feat: added policy title and creator (#394)

- user email can be fetched from frontier jwt using
email claim with the use of custom email header to identify
the user

Signed-off-by: Kush Sharma <[email protected]>

Author: kushsharma

.github/workflows/main.yml

@@ -15,7 +15,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v4
         with:
-          go-version: "1.20"
+          go-version: "1.21"
       - name: Login to DockerHub
         uses: docker/login-action@v1
         with:

.github/workflows/release.yaml

@@ -16,7 +16,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
-          go-version: "1.20"
+          go-version: "1.21"
       - name: Login to DockerHub
         uses: docker/login-action@v1
         with:

.github/workflows/test.yaml

@@ -9,7 +9,7 @@ jobs:
     steps:
       - uses: actions/setup-go@v2
         with:
-          go-version: "1.20"
+          go-version: "1.21"
       - uses: actions/checkout@v2
         with:
           fetch-depth: 0
@@ -20,7 +20,7 @@ jobs:
   test:
     strategy:
       matrix:
-        go-version: [1.20.x]
+        go-version: [1.21.x]
         os: [ubuntu-latest]
     runs-on: ${{ matrix.os }}
     steps:

Dockerfile

@@ -1,4 +1,4 @@
-FROM alpine:3.13
+FROM alpine:3.18
 
 RUN apk add curl
 RUN apk add openssl

Dockerfile.dev

@@ -1,4 +1,4 @@
-FROM golang:1.20-alpine3.17 as builder
+FROM golang:1.21-alpine3.18 as builder
 
 RUN apk add make
 
@@ -11,7 +11,7 @@ COPY . .
 
 RUN make build
 
-FROM alpine:3.17
+FROM alpine:3.18
 COPY --from=builder /go/src/app/dist/guardian /usr/bin/guardian
 RUN apk update
 RUN apk add ca-certificates

Makefile

@@ -3,7 +3,7 @@ COMMIT := $(shell git rev-parse --short HEAD)
 TAG := "$(shell git rev-list --tags --max-count=1)"
 VERSION := "$(shell git describe --tags ${TAG})-next"
 BUILD_DIR=dist
-PROTON_COMMIT := "17305c2660e06ff9c82c1b6130799a703e4e543b"
+PROTON_COMMIT := "0568961fb6571a7a9889d5f16eb896e371e39b8e"
 
 .PHONY: all build clean test tidy vet proto setup format generate
 
@@ -75,7 +75,7 @@ proto: ## Generate the protobuf files
 setup: ## Install all the dependencies
 	@echo "Installing dependencies..."
 	go mod tidy
-	go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.27.1
+	go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.31.0
 	go install github.com/golang/protobuf/[email protected]
 	go install github.com/golang/protobuf/[email protected]
 	go install google.golang.org/[email protected]

api/handler/v1beta1/adapter.go

@@ -221,12 +221,17 @@ func (a *adapter) ToRole(role *domain.Role) (*guardianv1beta1.Role, error) {
 	return roleProto, nil
 }
 
-func (a *adapter) FromPolicyProto(p *guardianv1beta1.Policy) *domain.Policy {
+func (a *adapter) FromPolicyProto(p *guardianv1beta1.Policy, createdBy string) *domain.Policy {
 	policy := &domain.Policy{
 		ID:          p.GetId(),
+		Title:       p.GetTitle(),
 		Version:     uint(p.GetVersion()),
 		Description: p.GetDescription(),
 		Labels:      p.GetLabels(),
+		CreatedBy:   p.GetCreatedBy(),
+	}
+	if createdBy != "" {
+		policy.CreatedBy = createdBy
 	}
 
 	if p.GetSteps() != nil {
@@ -352,8 +357,10 @@ func (a *adapter) ToPolicyProto(p *domain.Policy) (*guardianv1beta1.Policy, erro
 	policyProto := &guardianv1beta1.Policy{
 		Id:          p.ID,
 		Version:     uint32(p.Version),
+		Title:       p.Title,
 		Description: p.Description,
 		Labels:      p.Labels,
+		CreatedBy:   p.CreatedBy,
 	}
 
 	if p.Steps != nil {

api/handler/v1beta1/appeal_test.go

@@ -23,7 +23,7 @@ func (s *GrpcHandlersSuite) TestListUserAppeals() {
 		s.setup()
 		timeNow := time.Now()
 
