Merge pull request #30 from ConductorOne/pq/user_profile_more

Expand on User Profile

Author: ggreer

pkg/connector/users.go

@@ -21,34 +21,72 @@ func (o *userBuilder) ResourceType(ctx context.Context) *v2.ResourceType {
 
 func userResource(ctx context.Context, user *snowflake.User) (*v2.Resource, error) {
 	profile := map[string]interface{}{
-		"email":      user.Email,
-		"login":      user.Email,
-		"first_name": user.FirstName,
-		"last_name":  user.LastName,
+		"email":        user.Email,
+		"login":        user.Login,
+		"display_name": user.DisplayName,
+		"first_name":   user.FirstName,
+		"last_name":    user.LastName,
+		"comment":      user.Comment,
 	}
 
 	userTraits := []rs.UserTraitOption{
 		rs.WithUserProfile(profile),
-		rs.WithUserLogin(user.Email),
-		rs.WithStatus(getUserStatus(user)),
+		rs.WithUserLogin(user.Login),
+		rs.WithMFAStatus(&v2.UserTrait_MFAStatus{MfaEnabled: user.HasMfa}),
+		rs.WithAccountType(getUserAccountType(user)),
+		rs.WithDetailedStatus(getUserStatus(user), getUserDetailedStatus(user)),
 	}
 
-	resource, err := rs.NewUserResource(user.Email, userResourceType, user.Username, userTraits)
+	if user.Email != "" {
+		userTraits = append(userTraits, rs.WithEmail(user.Email, true))
+	}
+
+	if !user.LastSuccessLogin.IsZero() {
+		userTraits = append(userTraits, rs.WithLastLogin(user.LastSuccessLogin))
+	}
+
+	displayName := user.DisplayName
+	if displayName == "" {
+		displayName = user.FirstName + " " + user.LastName
+		if displayName == " " {
+			displayName = user.Login
+		}
+	}
+	resource, err := rs.NewUserResource(displayName, userResourceType, user.Username, userTraits)
 	if err != nil {
 		return nil, err
 	}
 
 	return resource, nil
 }
 
+func getUserAccountType(user *snowflake.User) v2.UserTrait_AccountType {
+	// https://docs.snowflake.com/en/sql-reference/sql/create-user#label-user-type-property
+	//	TYPE = PERSON | SERVICE | LEGACY_SERVICE | NULL
+	if user.Type == "LEGACY_SERVICE" || user.Type == "SERVICE" {
+		return v2.UserTrait_ACCOUNT_TYPE_SERVICE
+	}
+	return v2.UserTrait_ACCOUNT_TYPE_HUMAN
+}
+
 func getUserStatus(user *snowflake.User) v2.UserTrait_Status_Status {
-	if user.Disabled {
+	if user.Disabled || user.Locked {
 		return v2.UserTrait_Status_STATUS_DISABLED
 	}
 
 	return v2.UserTrait_Status_STATUS_ENABLED
 }
 
+func getUserDetailedStatus(user *snowflake.User) string {
+	if user.Disabled {
+		return "disabled"
+	}
+	if user.Locked {
+		return "locked"
+	}
+	return ""
+}
+
 // List returns all the users from the database as resource objects.
 // Users include a UserTrait because they are the 'shape' of a standard user.
 func (o *userBuilder) List(ctx context.Context, parentResourceID *v2.ResourceId, pToken *pagination.Token) ([]*v2.Resource, string, annotations.Annotations, error) {

pkg/snowflake/client.go

@@ -6,15 +6,21 @@ import (
 	"net/http"
 	"net/url"
 	"reflect"
+	"strconv"
 	"strings"
+	"time"
 
 	"github.com/conductorone/baton-sdk/pkg/uhttp"
 )
 
 const (
 	AuthTypeHeaderKey   = "X-Snowflake-Authorization-Token-Type"
 	AuthTypeHeaderValue = "KEYPAIR_JWT"
-	RowTypeString       = "text"
+)
+
+const (
+	rowTypeString       = "text"
+	rowTypeTimestampLtz = "timestamp_ltz"
 )
 
 type (
@@ -67,14 +73,31 @@ func (m *ResultSetMetadata) FindRowTypeByName(name string) (bool, int, *RowType)
 	return false, -1, nil
 }
 
+func (m *ResultSetMetadata) GetTimeValueFromRow(row []string, key string) (time.Time, error) {
+	found, i, rowType := m.FindRowTypeByName(key)
+	if !found {
+		return time.Time{}, fmt.Errorf("row type %s not found", key)
+	}
+
+	if rowType.Type != rowTypeTimestampLtz {
+		return time.Time{}, fmt.Errorf("column %s is not a timestamp ltz (row type is '%s')", key, rowType.Type)
+	}
+
+	if row[i] == "" {
+		return time.Time{}, nil
+	}
+
+	return parseTime(row[i])
+}
+
 func (m *ResultSetMetadata) GetStringValueFromRow(row []string, key string) (string, error) {
 	found, i, rowType := m.FindRowTypeByName(key)
 	if !found {
 		return "", fmt.Errorf("row type %s not found", key)
 	}
 
