct { RoleID uuid.UUID `sql:"type:uuid" gorm:"primary_key" gorm:"column:role_ID"` - Scope resource.ResourceTypeScope `gorm:"ForeignKey:ScopeID;AssociationForeignKey:ResourceTypeScopeID"` - ScopeID uuid.UUID `sql:"type:uuid" gorm:"primary_key" gorm:"column:role_ID"` + Scope scope.ResourceTypeScope `gorm:"ForeignKey:ScopeID;AssociationForeignKey:ResourceTypeScopeID"` + ScopeID uuid.UUID `sql:"type:uuid" gorm:"primary_key" gorm:"column:role_ID"` } func (m RoleScope) TableName() string { @@ -81,8 +82,8 @@ type RoleRepository interface { Delete(ctx context.Context, ID uuid.UUID) error Lookup(ctx context.Context, name string, resourceType string) (*Role, error) - ListScopes(ctx context.Context, u *Role) ([]resource.ResourceTypeScope, error) - AddScope(ctx context.Context, u *Role, s *resource.ResourceTypeScope) error + ListScopes(ctx context.Context, u *Role) ([]scope.ResourceTypeScope, error) + AddScope(ctx context.Context, u *Role, s *scope.ResourceTypeScope) error } // TableName overrides the table name settings in Gorm to force a specific table name @@ -235,7 +236,7 @@ func (m *GormRoleRepository) Lookup(ctx context.Context, name string, resourceTy return &native, errs.WithStack(err) } -func (m *GormRoleRepository) ListScopes(ctx context.Context, u *Role) ([]resource.ResourceTypeScope, error) { +func (m *GormRoleRepository) ListScopes(ctx context.Context, u *Role) ([]scope.ResourceTypeScope, error) { defer goa.MeasureSince([]string{"goa", "db", "role", "listscopes"}, time.Now()) var scopes []RoleScope @@ -245,7 +246,7 @@ func (m *GormRoleRepository) ListScopes(ctx context.Context, u *Role) ([]resourc return nil, errs.WithStack(err) } - results := make([]resource.ResourceTypeScope, len(scopes)) + results := make([]scope.ResourceTypeScope, len(scopes)) for index := 0; index < len(scopes); index++ { results[index] = scopes[index].Scope } @@ -253,7 +254,7 @@ func (m *GormRoleRepository) ListScopes(ctx context.Context, u *Role) ([]resourc return results, nil } -func (m *GormRoleRepository) AddScope(ctx context.Context, u *Role, s *resource.ResourceTypeScope) error { +func (m *GormRoleRepository) AddScope(ctx context.Context, u *Role, s *scope.ResourceTypeScope) error { defer goa.MeasureSince([]string{"goa", "db", "role", "addscope"}, time.Now()) roleScope := &RoleScope{ diff --git a/authorization/role/role_blackbox_test.go b/authorization/role/repository/role_blackbox_test.go similarity index 97% rename from authorization/role/role_blackbox_test.go rename to authorization/role/repository/role_blackbox_test.go index d47c302..00733e1 100644 --- a/authorization/role/role_blackbox_test.go +++ b/authorization/role/repository/role_blackbox_test.go @@ -1,9 +1,9 @@ -package role_test +package repository_test import ( "testing" - "github.com/fabric8-services/fabric8-auth/authorization/role" + role "github.com/fabric8-services/fabric8-auth/authorization/role/repository" "github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/gormtestsupport" testsupport "github.com/fabric8-services/fabric8-auth/test" diff --git a/authorization/role/service/doc.go b/authorization/role/service/doc.go new file mode 100644 index 0000000..50b74e7 --- /dev/null +++ b/authorization/role/service/doc.go @@ -0,0 +1,2 @@ +// Package service provides the code which handles the business logic for managing role assignments +package service diff --git a/authorization/role_management_service.go b/authorization/role/service/role_management_service.go similarity index 68% rename from authorization/role_management_service.go rename to authorization/role/service/role_management_service.go index 72b07e9..fdd8fc2 100644 --- a/authorization/role_management_service.go +++ b/authorization/role/service/role_management_service.go @@ -1,34 +1,34 @@ -package authorization +package service import ( "context" "github.com/fabric8-services/fabric8-auth/application" - "github.com/fabric8-services/fabric8-auth/authorization/models" - "github.com/fabric8-services/fabric8-auth/authorization/role" + identityrole "github.com/fabric8-services/fabric8-auth/authorization/role/identityrole/repository" + roleModel "github.com/fabric8-services/fabric8-auth/authorization/role/model" "github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/log" ) // RoleManagementService defines the contract for managing roles assigments to a resource type RoleManagementService interface { - ListByResource(ctx context.Context, resourceID string) ([]role.IdentityRole, error) + ListByResource(ctx context.Context, resourceID string) ([]identityrole.IdentityRole, error) } // RoleManagementServiceImpl implements the RoleManagementService for managing role assignments. type RoleManagementServiceImpl struct { - modelService models.RoleManagementModelService + modelService roleModel.RoleManagementModelService db application.DB } // NewRoleManagementService creates a reference to new RoleManagementService implementation -func NewRoleManagementService(modelService models.RoleManagementModelService, db application.DB) *RoleManagementServiceImpl { +func NewRoleManagementService(modelService roleModel.RoleManagementModelService, db application.DB) *RoleManagementServiceImpl { return &RoleManagementServiceImpl{modelService: modelService, db: db} } // ListByResource lists assignments made for a specific resource -func (r *RoleManagementServiceImpl) ListByResource(ctx context.Context, resourceID string) ([]role.IdentityRole, error) { +func (r *RoleManagementServiceImpl) ListByResource(ctx context.Context, resourceID string) ([]identityrole.IdentityRole, error) { - var roles []role.IdentityRole + var roles []identityrole.IdentityRole var err error err = application.Transactional(r.db, func(appl application.Application) error { err = appl.ResourceRepository().CheckExists(ctx, resourceID) diff --git a/authorization/role_management_service_blackbox_test.go b/authorization/role/service/role_management_service_blackbox_test.go similarity index 91% rename from authorization/role_management_service_blackbox_test.go rename to authorization/role/service/role_management_service_blackbox_test.go index 1bbb9f0..dccc941 100644 --- a/authorization/role_management_service_blackbox_test.go +++ b/authorization/role/service/role_management_service_blackbox_test.go @@ -1,11 +1,11 @@ -package authorization_test +package service_test import ( "testing" - "github.com/fabric8-services/fabric8-auth/authorization" - "github.com/fabric8-services/fabric8-auth/authorization/models" - "github.com/fabric8-services/fabric8-auth/authorization/role" + identityrole "github.com/fabric8-services/fabric8-auth/authorization/role/identityrole/repository" + rolemodel "github.com/fabric8-services/fabric8-auth/authorization/role/model" + roleservice "github.com/fabric8-services/fabric8-auth/authorization/role/service" "github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/gormtestsupport" testsupport "github.com/fabric8-services/fabric8-auth/test" @@ -17,7 +17,7 @@ import ( type roleManagementServiceBlackboxTest struct { gormtestsupport.DBTestSuite - roleManagementService authorization.RoleManagementService + roleManagementService roleservice.RoleManagementService } func TestRunRoleManagementServiceBlackboxTest(t *testing.T) { @@ -26,8 +26,8 @@ func TestRunRoleManagementServiceBlackboxTest(t *testing.T) { func (s *roleManagementServiceBlackboxTest) SetupTest() { s.DBTestSuite.SetupTest() - modelService := models.NewRoleManagementModelService(s.DB, s.Application) - s.roleManagementService = authorization.NewRoleManagementService(modelService, s.Application) + modelService := rolemodel.NewRoleManagementModelService(s.DB, s.Application) + s.roleManagementService = roleservice.NewRoleManagementService(modelService, s.Application) } func (s *roleManagementServiceBlackboxTest) TestGetIdentityRoleByResource() { t := s.T() @@ -70,7 +70,7 @@ func (s *roleManagementServiceBlackboxTest) TestGetMultipleIdentityRoleByResourc