-		expectedUser := "test-user"
+		expectedUser := "test@example.com"
 		expectedFilters := &domain.ListAppealsFilter{
 			CreatedBy:     expectedUser,
 			Statuses:      []string{"active", "pending"},
@@ -137,8 +137,7 @@ func (s *GrpcHandlersSuite) TestListUserAppeals() {
 			AccountTypes:  []string{"test-account-type"},
 			Q:             "test",
 		}
-		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, expectedUser)
-		res, err := s.grpcServer.ListUserAppeals(ctx, req)
+		res, err := s.grpcServer.ListUserAppeals(s.ctx, req)
 
 		s.NoError(err)
 		s.Equal(expectedResponse, res)
@@ -169,8 +168,7 @@ func (s *GrpcHandlersSuite) TestListUserAppeals() {
 			Return(int64(0), nil).Once()
 
 		req := &guardianv1beta1.ListUserAppealsRequest{}
-		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, "test-user")
-		res, err := s.grpcServer.ListUserAppeals(ctx, req)
+		res, err := s.grpcServer.ListUserAppeals(s.ctx, req)
 
 		fmt.Println(status.Code(err))
 		s.Equal(codes.Internal, status.Code(err))
@@ -194,8 +192,7 @@ func (s *GrpcHandlersSuite) TestListUserAppeals() {
 			Return(int64(1), nil).Once()
 
 		req := &guardianv1beta1.ListUserAppealsRequest{}
-		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, "test-user")
-		res, err := s.grpcServer.ListUserAppeals(ctx, req)
+		res, err := s.grpcServer.ListUserAppeals(s.ctx, req)
 
 		s.Equal(codes.Internal, status.Code(err))
 		s.Nil(res)
@@ -370,7 +367,7 @@ func (s *GrpcHandlersSuite) TestCreateAppeal() {
 		s.setup()
 		timeNow := time.Now()
 
-		expectedUser := "user@example.com"
+		expectedUser := "test@example.com"
 		expectedResource := &domain.Resource{
 			ID:           "test-resource-id",
 			ProviderType: "test-provider-type",
@@ -493,8 +490,7 @@ func (s *GrpcHandlersSuite) TestCreateAppeal() {
 			},
 			Description: "The answer is 42",
 		}
-		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, expectedUser)
-		res, err := s.grpcServer.CreateAppeal(ctx, req)
+		res, err := s.grpcServer.CreateAppeal(s.ctx, req)
 
 		s.NoError(err)
 		s.Equal(expectedResponse, res)
@@ -525,8 +521,7 @@ func (s *GrpcHandlersSuite) TestCreateAppeal() {
 		s.appealService.EXPECT().Create(mock.AnythingOfType("*context.valueCtx"), mock.Anything).Return(appeal.ErrAppealDuplicate).Once()
 
 		req := &guardianv1beta1.CreateAppealRequest{}
-		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, "[email protected]")
-		res, err := s.grpcServer.CreateAppeal(ctx, req)
+		res, err := s.grpcServer.CreateAppeal(s.ctx, req)
 
 		s.Equal(codes.AlreadyExists, status.Code(err))
 		s.Nil(res)
@@ -540,8 +535,7 @@ func (s *GrpcHandlersSuite) TestCreateAppeal() {
 		s.appealService.EXPECT().Create(mock.AnythingOfType("*context.valueCtx"), mock.Anything).Return(expectedError).Once()
 
 		req := &guardianv1beta1.CreateAppealRequest{}
-		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, "[email protected]")
-		res, err := s.grpcServer.CreateAppeal(ctx, req)
+		res, err := s.grpcServer.CreateAppeal(s.ctx, req)
 
 		s.Equal(codes.Internal, status.Code(err))
 		s.Nil(res)
@@ -564,8 +558,7 @@ func (s *GrpcHandlersSuite) TestCreateAppeal() {
 			Return(nil).Once()
 
 		req := &guardianv1beta1.CreateAppealRequest{Resources: make([]*guardianv1beta1.CreateAppealRequest_Resource, 1)}
-		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, "[email protected]")
-		res, err := s.grpcServer.CreateAppeal(ctx, req)
+		res, err := s.grpcServer.CreateAppeal(s.ctx, req)
 
 		s.Equal(codes.Internal, status.Code(err))
 		s.Nil(res)
@@ -657,7 +650,7 @@ func (s *GrpcHandlersSuite) TestGetAppeal() {
 				UpdatedAt: timestamppb.New(timeNow),
 			},
 		}
-		s.appealService.EXPECT().GetByID(mock.AnythingOfType("*context.emptyCtx"), expectedID).Return(expectedAppeal, nil).Once()
+		s.appealService.EXPECT().GetByID(mock.AnythingOfType("context.backgroundCtx"), expectedID).Return(expectedAppeal, nil).Once()
 
 		req := &guardianv1beta1.GetAppealRequest{
 			Id: expectedID,
@@ -673,7 +666,7 @@ func (s *GrpcHandlersSuite) TestGetAppeal() {
 		s.setup()
 
 		expectedError := errors.New("random error")
-		s.appealService.EXPECT().GetByID(mock.AnythingOfType("*context.emptyCtx"), mock.Anything).
+		s.appealService.EXPECT().GetByID(mock.AnythingOfType("context.backgroundCtx"), mock.Anything).
 			Return(nil, expectedError).Once()
 
 		req := &guardianv1beta1.GetAppealRequest{
@@ -689,7 +682,7 @@ func (s *GrpcHandlersSuite) TestGetAppeal() {
 	s.Run("should return not found error if appeal not found", func() {
 		s.setup()
 