-	if rowType.Type != RowTypeString {
-		return "", fmt.Errorf("column %s is not a string", key)
+	if rowType.Type != rowTypeString {
+		return "", fmt.Errorf("column %s is not a string (row type is '%s')", key, rowType.Type)
 	}
 
 	return row[i], nil
@@ -86,11 +109,16 @@ func (m *ResultSetMetadata) GetBoolValueFromRow(row []string, key string) (bool,
 		return false, fmt.Errorf("row type %s not found", key)
 	}
 
-	if rowType.Type != RowTypeString {
+	if rowType.Type != rowTypeString {
 		return false, fmt.Errorf("column %s is not a string", key)
 	}
 
-	return row[i] == "true", nil
+	// "NULL"-ish case
+	if row[i] == "" {
+		return false, nil
+	}
+
+	return strconv.ParseBool(row[i])
 }
 
 func (m *ResultSetMetadata) ParseRow(s Parsable, row []string) error {
@@ -119,6 +147,18 @@ func (m *ResultSetMetadata) ParseRow(s Parsable, row []string) error {
 			}
 
 			reflected.Field(i).SetBool(value)
+		case reflect.Struct:
+			// Check if the field type is time.Time
+			if field.Type == reflect.TypeOf(time.Time{}) {
+				value, err := m.GetTimeValueFromRow(row, columnName)
+				if err != nil {
+					return err
+				}
+				reflected.Field(i).Set(reflect.ValueOf(value))
+			} else {
+				return fmt.Errorf("unsupported struct type %s", field.Type)
+			}
+
 		default:
 			return fmt.Errorf("unsupported type %s", field.Type.Kind())
 		}

pkg/snowflake/time.go

@@ -0,0 +1,33 @@
+package snowflake
+
+import (
+	"fmt"
+	"strconv"
+	"time"
+)
+
+/**
+TIME, TIMESTAMP_LTZ, TIMESTAMP_NTZ
+
+    Float value (with 9 decimal places) of the number of seconds since the epoch (e.g. 82919.000000000).
+TIMESTAMP_TZ
+
+    Float value (with 9 decimal places) of the number of seconds since the epoch, followed by a space and the time zone offset in minutes (e.g. 1616173619000000000 960)
+
+*/
+
+func parseTime(input string) (time.Time, error) {
+	// Step 1: Parse the string into a float64
+	floatValue, err := strconv.ParseFloat(input, 64)
+	if err != nil {
+		return time.Time{}, fmt.Errorf("failed to parse float value: %w", err)
+	}
+
+	// Step 2: Separate the integer and fractional parts
+	seconds := int64(floatValue)
+	nanoseconds := int64((floatValue - float64(seconds)) * 1e9)
+
+	// Step 3: Use time.Unix to create a time.Time value
+	timestamp := time.Unix(seconds, nanoseconds).UTC() // Use UTC for NTZ
+	return timestamp, nil
+}

pkg/snowflake/user.go

@@ -6,21 +6,28 @@ import (
 	"net/http"
 	"reflect"
 	"strings"
+	"time"
 
 	"github.com/conductorone/baton-sdk/pkg/uhttp"
 )
 
 var (
 	userStructFieldToColumnMap = map[string]string{
-		"Username":        "name",
-		"FirstName":       "first_name",
-		"LastName":        "last_name",
-		"Email":           "email",
-		"Disabled":        "disabled",
-		"Locked":          "snowflake_lock",
-		"DefaultRole":     "default_role",
-		"HasRSAPublicKey": "has_rsa_public_key",
-		"HasPassword":     "has_password",
+		"Username":         "name",
+		"Login":            "login_name",
+		"DisplayName":      "display_name",
+		"FirstName":        "first_name",
+		"LastName":         "last_name",
+		"Email":            "email",
+		"Disabled":         "disabled",
+		"Locked":           "snowflake_lock",
+		"DefaultRole":      "default_role",
+		"HasRSAPublicKey":  "has_rsa_public_key",
+		"HasPassword":      "has_password",
+		"LastSuccessLogin": "last_success_login",
+		"Type":             "type",
+		"HasMfa":           "has_mfa",
+		"Comment":          "comment",
 	}
 	// Sadly snowflake is inconsistent and returns different set of columns for DESC USER.
 	ignoredUserStructFieldsForDescribeOperation = []string{
@@ -31,15 +38,21 @@ var (
 
 type (
 	User struct {
-		Username        string
-		FirstName       string
-		LastName        string
-		Email           string
-		Disabled        bool
-		Locked          bool
-		DefaultRole     string
-		HasRSAPublicKey bool
-		HasPassword     bool
+		Username         string
+		Login            string
+		DisplayName      string
+		FirstName        string
+		LastName         string
+		Email            string
+		Disabled         bool
+		Locked           bool
+		DefaultRole      string
+		HasRSAPublicKey  bool
+		HasPassword      bool
+		LastSuccessLogin time.Time
+		Type             string
+		HasMfa           bool
+		Comment          string
 	}
 	ListUsersRawResponse struct {
 		StatementsApiResponseBase