roleRef, err := testsupport.CreateTestRole(s.Ctx, s.DB, *areaResourceType, "collab") require.NoError(s.T(), err) - var createdIdentityRoles []role.IdentityRole + var createdIdentityRoles []identityrole.IdentityRole // creating an AssignedRole for a parent resource identityRoleRefUnrelated, err := testsupport.CreateTestIdentityRole(s.Ctx, s.DB, *parentResourceRef, *roleRef) @@ -127,7 +127,7 @@ func (s *roleManagementServiceBlackboxTest) TestGetIdentityRolesOfParentResource roleRef, err := testsupport.CreateTestRole(s.Ctx, s.DB, *areaResourceType, "collab") require.NoError(s.T(), err) - var createdIdentityRoles []role.IdentityRole + var createdIdentityRoles []identityrole.IdentityRole // creating an AssignedRole for a parent resource identityRoleRefUnrelated, err := testsupport.CreateTestIdentityRole(s.Ctx, s.DB, *parentResourceRef, *roleRef) @@ -173,7 +173,7 @@ func (s *roleManagementServiceBlackboxTest) TestGetMultipleIdentityRoleByResourc roleRef, err := testsupport.CreateTestRole(s.Ctx, s.DB, *areaResourceType, "collab") require.NoError(s.T(), err) - var createdIdentityRoles []role.IdentityRole + var createdIdentityRoles []identityrole.IdentityRole // creating an AssignedRole for a different resource - not expected // to show up in search results. @@ -214,7 +214,7 @@ func (s *roleManagementServiceBlackboxTest) TestGetIdentityRoleByResourceNotFoun require.Equal(t, 0, len(identityRoles)) } -func (s *roleManagementServiceBlackboxTest) checkExists(createdRole role.IdentityRole, pool []role.IdentityRole, isInherited bool) bool { +func (s *roleManagementServiceBlackboxTest) checkExists(createdRole identityrole.IdentityRole, pool []identityrole.IdentityRole, isInherited bool) bool { for _, retrievedRole := range pool { if retrievedRole.IdentityRoleID.String() == createdRole.IdentityRoleID.String() { s.compare(createdRole, retrievedRole, isInherited) @@ -224,7 +224,7 @@ func (s *roleManagementServiceBlackboxTest) checkExists(createdRole role.Identit return false } -func (s *roleManagementServiceBlackboxTest) compare(createdRole role.IdentityRole, retrievedRole role.IdentityRole, isInherited bool) bool { +func (s *roleManagementServiceBlackboxTest) compare(createdRole identityrole.IdentityRole, retrievedRole identityrole.IdentityRole, isInherited bool) bool { require.Equal(s.T(), createdRole.IdentityRoleID.String(), retrievedRole.IdentityRoleID.String()) require.Equal(s.T(), createdRole.IdentityID.String(), retrievedRole.Identity.ID.String()) require.Equal(s.T(), createdRole.Role.Name, retrievedRole.Role.Name) diff --git a/authorization/team/doc.go b/authorization/team/doc.go new file mode 100644 index 0000000..374d8f3 --- /dev/null +++ b/authorization/team/doc.go @@ -0,0 +1,2 @@ +// Package team provides APIs for managing teams +package team diff --git a/controller/organization.go b/controller/organization.go index 2d36bdf..5f17c29 100644 --- a/controller/organization.go +++ b/controller/organization.go @@ -5,8 +5,8 @@ import ( "github.com/fabric8-services/fabric8-auth/app" "github.com/fabric8-services/fabric8-auth/application" - "github.com/fabric8-services/fabric8-auth/authorization" - "github.com/fabric8-services/fabric8-auth/authorization/common" + organizationtype "github.com/fabric8-services/fabric8-auth/authorization/organization" + organization "github.com/fabric8-services/fabric8-auth/authorization/organization/service" "github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/jsonapi" "github.com/fabric8-services/fabric8-auth/log" @@ -23,11 +23,11 @@ type OrganizationController struct { *goa.Controller db application.DB TokenManager token.Manager - orgService authorization.OrganizationService + orgService organization.OrganizationService } // NewOrganizationController creates an organization controller. -func NewOrganizationController(service *goa.Service, db application.DB, orgService authorization.OrganizationService) *OrganizationController { +func