-		s.appealService.EXPECT().GetByID(mock.AnythingOfType("*context.emptyCtx"), mock.Anything).
+		s.appealService.EXPECT().GetByID(mock.AnythingOfType("context.backgroundCtx"), mock.Anything).
 			Return(nil, nil).Once()
 
 		req := &guardianv1beta1.GetAppealRequest{
@@ -710,7 +703,7 @@ func (s *GrpcHandlersSuite) TestGetAppeal() {
 				"foo": make(chan int),
 			},
 		}
-		s.appealService.EXPECT().GetByID(mock.AnythingOfType("*context.emptyCtx"), mock.Anything).
+		s.appealService.EXPECT().GetByID(mock.AnythingOfType("context.backgroundCtx"), mock.Anything).
 			Return(invalidAppeal, nil).Once()
 
 		req := &guardianv1beta1.GetAppealRequest{
@@ -808,7 +801,7 @@ func (s *GrpcHandlersSuite) TestCancelAppeal() {
 				UpdatedAt: timestamppb.New(timeNow),
 			},
 		}
-		s.appealService.EXPECT().Cancel(mock.AnythingOfType("*context.emptyCtx"), expectedID).Return(expectedAppeal, nil).Once()
+		s.appealService.EXPECT().Cancel(mock.AnythingOfType("context.backgroundCtx"), expectedID).Return(expectedAppeal, nil).Once()
 
 		req := &guardianv1beta1.CancelAppealRequest{
 			Id: expectedID,
@@ -862,7 +855,7 @@ func (s *GrpcHandlersSuite) TestCancelAppeal() {
 			s.Run(tc.name, func() {
 				s.setup()
 
-				s.appealService.EXPECT().Cancel(mock.AnythingOfType("*context.emptyCtx"), mock.Anything).
+				s.appealService.EXPECT().Cancel(mock.AnythingOfType("context.backgroundCtx"), mock.Anything).
 					Return(nil, tc.expectedError).Once()
 
 				req := &guardianv1beta1.CancelAppealRequest{
@@ -885,7 +878,7 @@ func (s *GrpcHandlersSuite) TestCancelAppeal() {
 				"foo": make(chan int),
 			},
 		}
-		s.appealService.EXPECT().Cancel(mock.AnythingOfType("*context.emptyCtx"), mock.Anything).
+		s.appealService.EXPECT().Cancel(mock.AnythingOfType("context.backgroundCtx"), mock.Anything).
 			Return(invalidAppeal, nil).Once()
 
 		req := &guardianv1beta1.CancelAppealRequest{

api/handler/v1beta1/approval_test.go

@@ -23,7 +23,7 @@ func (s *GrpcHandlersSuite) TestListUserApprovals() {
 		s.setup()
 		timeNow := time.Now()
 
-		expectedUser := "test-user"
+		expectedUser := "test@example.com"
 		expectedFilters := &domain.ListApprovalsFilter{
 			CreatedBy: expectedUser,
 			AccountID: "test-account-id",
@@ -119,8 +119,7 @@ func (s *GrpcHandlersSuite) TestListUserApprovals() {
 			Statuses:  []string{"active", "pending"},
 			OrderBy:   []string{"test-order"},
 		}
-		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, expectedUser)
-		res, err := s.grpcServer.ListUserApprovals(ctx, req)
+		res, err := s.grpcServer.ListUserApprovals(s.ctx, req)
 
 		s.NoError(err)
 		s.Equal(expectedResponse, res)
@@ -151,8 +150,7 @@ func (s *GrpcHandlersSuite) TestListUserApprovals() {
 			Return(int64(0), nil).Once()
 
 		req := &guardianv1beta1.ListUserApprovalsRequest{}
-		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, "test-user")
-		res, err := s.grpcServer.ListUserApprovals(ctx, req)
+		res, err := s.grpcServer.ListUserApprovals(s.ctx, req)
 
 		s.Equal(codes.Internal, status.Code(err))
 		s.Nil(res)
@@ -169,8 +167,7 @@ func (s *GrpcHandlersSuite) TestListUserApprovals() {
 			Return(int64(0), expectedError).Once()
 
 		req := &guardianv1beta1.ListUserApprovalsRequest{}
-		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, "test-user")
-		res, err := s.grpcServer.ListUserApprovals(ctx, req)
+		res, err := s.grpcServer.ListUserApprovals(s.ctx, req)
 
