fix unit test for c1z file

Author: MarcusGoldschmidt

pkg/connector/function.go

@@ -150,8 +150,17 @@ func (r *functionSyncer) Grant(ctx context.Context, principal *v2.Resource, enti
 		return nil, nil, err
 	}
 
-	err = dbClient.GrantSequence(ctx, function.Schema, function.Name, principal.DisplayName, privilegeName, isGrant)
-	return nil, nil, err
+	err = dbClient.GrantFunction(ctx, function.Schema, function.Name, principal.DisplayName, privilegeName, isGrant)
+	if err != nil {
+		return nil, nil, err
+	}
+	return []*v2.Grant{
+		{
+			Id:          fmt.Sprintf("%s:%s:%s", entitlement.Id, principal.Id.ResourceType, principal.Id.Resource),
+			Entitlement: entitlement,
+			Principal:   principal,
+		},
+	}, nil, nil
 }
 
 func (r *functionSyncer) Revoke(ctx context.Context, grant *v2.Grant) (annotations.Annotations, error) {
@@ -182,7 +191,7 @@ func (r *functionSyncer) Revoke(ctx context.Context, grant *v2.Grant) (annotatio
 		return nil, err
 	}
 
-	err = dbClient.RevokeSequence(ctx, function.Schema, function.Name, principal.DisplayName, privilegeName, isGrant)
+	err = dbClient.RevokeFunction(ctx, function.Schema, function.Name, principal.DisplayName, privilegeName, isGrant)
 	return nil, err
 }
 

pkg/connector/function_test.go

@@ -0,0 +1,70 @@
+package connector
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/conductorone/baton-sdk/pkg/dotc1z"
+
+	connectorv2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2"
+	"github.com/stretchr/testify/require"
+)
+
+func TestGrantRevokeFunction(t *testing.T) {
+	ctx, syncer, manager, client := newTestConnector(t)
+
+	err := syncer.Sync(ctx)
+	require.NoError(t, err)
+	err = syncer.Close(ctx)
+	require.NoError(t, err)
+
+	c1z, err := manager.LoadC1Z(ctx)
+	require.NoError(t, err)
+	require.NoError(t, err)
+	defer func(c1z *dotc1z.C1File) {
+		err := c1z.Close()
+		require.NoError(t, err)
+	}(c1z)
+
+	dbResource, err := getByDisplayName(ctx, c1z, databaseResourceType, "postgres")
+	require.NoError(t, err)
+	require.NotNil(t, dbResource)
+
+	roleResource, err := getByDisplayName(ctx, c1z, roleResourceType, "test_role")
+	require.NoError(t, err)
+	require.NotNil(t, roleResource)
+
+	functionResource, err := getByDisplayName(ctx, c1z, functionResourceType, "get_test_item_count")
+	require.NoError(t, err)
+	require.NotNil(t, functionResource)
+
+	dbId, rId, err := parseWithDatabaseID(functionResource.Id.Resource)
+	require.NoError(t, err)
+
+	grantResponse, err := client.Grant(ctx, &connectorv2.GrantManagerServiceGrantRequest{
+		Principal: &connectorv2.Resource{
+			Id:          roleResource.Id,
+			DisplayName: roleResource.DisplayName,
+		},
+		Entitlement: &connectorv2.Entitlement{
+			Id: fmt.Sprintf("entitlement:function:db%s:%d:execute", dbId, rId),
+			Resource: &connectorv2.Resource{
+				Id: &connectorv2.ResourceId{
+					ResourceType: functionResourceType.Id,
+					Resource:     fmt.Sprintf("function:db%s:%d", dbId, rId),
+				},
+			},
+		},
+	})
+	require.NoError(t, err)
+	require.NotNil(t, grantResponse)
+	require.Len(t, grantResponse.Grants, 1)
+
+	grant := grantResponse.Grants[0]
+
+	revokeResponse, err := client.Revoke(ctx, &connectorv2.GrantManagerServiceRevokeRequest{
+		Grant: grant,
+	})
+	require.NoError(t, err)
+	require.NotNil(t, revokeResponse)
+}

pkg/connector/helpers.go

@@ -91,7 +91,7 @@ func formatEntitlementID(resource *v2.Resource, privName string, grant bool) str
 // parseEntitlementID parses an entitlement ID and returns the resource type
 // resourceTypeId, resourceId, privilegeName, isGrant flag, and an error if any.
 func parseEntitlementID(id string) (string, string, string, bool, error) {
-	parts := strings.SplitN(id, ":", 5)
+	parts := strings.SplitN(id, ":", 6)
 
 	if len(parts) <= 2 {
 		return "", "", "", false, fmt.Errorf("invalid entitlement ID: %s", id)

pkg/connector/procedure.go

@@ -134,7 +134,16 @@ func (r *procedureSyncer) Grant(ctx context.Context, principal *v2.Resource, ent
 	}
 
