Merge pull request #23 from ConductorOne/goldschmidt/pages-provisioning

Provisioning for page

Author: btipling

.golangci.yml

@@ -31,7 +31,7 @@ linters-settings:
     rules:
       - name: atomic
       - name: line-length-limit
-        arguments: [ 200 ]
+        arguments: [ 300 ]
       # These are functions that we use without checking the errors often. Most of these can't return an error even
       # though they implement an interface that can.
       - name: unhandled-error
@@ -73,7 +73,6 @@ linters:
     - durationcheck # check for two durations multiplied together
     - errorlint # errorlint is a linter for that can be used to find code that will cause problems with the error wrapping scheme introduced in Go 1.13.
     - exhaustive # check exhaustiveness of enum switch statements
-    - exportloopref # checks for pointers to enclosing loop variables
     - forbidigo # Forbids identifiers
     - gochecknoinits # Checks that no init functions are present in Go code
     - goconst # Finds repeated strings that could be replaced by a constant

README.md

@@ -14,7 +14,7 @@ CREATE USER baton WITH PASSWORD 'secure-password';
 ```postgresql
 GRANT SELECT ("id", "name", "organizationId", "universalAccess", "universalResourceAccess", "universalQueryLibraryAccess",
               "userListAccess", "auditLogAccess", "unpublishedReleaseAccess") ON groups TO baton;
-GRANT SELECT, INSERT, UPDATE ("id", "accessLevel") ON group_pages TO baton;
+GRANT SELECT, INSERT, UPDATE ("id", "accessLevel"), DELETE ON group_pages TO baton;
 GRANT SELECT, INSERT, UPDATE ("id", "accessLevel") ON group_folder_defaults TO baton;
 GRANT SELECT, INSERT, UPDATE ("id", "accessLevel") on group_resources TO baton;
 GRANT SELECT, INSERT, UPDATE ("id", "accessLevel") on group_resource_folder_defaults TO baton;

pkg/client/group.go

@@ -102,6 +102,53 @@ func (c *Client) GetGroupPage(ctx context.Context, groupID int64, pageID int64)
 	return &ret, nil
 }
 
+func (c *Client) InsertGroupPage(ctx context.Context, groupID int64, pageID int64, accessLevel string) error {
+	l := ctxzap.Extract(ctx)
+	l.Debug("inserting group page", zap.Int64("group_id", groupID), zap.Int64("page_id", pageID), zap.String("access_level", accessLevel))
+
+	args := []interface{}{groupID, pageID, accessLevel}
+	sb := &strings.Builder{}
+	_, _ = sb.WriteString(`INSERT INTO group_pages ("groupId", "pageId", "accessLevel", "createdAt", "updatedAt") VALUES ($1, $2, $3, NOW(), NOW())`)
+
+	if _, err := c.db.Exec(ctx, sb.String(), args...); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (c *Client) UpdateGroupPage(ctx context.Context, id int64, accessLevel string) error {
+	l := ctxzap.Extract(ctx)
+	l.Debug("updating group page", zap.Int64("id", id), zap.String("access_level", accessLevel))
+
+	args := []interface{}{accessLevel, id}
+	sb := &strings.Builder{}
+	_, _ = sb.WriteString(`UPDATE group_pages SET "accessLevel" = $1 WHERE "id"=$2`)
+
+	_, err := c.db.Exec(ctx, sb.String(), args...)
+
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (c *Client) DeleteGroupPage(ctx context.Context, id int64) error {
+	l := ctxzap.Extract(ctx)
+	l.Debug("deleting group page", zap.Int64("id", id))
+
+	args := []interface{}{id}
+	sb := &strings.Builder{}
+	_, _ = sb.WriteString(`DELETE FROM group_pages WHERE "id"=$1`)
+
+	if _, err := c.db.Exec(ctx, sb.String(), args...); err != nil {
+		return err
+	}
+
+	return nil
+}
+
 func (c *Client) GetGroupFolderDefault(ctx context.Context, groupID int64, folderID int64) (*GroupFolderDefault, error) {
 	l := ctxzap.Extract(ctx)
 	l.Debug("getting group folder default", zap.Int64("group_id", groupID), zap.Int64("folder_id", folderID))