NewOrganizationController(service *goa.Service, db application.DB, orgService organization.OrganizationService) *OrganizationController { return &OrganizationController{Controller: service.NewController("OrganizationController"), db: db, orgService: orgService} } @@ -90,7 +90,7 @@ func (c *OrganizationController) List(ctx *app.ListOrganizationContext) error { return ctx.OK(&app.OrganizationArray{convertToAppOrganization(orgs)}) } -func convertToAppOrganization(orgs []common.IdentityOrganization) []*app.OrganizationData { +func convertToAppOrganization(orgs []organizationtype.IdentityOrganization) []*app.OrganizationData { results := []*app.OrganizationData{} for _, org := range orgs { diff --git a/controller/organization_blackbox_test.go b/controller/organization_blackbox_test.go index 1869b05..5610b40 100644 --- a/controller/organization_blackbox_test.go +++ b/controller/organization_blackbox_test.go @@ -13,8 +13,8 @@ import ( "github.com/goadesign/goa" - "github.com/fabric8-services/fabric8-auth/authorization" - "github.com/fabric8-services/fabric8-auth/authorization/models" + organizationmodel "github.com/fabric8-services/fabric8-auth/authorization/organization/model" + organizationservice "github.com/fabric8-services/fabric8-auth/authorization/organization/service" "github.com/satori/go.uuid" "github.com/stretchr/testify/require" "github.com/stretchr/testify/suite" @@ -24,13 +24,13 @@ type TestOrganizationREST struct { gormtestsupport.DBTestSuite testIdentity account.Identity service *goa.Service - orgService authorization.OrganizationService + orgService organizationservice.OrganizationService securedController *OrganizationController } func (s *TestOrganizationREST) SetupSuite() { s.DBTestSuite.SetupSuite() - s.orgService = models.NewOrganizationModelService(s.DB, s.Application) + s.orgService = organizationmodel.NewOrganizationModelService(s.DB, s.Application) var err error s.testIdentity, err = testsupport.CreateTestIdentity(s.DB, diff --git a/controller/resource.go b/controller/resource.go index db9b40f..f368dd6 100644 --- a/controller/resource.go +++ b/controller/resource.go @@ -3,7 +3,8 @@ package controller import ( "github.com/fabric8-services/fabric8-auth/app" "github.com/fabric8-services/fabric8-auth/application" - "github.com/fabric8-services/fabric8-auth/authorization/resource" + resource "github.com/fabric8-services/fabric8-auth/authorization/resource/repository" + scope "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/scope/repository" "github.com/fabric8-services/fabric8-auth/errors" "github.com/fabric8-services/fabric8-auth/jsonapi" "github.com/fabric8-services/fabric8-auth/log" @@ -60,7 +61,7 @@ func (c *ResourceController) Read(ctx *app.ReadResourceContext) error { } var res *resource.Resource - var scopes []resource.ResourceTypeScope + var scopes []scope.ResourceTypeScope err := application.Transactional(c.db, func(appl application.Application) error { diff --git a/controller/resource_roles.go b/controller/resource_roles.go index e6f3d1f..63577aa 100644 --- a/controller/resource_roles.go +++ b/controller/resource_roles.go @@ -4,8 +4,8 @@ import ( "context" "github.com/fabric8-services/fabric8-auth/app" "github.com/fabric8-services/fabric8-auth/application" - "github.com/fabric8-services/fabric8-auth/authorization" - "github.com/fabric8-services/fabric8-auth/authorization/role" + identityrole "github.com/fabric8-services/fabric8-auth/authorization/role/identityrole/repository" + roleservice "github.com/fabric8-services/fabric8-auth/authorization/role/service" "github.com/fabric8-services/fabric8-auth/jsonapi" "github.com/fabric8-services/fabric8-auth/log" "github.com/goadesign/goa" @@ -15,11 +15,11 @@ import ( type ResourceRolesController struct { *goa.Controller db application.DB - roleManagementService authorization.RoleManagementService + roleManagementService roleservice.RoleManagementService } // NewResourceRolesController creates a resource_roles controller. -func