 	err = dbClient.GrantProcedure(ctx, procedure.Schema, procedure.Name, principal.DisplayName, privilegeName, isGrant)
-	return nil, nil, err
+	if err != nil {
+		return nil, nil, err
+	}
+	return []*v2.Grant{
+		{
+			Id:          fmt.Sprintf("%s:%s:%s", entitlement.Id, principal.Id.ResourceType, principal.Id.Resource),
+			Entitlement: entitlement,
+			Principal:   principal,
+		},
+	}, nil, nil
 }
 
 func (r *procedureSyncer) Revoke(ctx context.Context, grant *v2.Grant) (annotations.Annotations, error) {

pkg/connector/procedure_test.go

@@ -0,0 +1,70 @@
+package connector
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/conductorone/baton-sdk/pkg/dotc1z"
+
+	connectorv2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2"
+	"github.com/stretchr/testify/require"
+)
+
+func TestGrantRevokeProcedure(t *testing.T) {
+	ctx, syncer, manager, client := newTestConnector(t)
+
+	err := syncer.Sync(ctx)
+	require.NoError(t, err)
+	err = syncer.Close(ctx)
+	require.NoError(t, err)
+
+	c1z, err := manager.LoadC1Z(ctx)
+	require.NoError(t, err)
+	require.NoError(t, err)
+	defer func(c1z *dotc1z.C1File) {
+		err := c1z.Close()
+		require.NoError(t, err)
+	}(c1z)
+
+	dbResource, err := getByDisplayName(ctx, c1z, databaseResourceType, "postgres")
+	require.NoError(t, err)
+	require.NotNil(t, dbResource)
+
+	roleResource, err := getByDisplayName(ctx, c1z, roleResourceType, "test_role")
+	require.NoError(t, err)
+	require.NotNil(t, roleResource)
+
+	procedureResource, err := getByDisplayName(ctx, c1z, procedureResourceType, "add_test_item")
+	require.NoError(t, err)
+	require.NotNil(t, procedureResource)
+
+	dbId, rId, err := parseWithDatabaseID(procedureResource.Id.Resource)
+	require.NoError(t, err)
+
+	grantResponse, err := client.Grant(ctx, &connectorv2.GrantManagerServiceGrantRequest{
+		Principal: &connectorv2.Resource{
+			Id:          roleResource.Id,
+			DisplayName: roleResource.DisplayName,
+		},
+		Entitlement: &connectorv2.Entitlement{
+			Id: fmt.Sprintf("entitlement:procedure:db%s:%d:execute", dbId, rId),
+			Resource: &connectorv2.Resource{
+				Id: &connectorv2.ResourceId{
+					ResourceType: procedureResourceType.Id,
+					Resource:     fmt.Sprintf("procedure:db%s:%d", dbId, rId),
+				},
+			},
+		},
+	})
+	require.NoError(t, err)
+	require.NotNil(t, grantResponse)
+	require.Len(t, grantResponse.Grants, 1)
+
+	grant := grantResponse.Grants[0]
+
+	revokeResponse, err := client.Revoke(ctx, &connectorv2.GrantManagerServiceRevokeRequest{
+		Grant: grant,
+	})
+	require.NoError(t, err)
+	require.NotNil(t, revokeResponse)
+}

pkg/connector/sequence.go

@@ -155,7 +155,17 @@ func (r *sequenceSyncer) Grant(ctx context.Context, principal *v2.Resource, enti
 	}
 
 	err = dbClient.GrantSequence(ctx, sequence.Schema, sequence.Name, principal.DisplayName, privilegeName, isGrant)
-	return nil, nil, err
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return []*v2.Grant{
+		{
+			Id:          fmt.Sprintf("%s:%s:%s", entitlement.Id, principal.Id.ResourceType, principal.Id.Resource),
+			Entitlement: entitlement,
+			Principal:   principal,
+		},
+	}, nil, nil
 }
 
 func (r *sequenceSyncer) Revoke(ctx context.Context, grant *v2.Grant) (annotations.Annotations, error) {