 		s.Equal(codes.Internal, status.Code(err))
 		s.Nil(res)
@@ -195,8 +192,7 @@ func (s *GrpcHandlersSuite) TestListUserApprovals() {
 			Return(int64(1), nil).Once()
 
 		req := &guardianv1beta1.ListUserApprovalsRequest{}
-		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, "test-user")
-		res, err := s.grpcServer.ListUserApprovals(ctx, req)
+		res, err := s.grpcServer.ListUserApprovals(s.ctx, req)
 
 		s.Equal(codes.Internal, status.Code(err))
 		s.Nil(res)
@@ -361,7 +357,7 @@ func (s *GrpcHandlersSuite) TestUpdateApproval() {
 		s.setup()
 		timeNow := time.Now()
 
-		expectedUser := "user@example.com"
+		expectedUser := "test@example.com"
 		expectedID := "test-appeal-id"
 		expectedApprovalName := "test-approval-name"
 		expectedAction := "approve"
@@ -463,8 +459,7 @@ func (s *GrpcHandlersSuite) TestUpdateApproval() {
 				Reason: expectedReason,
 			},
 		}
-		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, expectedUser)
-		res, err := s.grpcServer.UpdateApproval(ctx, req)
+		res, err := s.grpcServer.UpdateApproval(s.ctx, req)
 
 		s.NoError(err)
 		s.Equal(expectedResponse, res)
@@ -564,13 +559,11 @@ func (s *GrpcHandlersSuite) TestUpdateApproval() {
 			s.Run(tc.name, func() {
 				s.setup()
 
-				expectedUser := "[email protected]"
 				s.appealService.EXPECT().UpdateApproval(mock.AnythingOfType("*context.valueCtx"), mock.Anything).
 					Return(nil, tc.expectedError).Once()
 
 				req := &guardianv1beta1.UpdateApprovalRequest{}
-				ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, expectedUser)
-				res, err := s.grpcServer.UpdateApproval(ctx, req)
+				res, err := s.grpcServer.UpdateApproval(s.ctx, req)
 
 				s.Equal(tc.expectedStatusCode, status.Code(err))
 				s.Nil(res)
@@ -579,7 +572,7 @@ func (s *GrpcHandlersSuite) TestUpdateApproval() {
 		}
 	})
 
-	s.Run("should return unathenticated error if request is not authenticated", func() {
+	s.Run("should return unauthenticated error if request is not authenticated", func() {
 		s.setup()
 
 		invalidAppeal := &domain.Appeal{
@@ -591,10 +584,10 @@ func (s *GrpcHandlersSuite) TestUpdateApproval() {
 			Return(invalidAppeal, nil).Once()
 
 		req := &guardianv1beta1.UpdateApprovalRequest{}
-		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, "[email protected]")
+		ctx := context.WithValue(context.Background(), authEmailTestContextKey{}, "")
 		res, err := s.grpcServer.UpdateApproval(ctx, req)
 
-		s.Equal(codes.Internal, status.Code(err))
+		s.Equal(codes.Unauthenticated, status.Code(err))
 		s.Nil(res)
 		s.approvalService.AssertExpectations(s.T())
 	})
@@ -635,7 +628,7 @@ func (s *GrpcHandlersSuite) TestAddApprover() {
 			CreatedAt: timeNow,
 			UpdatedAt: timeNow,
 		}
-		s.appealService.EXPECT().AddApprover(mock.AnythingOfType("*context.emptyCtx"), appealID, approvalID, email).Return(expectedAppeal, nil).Once()
+		s.appealService.EXPECT().AddApprover(mock.AnythingOfType("context.backgroundCtx"), appealID, approvalID, email).Return(expectedAppeal, nil).Once()
 		expectedResponse := &guardianv1beta1.AddApproverResponse{
 			Appeal: &guardianv1beta1.Appeal{
 				Id:            expectedAppeal.ID,
@@ -760,7 +753,7 @@ func (s *GrpcHandlersSuite) TestDeleteApprover() {
 			CreatedAt: timeNow,
 			UpdatedAt: timeNow,
 		}
-		s.appealService.EXPECT().DeleteApprover(mock.AnythingOfType("*context.emptyCtx"), appealID, approvalID, email).Return(expectedAppeal, nil).Once()
+		s.appealService.EXPECT().DeleteApprover(mock.AnythingOfType("context.backgroundCtx"), appealID, approvalID, email).Return(expectedAppeal, nil).Once()
 		expectedResponse := &guardianv1beta1.DeleteApproverResponse{
 			Appeal: &guardianv1beta1.Appeal{
 				Id:            expectedAppeal.ID,