@@ -219,6 +266,38 @@ func (c *Client) GetGroup(ctx context.Context, groupID int64) (*GroupModel, erro
 	return &ret, nil
 }
 
+func (c *Client) GetGroupByName(ctx context.Context, organizationID *int64, name string) (*GroupModel, error) {
+	l := ctxzap.Extract(ctx)
+	l.Debug("getting group by name", zap.Any("organization_id", organizationID), zap.String("name", name))
+
+	args := []interface{}{organizationID, name}
+	sb := &strings.Builder{}
+	_, _ = sb.WriteString(`select "id", "name", "organizationId", "universalAccess", "universalResourceAccess",
+       						  "universalQueryLibraryAccess", "userListAccess", "auditLogAccess", "unpublishedReleaseAccess"
+							  from groups WHERE "organizationId"=$1 AND "name"=$2`)
+
+	var ret GroupModel
+	err := pgxscan.Get(ctx, c.db, &ret, sb.String(), args...)
+	if err != nil {
+		return nil, err
+	}
+
+	return &ret, nil
+}
+
+func (c *Client) CreateGroup(ctx context.Context, organizationID *int64, name string) error {
+	l := ctxzap.Extract(ctx)
+	l.Debug("create group", zap.Any("organization_id", organizationID), zap.String("name", name))
+
+	args := []interface{}{name, organizationID}
+
+	if _, err := c.db.Exec(ctx, `INSERT INTO groups ("name", "organizationId", "createdAt", "updatedAt", "archivedAt", "usageAnalyticsAccess", "themeAccess", "unpublishedReleaseAccess", "accountDetailsAccess") VALUES ($1, $2,NOW(), NOW(), NULL, false, false, false, false)`, args...); err != nil {
+		return err
+	}
+
+	return nil
+}
+
 func (c *Client) ListGroupsForOrg(ctx context.Context, orgID int64, pager *Pager) ([]*GroupModel, string, error) {
 	l := ctxzap.Extract(ctx)
 	l.Debug("listing groups for org", zap.Int64("org_id", orgID))

pkg/connector/connector.go

@@ -53,7 +53,7 @@ func (c *ConnectorImpl) ResourceSyncers(ctx context.Context) []connectorbuilder.
 	}
 
 	if !c.skipPages {
-		syncers = append(syncers, newPageSyncer(ctx, c.client, c.skipDisabledUsers))
+		syncers = append(syncers, newPageSyncer(c.client, c.skipDisabledUsers))
 	}
 
 	if !c.skipResources {

pkg/connector/groups.go

@@ -8,7 +8,9 @@ import (
 	v2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2"
 	"github.com/conductorone/baton-sdk/pkg/annotations"
 	"github.com/conductorone/baton-sdk/pkg/pagination"
-	resources "github.com/conductorone/baton-sdk/pkg/types/resource"
+	ent "github.com/conductorone/baton-sdk/pkg/types/entitlement"
+	"github.com/conductorone/baton-sdk/pkg/types/grant"
+	rs "github.com/conductorone/baton-sdk/pkg/types/resource"
 	"github.com/grpc-ecosystem/go-grpc-middleware/logging/zap/ctxzap"
 	"go.uber.org/zap"
 )
@@ -24,14 +26,6 @@ const (
 	memberEntitlementSlug = "member"
 )
 
-func adminEntitlementId(groupID *v2.ResourceId) string {
-	return fmt.Sprintf("entitlement:%s:admin", groupID.Resource)
-}
-
-func memberEntitlementId(groupID *v2.ResourceId) string {
-	return fmt.Sprintf("entitlement:%s:member", groupID.Resource)
-}
-
 type groupSyncer struct {
 	resourceType      *v2.ResourceType
 	client            *client.Client
@@ -66,61 +60,48 @@ func (s *groupSyncer) List(
 	}
 
 	var ret []*v2.Resource
-	for _, o := range groups {
-		var annos annotations.Annotations
 
+	for _, o := range groups {
 		p := make(map[string]interface{})
 
 		if o.OrganizationID != nil {
 			p["organization_id"] = o.GetOrgID()
 		}
 
-		gt, err := resources.NewGroupTrait(resources.WithGroupProfile(p))
+		options := []rs.ResourceOption{
+			rs.WithGroupTrait(rs.WithGroupProfile(p)),
+			rs.WithParentResourceID(parentResourceID),
+		}
+
+		resource, err := rs.NewResource(o.GetName(), s.resourceType, formatObjectID(resourceTypeGroup.Id, o.ID), options...)
 		if err != nil {
 			return nil, "", nil, err
 		}
 
-		annos.Append(gt)
-
-		ret = append(ret, &v2.Resource{