NewResourceRolesController(service *goa.Service, db application.DB, assignmentService authorization.RoleManagementService) *ResourceRolesController { +func NewResourceRolesController(service *goa.Service, db application.DB, assignmentService roleservice.RoleManagementService) *ResourceRolesController { return &ResourceRolesController{ Controller: service.NewController("ResourceRolesController"), db: db, @@ -30,7 +30,7 @@ func NewResourceRolesController(service *goa.Service, db application.DB, assignm // ListAssigned runs the list action. func (c *ResourceRolesController) ListAssigned(ctx *app.ListAssignedResourceRolesContext) error { - var roles []role.IdentityRole + var roles []identityrole.IdentityRole roles, err := c.roleManagementService.ListByResource(ctx, ctx.ResourceID) if err != nil { @@ -46,14 +46,14 @@ func (c *ResourceRolesController) ListAssigned(ctx *app.ListAssignedResourceRole }) } -func convertIdentityRoleToAppRoles(ctx context.Context, roles []role.IdentityRole) []*app.IdentityRolesData { +func convertIdentityRoleToAppRoles(ctx context.Context, roles []identityrole.IdentityRole) []*app.IdentityRolesData { var rolesList []*app.IdentityRolesData for _, r := range roles { rolesList = append(rolesList, convertIdentityRoleToAppRole(ctx, r)) } return rolesList } -func convertIdentityRoleToAppRole(ctx context.Context, r role.IdentityRole) *app.IdentityRolesData { +func convertIdentityRoleToAppRole(ctx context.Context, r identityrole.IdentityRole) *app.IdentityRolesData { inherited := r.Resource.ParentResourceID != nil rolesData := app.IdentityRolesData{ AssigneeID: r.Identity.ID.String(), diff --git a/controller/resource_roles_blackbox_test.go b/controller/resource_roles_blackbox_test.go index 0f9ad60..c51ea44 100644 --- a/controller/resource_roles_blackbox_test.go +++ b/controller/resource_roles_blackbox_test.go @@ -6,9 +6,10 @@ import ( "github.com/fabric8-services/fabric8-auth/account" "github.com/fabric8-services/fabric8-auth/app/test" - "github.com/fabric8-services/fabric8-auth/authorization" - "github.com/fabric8-services/fabric8-auth/authorization/models" - "github.com/fabric8-services/fabric8-auth/authorization/role" + identityrole "github.com/fabric8-services/fabric8-auth/authorization/role/identityrole/repository" + rolemodel "github.com/fabric8-services/fabric8-auth/authorization/role/model" + roleservice "github.com/fabric8-services/fabric8-auth/authorization/role/service" + . "github.com/fabric8-services/fabric8-auth/controller" "github.com/fabric8-services/fabric8-auth/gormtestsupport" @@ -30,8 +31,8 @@ func (s *TestResourceRolesRest) SetupSuite() { func (rest *TestResourceRolesRest) SecuredControllerWithIdentity(identity account.Identity) (*goa.Service, *ResourceRolesController) { svc := testsupport.ServiceAsUser("Resource-roles-Service", testsupport.TestIdentity) - roleManagementModelService := models.NewRoleManagementModelService(rest.DB, rest.Application) - roleAssignmentService := authorization.NewRoleManagementService(roleManagementModelService, rest.Application) + roleManagementModelService := rolemodel.NewRoleManagementModelService(rest.DB, rest.Application) + roleAssignmentService := roleservice.NewRoleManagementService(roleManagementModelService, rest.Application) return svc, NewResourceRolesController(svc, rest.Application, roleAssignmentService) } @@ -62,7 +63,7 @@ func (rest *TestResourceRolesRest) TestListAssignedRolesOK() { roleRef, err := testsupport.CreateTestRole(rest.Ctx, rest.DB, *areaResourceType, "collab") require.NoError(rest.T(), err) - var createdIdentityRoles []role.IdentityRole + var createdIdentityRoles []identityrole.IdentityRole identityRoleRef, err := testsupport.CreateTestIdentityRole(rest.Ctx, rest.DB, *resourceRef, *roleRef) require.NoError(rest.T(), err) @@ -118,7 +119,7 @@ func (rest *TestResourceRolesRest) TestListAssignedRolesFromInheritedOK() { roleRef, err := testsupport.CreateTestRole(rest.Ctx, rest.DB, *areaResourceType, "collab") require.NoError(rest.T(), err) - var createdIdentityRoles []role.IdentityRole + var createdIdentityRoles []identityrole.IdentityRole identityRoleRef, err := testsupport.CreateTestIdentityRole(rest.Ctx, rest.DB, *resourceRef, *roleRef) require.NoError(rest.T(), err) @@ -137,7 +138,7 @@ func (rest *TestResourceRolesRest) TestListAssignedRolesFromInheritedOK() { require.True(rest.T(), rest.checkExists(*identityRoleRef2, returnedIdentityRoles, true)) } -func (rest *TestResourceRolesRest) checkExists(createdRole role.IdentityRole, pool *app.Identityroles, isInherited bool) bool { +func (rest *TestResourceRolesRest) checkExists(createdRole identityrole.IdentityRole, pool *app.Identityroles, isInherited bool) bool { for _, retrievedRole := range pool.Data { if retrievedRole.AssigneeID == createdRole.IdentityID.String() { rest.compare(createdRole, *retrievedRole, isInherited) @@ -147,7 +148,7 @@ func (rest *TestResourceRolesRest) checkExists(createdRole role.IdentityRole, po return false } -func (rest *TestResourceRolesRest) compare(createdRole role.IdentityRole, retrievedRole app.IdentityRolesData, isInherited bool) bool { +func (rest *TestResourceRolesRest) compare(createdRole identityrole.IdentityRole, retrievedRole app.IdentityRolesData, isInherited bool) bool { require.Equal(rest.T(), createdRole.IdentityID.String(), retrievedRole.AssigneeID) require.Equal(rest.T(), createdRole.Role.Name, retrievedRole.RoleName) require.Equal(rest.T(), "user", retrievedRole.AssigneeType) diff --git a/gormapplication/application.go b/gormapplication/application.go index be03aab..b86ceaf 100644 --- a/gormapplication/application.go +++ b/gormapplication/application.go @@ -7,8 +7,11 @@ import ( "github.com/fabric8-services/fabric8-auth/account" "github.com/fabric8-services/fabric8-auth/application" "github.com/fabric8-services/fabric8-auth/auth" - "github.com/fabric8-services/fabric8-auth/authorization/resource" - "github.com/fabric8-services/fabric8-auth/authorization/role" + resource "github.com/fabric8-services/fabric8-auth/authorization/resource/repository" + resourcetype "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/repository" + scope "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/scope/repository" + identityrole "github.com/fabric8-services/fabric8-auth/authorization/role/identityrole/repository" + role "github.com/fabric8-services/fabric8-auth/authorization/role/repository" "github.com/fabric8-services/fabric8-auth/space" "github.com/fabric8-services/fabric8-auth/token/provider" "github.com/jinzhu/gorm" @@ -94,18 +97,18 @@ func (g *GormBase) ResourceRepository() resource.ResourceRepository { return resource.NewResourceRepository(g.db) } -func (g *GormBase) ResourceTypeRepository() resource.ResourceTypeRepository { - return resource.NewResourceTypeRepository(g.db) +func (g *GormBase) ResourceTypeRepository() resourcetype.ResourceTypeRepository { + return resourcetype.NewResourceTypeRepository(g.db) } -func (g *GormBase) ResourceTypeScopeRepository() resource.ResourceTypeScopeRepository { - return resource.NewResourceTypeScopeRepository(g.db) +func (g *GormBase) ResourceTypeScopeRepository() scope.ResourceTypeScopeRepository { + return scope.NewResourceTypeScopeRepository(g.db) } func (g *GormBase) RoleRepository() role.RoleRepository { return role.NewRoleRepository(g.db) } -func (g *GormBase) IdentityRoleRepository() role.IdentityRoleRepository { - return role.NewIdentityRoleRepository(g.db) +func (g *GormBase) IdentityRoleRepository() identityrole.IdentityRoleRepository { + return identityrole.NewIdentityRoleRepository(g.db) } func (g *GormBase) DB() *gorm.DB { diff --git a/main.go b/main.go index b03f0d3..9db8a00 100644 --- a/main.go +++ b/main.go @@ -29,8 +29,10 @@ import ( "github.com/fabric8-services/fabric8-auth/token/keycloak" "github.com/fabric8-services/fabric8-auth/token/link" - "github.com/fabric8-services/fabric8-auth/authorization" - "github.com/fabric8-services/fabric8-auth/authorization/models" + organizationModel "github.com/fabric8-services/fabric8-auth/authorization/organization/model" + organizationService "github.com/fabric8-services/fabric8-auth/authorization/organization/service" + roleModel "github.com/fabric8-services/fabric8-auth/authorization/role/model" + roleService "github.com/fabric8-services/fabric8-auth/authorization/role/service" "github.com/goadesign/goa" "github.com/goadesign/goa/logging/logrus" "github.com/goadesign/goa/middleware" @@ -183,8 +185,8 @@ func main() { loginCtrl := controller.NewLoginController(service, loginService, tokenManager, config) app.MountLoginController(service, loginCtrl) - roleManagementModelService := models.NewRoleManagementModelService(db, appDB) - roleManagemenetService := authorization.NewRoleManagementService(roleManagementModelService, appDB) + roleManagementModelService := roleModel.NewRoleManagementModelService(db, appDB) + roleManagemenetService := roleService.NewRoleManagementService(roleManagementModelService, appDB) resourceRoleCtrl := controller.NewResourceRolesController(service, appDB, roleManagemenetService) app.MountResourceRolesController(service, resourceRoleCtrl) @@ -253,9 +255,9 @@ func main() { app.MountResourceController(service, resourcesCtrl) // Mount "organizations" controller - organizationModelService := models.NewOrganizationModelService(db, appDB) - organizationService := authorization.NewOrganizationService(organizationModelService, appDB) - organizationCtrl := controller.NewOrganizationController(service, appDB, organizationService) + organizationModelService := organizationModel.NewOrganizationModelService(db, appDB) + organizationServiceRef := organizationService.NewOrganizationService(organizationModelService, appDB) + organizationCtrl := controller.NewOrganizationController(service, appDB, organizationServiceRef) app.MountOrganizationController(service, organizationCtrl) log.Logger().Infoln("Git Commit SHA: ", controller.Commit) diff --git a/migration/migration_blackbox_test.go b/migration/migration_blackbox_test.go index 5c815b2..7b5980f 100644 --- a/migration/migration_blackbox_test.go +++ b/migration/migration_blackbox_test.go @@ -14,7 +14,7 @@ import ( "github.com/fabric8-services/fabric8-auth/migration" "github.com/fabric8-services/fabric8-auth/resource" - "github.com/fabric8-services/fabric8-auth/authorization/common" + "github.com/fabric8-services/fabric8-auth/authorization" "github.com/fabric8-services/fabric8-auth/controller" "github.com/jinzhu/gorm" _ "github.com/lib/pq" @@ -203,7 +203,7 @@ func testMigration21(t *testing.T) { migrateToVersion(sqlDB, migrations[:(22)], (22)) assert.Nil(t, runSQLscript(sqlDB, "021-test-organizations.sql")) - rows, err := sqlDB.Query("SELECT name FROM resource_type WHERE name = $1", common.IdentityResourceTypeOrganization) + rows, err := sqlDB.Query("SELECT name FROM resource_type WHERE name = $1", authorization.IdentityResourceTypeOrganization) if err != nil { t.Fatal(err) } @@ -211,11 +211,11 @@ func testMigration21(t *testing.T) { for rows.Next() { var resourceTypeName string err = rows.Scan(&resourceTypeName) - require.Equal(t, common.IdentityResourceTypeOrganization, resourceTypeName) + require.Equal(t, authorization.IdentityResourceTypeOrganization, resourceTypeName) } rows, err = sqlDB.Query("SELECT r.name FROM role r, resource_type rt WHERE r.resource_type_id = rt.resource_type_id and r.name = $1 and rt.name = $2", - controller.OrganizationOwnerRole, common.IdentityResourceTypeOrganization) + controller.OrganizationOwnerRole, authorization.IdentityResourceTypeOrganization) if err != nil { t.Fatal(err) } diff --git a/test/authorization.go b/test/authorization.go index 8a86483..cb04dc4 100644 --- a/test/authorization.go +++ b/test/authorization.go @@ -3,13 +3,15 @@ package test import ( "context" "github.com/fabric8-services/fabric8-auth/account" - "github.com/fabric8-services/fabric8-auth/authorization/resource" - "github.com/fabric8-services/fabric8-auth/authorization/role" + resource "github.com/fabric8-services/fabric8-auth/authorization/resource/repository" + resourcetype "github.com/fabric8-services/fabric8-auth/authorization/resourcetype/repository" + identityrole "github.com/fabric8-services/fabric8-auth/authorization/role/identityrole/repository" + role "github.com/fabric8-services/fabric8-auth/authorization/role/repository" "github.com/jinzhu/gorm" "github.com/satori/go.uuid" ) -func CreateTestIdentityRole(ctx context.Context, db *gorm.DB, resourceRef resource.Resource, roleRef role.Role) (*role.IdentityRole, error) { +func CreateTestIdentityRole(ctx context.Context, db *gorm.DB, resourceRef resource.Resource, roleRef role.Role) (*identityrole.IdentityRole, error) { assignedIdentity := &account.Identity{ ID: uuid.NewV4(), @@ -23,7 +25,7 @@ func CreateTestIdentityRole(ctx context.Context, db *gorm.DB, resourceRef resour return nil, err } - identityRoleRef := role.IdentityRole{ + identityRoleRef := identityrole.IdentityRole{ IdentityRoleID: uuid.NewV4(), Identity: *assignedIdentity, IdentityID: assignedIdentity.ID, @@ -33,7 +35,7 @@ func CreateTestIdentityRole(ctx context.Context, db *gorm.DB, resourceRef resour RoleID: roleRef.RoleID, } - identityRolesRepository := role.NewIdentityRoleRepository(db) + identityRolesRepository := identityrole.NewIdentityRoleRepository(db) err = identityRolesRepository.Create(ctx, &identityRoleRef) if err != nil { return nil, err @@ -41,7 +43,7 @@ func CreateTestIdentityRole(ctx context.Context, db *gorm.DB, resourceRef resour return &identityRoleRef, err } -func CreateTestRole(ctx context.Context, db *gorm.DB, resourceType resource.ResourceType, name string) (*role.Role, error) { +func CreateTestRole(ctx context.Context, db *gorm.DB, resourceType resourcetype.ResourceType, name string) (*role.Role, error) { roleRef := role.Role{ ResourceType: resourceType, ResourceTypeID: resourceType.ResourceTypeID, @@ -52,7 +54,7 @@ func CreateTestRole(ctx context.Context, db *gorm.DB, resourceType resource.Reso return &roleRef, err } -func CreateTestResource(ctx context.Context, db *gorm.DB, resourceType resource.ResourceType, name string, parentResourceID *string) (*resource.Resource, error) { +func CreateTestResource(ctx context.Context, db *gorm.DB, resourceType resourcetype.ResourceType, name string, parentResourceID *string) (*resource.Resource, error) { resourceRef := resource.Resource{ ResourceType: resourceType, ResourceTypeID: resourceType.ResourceTypeID, @@ -67,7 +69,7 @@ func CreateTestResource(ctx context.Context, db *gorm.DB, resourceType resource. func CreateTestResourceWithDefaultType(ctx context.Context, db *gorm.DB, name string) (*resource.Resource, error) { - resourceTypeRepo := resource.NewResourceTypeRepository(db) + resourceTypeRepo := resourcetype.NewResourceTypeRepository(db) resourceType, err := resourceTypeRepo.Lookup(ctx, "openshift.io/resource/area") if err != nil { @@ -85,7 +87,7 @@ func CreateTestResourceWithDefaultType(ctx context.Context, db *gorm.DB, name st } func CreateTestRoleWithDefaultType(ctx context.Context, db *gorm.DB, name string) (*role.Role, error) { - resourceTypeRepo := resource.NewResourceTypeRepository(db) + resourceTypeRepo := resourcetype.NewResourceTypeRepository(db) resourceType, err := resourceTypeRepo.Lookup(ctx, "openshift.io/resource/area") if err != nil { @@ -101,8 +103,8 @@ func CreateTestRoleWithDefaultType(ctx context.Context, db *gorm.DB, name string return &roleRef, err } -func CreateRandomIdentityRole(ctx context.Context, db *gorm.DB) (*role.IdentityRole, error) { - resourceTypeRepo := resource.NewResourceTypeRepository(db) +func CreateRandomIdentityRole(ctx context.Context, db *gorm.DB) (*identityrole.IdentityRole, error) { + resourceTypeRepo := resourcetype.NewResourceTypeRepository(db) resourceType, err := resourceTypeRepo.Lookup(ctx, "openshift.io/resource/area") if err != nil {