pkg/connector/sequence_test.go

@@ -0,0 +1,70 @@
+package connector
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/conductorone/baton-sdk/pkg/dotc1z"
+
+	connectorv2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2"
+	"github.com/stretchr/testify/require"
+)
+
+func TestGrantRevokeSequence(t *testing.T) {
+	ctx, syncer, manager, client := newTestConnector(t)
+
+	err := syncer.Sync(ctx)
+	require.NoError(t, err)
+	err = syncer.Close(ctx)
+	require.NoError(t, err)
+
+	c1z, err := manager.LoadC1Z(ctx)
+	require.NoError(t, err)
+	require.NoError(t, err)
+	defer func(c1z *dotc1z.C1File) {
+		err := c1z.Close()
+		require.NoError(t, err)
+	}(c1z)
+
+	dbResource, err := getByDisplayName(ctx, c1z, databaseResourceType, "postgres")
+	require.NoError(t, err)
+	require.NotNil(t, dbResource)
+
+	roleResource, err := getByDisplayName(ctx, c1z, roleResourceType, "test_role")
+	require.NoError(t, err)
+	require.NotNil(t, roleResource)
+
+	sequenceResource, err := getByDisplayName(ctx, c1z, sequenceResourceType, "test_table_seq")
+	require.NoError(t, err)
+	require.NotNil(t, sequenceResource)
+
+	dbId, rId, err := parseWithDatabaseID(sequenceResource.Id.Resource)
+	require.NoError(t, err)
+
+	grantResponse, err := client.Grant(ctx, &connectorv2.GrantManagerServiceGrantRequest{
+		Principal: &connectorv2.Resource{
+			Id:          roleResource.Id,
+			DisplayName: roleResource.DisplayName,
+		},
+		Entitlement: &connectorv2.Entitlement{
+			Id: fmt.Sprintf("entitlement:sequence:db%s:%d:select", dbId, rId),
+			Resource: &connectorv2.Resource{
+				Id: &connectorv2.ResourceId{
+					ResourceType: sequenceResourceType.Id,
+					Resource:     fmt.Sprintf("sequence:db%s:%d", dbId, rId),
+				},
+			},
+		},
+	})
+	require.NoError(t, err)
+	require.NotNil(t, grantResponse)
+	require.Len(t, grantResponse.Grants, 1)
+
+	grant := grantResponse.Grants[0]
+
+	revokeResponse, err := client.Revoke(ctx, &connectorv2.GrantManagerServiceRevokeRequest{
+		Grant: grant,
+	})
+	require.NoError(t, err)
+	require.NotNil(t, revokeResponse)
+}

pkg/connector/table.go

@@ -165,7 +165,17 @@ func (r *tableSyncer) Grant(ctx context.Context, principal *v2.Resource, entitle
 	}
 
 	err = dbClient.GrantTable(ctx, table.Schema, table.Name, principal.DisplayName, privilegeName, isGrant)
-	return nil, nil, err
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return []*v2.Grant{
+		{
+			Id:          fmt.Sprintf("%s:%s:%s", entitlement.Id, principal.Id.ResourceType, principal.Id.Resource),
+			Entitlement: entitlement,
+			Principal:   principal,
+		},
+	}, nil, nil
 }
 
 func (r *tableSyncer) Revoke(ctx context.Context, grant *v2.Grant) (annotations.Annotations, error) {

pkg/connector/table_test.go

@@ -0,0 +1,70 @@
+package connector
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/conductorone/baton-sdk/pkg/dotc1z"
+
+	connectorv2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2"
+	"github.com/stretchr/testify/require"
+)
+
+func TestGrantRevokeTable(t *testing.T) {
+	ctx, syncer, manager, client := newTestConnector(t)
+
+	err := syncer.Sync(ctx)
+	require.NoError(t, err)
+	err = syncer.Close(ctx)
+	require.NoError(t, err)
+
+	c1z, err := manager.LoadC1Z(ctx)
+	require.NoError(t, err)
+	require.NoError(t, err)
+	defer func(c1z *dotc1z.C1File) {
+		err := c1z.Close()
+		require.NoError(t, err)
+	}(c1z)
+
+	dbResource, err := getByDisplayName(ctx, c1z, databaseResourceType, "postgres")
+	require.NoError(t, err)
+	require.NotNil(t, dbResource)
+
+	roleResource, err := getByDisplayName(ctx, c1z, roleResourceType, "test_role")
+	require.NoError(t, err)
+	require.NotNil(t, roleResource)
+
+	tableResource, err := getByDisplayName(ctx, c1z, tableResourceType, "test_table")
+	require.NoError(t, err)
+	require.NotNil(t, tableResource)
+
+	dbId, rId, err := parseWithDatabaseID(tableResource.Id.Resource)
+	require.NoError(t, err)
+
+	grantResponse, err := client.Grant(ctx, &connectorv2.GrantManagerServiceGrantRequest{
+		Principal: &connectorv2.Resource{
+			Id:          roleResource.Id,
+			DisplayName: roleResource.DisplayName,
+		},
+		Entitlement: &connectorv2.Entitlement{
+			Id: fmt.Sprintf("entitlement:table:db%s:%d:select", dbId, rId),
+			Resource: &connectorv2.Resource{
+				Id: &connectorv2.ResourceId{
+					ResourceType: tableResourceType.Id,
+					Resource:     fmt.Sprintf("table:db%s:%d", dbId, rId),
+				},
+			},
+		},
+	})
+	require.NoError(t, err)
+	require.NotNil(t, grantResponse)
+	require.Len(t, grantResponse.Grants, 1)
+
+	grant := grantResponse.Grants[0]
+
+	revokeResponse, err := client.Revoke(ctx, &connectorv2.GrantManagerServiceRevokeRequest{
+		Grant: grant,
+	})
+	require.NoError(t, err)
+	require.NotNil(t, revokeResponse)
+}

pkg/connector/view.go

@@ -165,7 +165,7 @@ func (r *viewSyncer) Grant(ctx context.Context, principal *v2.Resource, entitlem
 			Entitlement: entitlement,
 			Principal:   principal,
 		},
-	}, nil, err
+	}, nil, nil
 }
 
 func (r *viewSyncer) Revoke(ctx context.Context, grant *v2.Grant) (annotations.Annotations, error) {