-			DisplayName: o.GetName(),
-			Id: &v2.ResourceId{
-				ResourceType: s.resourceType.Id,
-				Resource:     formatObjectID(s.resourceType.Id, o.ID),
-			},
-			ParentResourceId: parentResourceID,
-			Annotations:      annos,
-		})
+		ret = append(ret, resource)
 	}
 
 	return ret, nextPageToken, nil, nil
 }
 
 func (s *groupSyncer) Entitlements(ctx context.Context, resource *v2.Resource, pToken *pagination.Token) ([]*v2.Entitlement, string, annotations.Annotations, error) {
-	var ret []*v2.Entitlement
-	var annos annotations.Annotations
-
-	ret = append(ret, &v2.Entitlement{
-		Resource:    resource,
-		Id:          memberEntitlementId(resource.Id),
-		DisplayName: fmt.Sprintf("%s Group Member", resource.DisplayName),
-		Description: fmt.Sprintf("Is member of the %s organization", resource.DisplayName),
-		GrantableTo: []*v2.ResourceType{resourceTypeUser},
-		Annotations: annos,
-		Purpose:     v2.Entitlement_PURPOSE_VALUE_ASSIGNMENT,
-		Slug:        memberEntitlementSlug,
-	})
-
-	ret = append(ret, &v2.Entitlement{
-		Resource:    resource,
-		Id:          adminEntitlementId(resource.Id),
-		DisplayName: fmt.Sprintf("%s Group Admin", resource.DisplayName),
-		Description: fmt.Sprintf("Is admin of the %s group", resource.DisplayName),
-		GrantableTo: []*v2.ResourceType{resourceTypeUser},
-		Annotations: annos,
-		Purpose:     v2.Entitlement_PURPOSE_VALUE_ASSIGNMENT,
-		Slug:        adminEntitlementSlug,
-	})
+	ret := []*v2.Entitlement{
+		ent.NewAssignmentEntitlement(
+			resource,
+			memberEntitlementSlug,
+			ent.WithGrantableTo(resourceTypeUser),
+			ent.WithDisplayName(fmt.Sprintf("%s Group Member", resource.DisplayName)),
+			ent.WithDescription(fmt.Sprintf("Is member of the %s group", resource.DisplayName)),
+		),
+		ent.NewAssignmentEntitlement(
+			resource,
+			adminEntitlementSlug,
+			ent.WithGrantableTo(resourceTypeUser),
+			ent.WithDisplayName(fmt.Sprintf("%s Group Admin", resource.DisplayName)),
+			ent.WithDescription(fmt.Sprintf("Is admin of the %s group", resource.DisplayName)),
+		),
+	}
+
 	return ret, "", nil, nil
 }
 
@@ -142,22 +123,15 @@ func (s *groupSyncer) Grants(ctx context.Context, resource *v2.Resource, pToken
 		if m.IsAdmin {
 			level = "admin"
 		}
-		entitlementID := fmt.Sprintf("entitlement:%s:%s", resource.Id.Resource, level)
-		principalID := formatObjectID(resourceTypeUser.Id, m.GetUserID())
-
-		ret = append(ret, &v2.Grant{
-			Entitlement: &v2.Entitlement{
-				Id:       entitlementID,
-				Resource: resource,
-			},
-			Principal: &v2.Resource{
-				Id: &v2.ResourceId{
-					ResourceType: resourceTypeUser.Id,
-					Resource:     principalID,
-				},
-			},
-			Id: fmt.Sprintf("grant:%s:%s", entitlementID, principalID),
-		})
+
+		principalID, err := rs.NewResourceID(resourceTypeUser, formatObjectID(resourceTypeUser.Id, m.GetUserID()))
+		if err != nil {
+			return nil, "", nil, err
+		}
+
+		newGrant := grant.NewGrant(resource, level, principalID)
+
+		ret = append(ret, newGrant)
 	}
 
 	return ret, nextPageToken, nil, nil

pkg/connector/helpers.go

@@ -3,23 +3,17 @@ package connector
 import (
 	"fmt"
 	"strconv"
-	"strings"
 
 	v2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2"
 	"github.com/conductorone/baton-sdk/pkg/pagination"
 )
 
 func formatObjectID(resourceTypeID string, id int64) string {
-	return fmt.Sprintf("%s:%d", resourceTypeID, id)
+	return fmt.Sprintf("%c%d", resourceTypeID[0], id)
 }
 
 func parseObjectID(id string) (int64, error) {
-	parts := strings.SplitN(id, ":", 2)
-	if len(parts) != 2 {
-		return 0, fmt.Errorf("invalid object ID %s", id)
-	}
-
-	return strconv.ParseInt(parts[1], 10, 64)
+	return strconv.ParseInt(id[1:], 10, 64)
 }
 
 func formatGroupObjectID(id int64) string {