Skip to content

Commit a3ef244

Browse files
johnallersjohnallers
committed
set parent resource for roles
1 parent 7ded912 commit a3ef244

File tree

1 file changed

+53
-6
lines changed

1 file changed

+53
-6
lines changed

pkg/connector/role.go

Lines changed: 53 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -39,10 +39,21 @@ func (o *roleBuilder) ResourceType(ctx context.Context) *v2.ResourceType {
3939
}
4040

4141
// List returns all the Workato base roles and custom roles.
42-
func (o *roleBuilder) List(ctx context.Context, _ *v2.ResourceId, attr rs.SyncOpAttrs) ([]*v2.Resource, *rs.SyncOpResults, error) {
42+
func (o *roleBuilder) List(ctx context.Context, parentResourceID *v2.ResourceId, attr rs.SyncOpAttrs) ([]*v2.Resource, *rs.SyncOpResults, error) {
4343
l := ctxzap.Extract(ctx)
4444
l.Debug("Listing roles")
4545

46+
if parentResourceID != nil {
47+
// For backward compatibility, only generate roles per parent environment if all environments are synced in case the sync environment capability is off.
48+
if o.env != workato.All {
49+
return nil, nil, nil
50+
}
51+
52+
if parentResourceID.ResourceType != environmentResourceType.Id {
53+
return nil, nil, fmt.Errorf("invalid parent resource type: %s", parentResourceID.ResourceType)
54+
}
55+
}
56+
4657
rv := make([]*v2.Resource, 0)
4758

4859
var nextToken string
@@ -62,7 +73,7 @@ func (o *roleBuilder) List(ctx context.Context, _ *v2.ResourceId, attr rs.SyncOp
6273
}
6374

6475
for _, role := range roles {
65-
us, err := roleResource(&role)
76+
us, err := roleResource(&role, parentResourceID)
6677
if err != nil {
6778
return nil, nil, err
6879
}
@@ -72,7 +83,7 @@ func (o *roleBuilder) List(ctx context.Context, _ *v2.ResourceId, attr rs.SyncOp
7283

7384
// Add base roles
7485
for _, role := range workato.BaseRoles {
75-
us, err := workatoBaseRoleResource(&role)
86+
us, err := workatoBaseRoleResource(&role, parentResourceID)
7687
if err != nil {
7788
return nil, nil, err
7889
}
@@ -198,9 +209,27 @@ func (o *roleBuilder) Grant(ctx context.Context, resource *v2.Resource, entitlem
198209

199210
roles := toSimpleRole(collaborator)
200211

212+
roleTrait, err := rs.GetRoleTrait(entitlement.Resource)
213+
if err != nil {
214+
return nil, nil, err
215+
}
216+
profile := roleTrait.GetProfile()
217+
if profile == nil {
218+
return nil, nil, fmt.Errorf("role profile not found")
219+
}
220+
// For backward compatibility, fallback to use configured environment if the profile value does not exist.
221+
environmentType := o.env.String()
222+
environmentVal, ok := profile.AsMap()["environment"]
223+
if ok {
224+
environmentType, ok = environmentVal.(string)
225+
if !ok {
226+
return nil, nil, fmt.Errorf("environment value is not a string")
227+
}
228+
}
229+
201230
newRole := client.SimpleRole{
202231
RoleName: roleName,
203-
EnvironmentType: o.env.String(),
232+
EnvironmentType: environmentType,
204233
}
205234

206235
index := slices.IndexFunc(roles, func(other client.SimpleRole) bool {
@@ -262,24 +291,33 @@ func newRoleBuilder(client *client.WorkatoClient, env workato.Environment, disab
262291
}
263292
}
264293

265-
func roleResource(role *client.Role) (*v2.Resource, error) {
294+
func roleResource(role *client.Role, parentResourceId *v2.ResourceId) (*v2.Resource, error) {
266295
profile := map[string]interface{}{
267296
"id": role.Id,
268297
"name": role.Name,
269298
"create_at": role.CreatedAt.String(),
270299
"inheritable": role.Inheritable,
271300
"updated_at": role.UpdatedAt.String(),
272301
}
302+
if parentResourceId != nil {
303+
profile["environment"] = parentResourceId.Resource
304+
}
273305

274306
traits := []rs.RoleTraitOption{
275307
rs.WithRoleProfile(profile),
276308
}
277309

310+
opts := []rs.ResourceOption{}
311+
if parentResourceId != nil {
312+
opts = append(opts, rs.WithParentResourceID(parentResourceId))
313+
}
314+
278315
ret, err := rs.NewRoleResource(
279316
role.Name,
280317
roleResourceType,
281318
role.Id,
282319
traits,
320+
opts...,
283321
)
284322
if err != nil {
285323
return nil, err
@@ -288,21 +326,30 @@ func roleResource(role *client.Role) (*v2.Resource, error) {
288326
return ret, nil
289327
}
290328

291-
func workatoBaseRoleResource(role *workato.Role) (*v2.Resource, error) {
329+
func workatoBaseRoleResource(role *workato.Role, parentResourceId *v2.ResourceId) (*v2.Resource, error) {
292330
profile := map[string]interface{}{
293331
"id": role.RoleName,
294332
"name": role.RoleName,
295333
}
334+
if parentResourceId != nil {
335+
profile["environment"] = parentResourceId.Resource
336+
}
296337

297338
traits := []rs.RoleTraitOption{
298339
rs.WithRoleProfile(profile),
299340
}
300341

342+
opts := []rs.ResourceOption{}
343+
if parentResourceId != nil {
344+
opts = append(opts, rs.WithParentResourceID(parentResourceId))
345+
}
346+
301347
ret, err := rs.NewRoleResource(
302348
role.RoleName,
303349
roleResourceType,
304350
role.RoleName,
305351
traits,
352+
opts...,
306353
)
307354
if err != nil {
308355
return nil, err

0 commit comments

Comments
 (0)