Skip to content

Commit c83e214

Browse files
committed
x/exp/schema/resolved: give Action an Entity attribute
After all, an Action _is_ an Entity, albeit one that can't have attributes or tags. This is convenient for callers who, for example, want to add an Action entity from the schema into an EntityMap. Signed-Off-By: Patrick Jakubowski <patrick.jakubowski@strongdm.com>
1 parent 682b8a0 commit c83e214

File tree

3 files changed

+17
-14
lines changed

3 files changed

+17
-14
lines changed

x/exp/schema/resolved/resolve.go

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -49,9 +49,8 @@ type AppliesTo struct {
4949

5050
// Action is a resolved action definition.
5151
type Action struct {
52-
Name types.String
52+
Entity types.Entity
5353
Annotations Annotations
54-
Parents []types.EntityUID
5554
AppliesTo *AppliesTo
5655
}
5756

@@ -307,13 +306,17 @@ func (r *resolverState) resolveActions(nsName types.Path, actions ast.Actions, r
307306
for name, action := range actions {
308307
actionTypeName := qualifyActionType(nsName)
309308
uid := types.NewEntityUID(actionTypeName, types.String(name))
309+
var parents []types.EntityUID
310+
for _, ref := range action.Parents {
311+
parents = append(parents, resolveActionParentRef(nsName, ref))
312+
}
310313
resolved := Action{
311-
Name: name,
314+
Entity: types.Entity{
315+
UID: uid,
316+
Parents: types.NewEntityUIDSet(parents...),
317+
},
312318
Annotations: Annotations(action.Annotations),
313319
}
314-
for _, ref := range action.Parents {
315-
resolved.Parents = append(resolved.Parents, resolveActionParentRef(nsName, ref))
316-
}
317320
if action.AppliesTo != nil {
318321
at := &AppliesTo{}
319322
for _, p := range action.AppliesTo.Principals {
@@ -523,7 +526,7 @@ func (r *resolverState) validateActionMembership(result *Schema) error {
523526

524527
// Validate references and detect cycles
525528
for uid, action := range result.Actions {
526-
for _, parent := range action.Parents {
529+
for parent := range action.Entity.Parents.All() {
527530
if !actionUIDs[parent] {
528531
return fmt.Errorf("action %s: undefined parent action %s", uid, parent)
529532
}
@@ -542,7 +545,7 @@ func (r *resolverState) validateActionMembership(result *Schema) error {
542545
}
543546
visited[uid] = 1
544547
action := result.Actions[uid]
545-
for _, parent := range action.Parents {
548+
for parent := range action.Entity.Parents.All() {
546549
if err := visit(parent); err != nil {
547550
return err
548551
}

x/exp/schema/resolved/resolve_test.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -356,7 +356,7 @@ func TestResolveActionParents(t *testing.T) {
356356
testutil.OK(t, err)
357357
uid := types.NewEntityUID("Action", "view")
358358
view := result.Actions[uid]
359-
testutil.Equals(t, view.Parents, []types.EntityUID{types.NewEntityUID("Action", "readOnly")})
359+
testutil.Equals(t, view.Entity.Parents, types.NewEntityUIDSet(types.NewEntityUID("Action", "readOnly")))
360360
}
361361

362362
func TestResolveActionCycle(t *testing.T) {
@@ -482,7 +482,7 @@ func TestResolveActionQualifiedParent(t *testing.T) {
482482
testutil.OK(t, err)
483483
uid := types.NewEntityUID("NS::Action", "view")
484484
view := result.Actions[uid]
485-
testutil.Equals(t, view.Parents, []types.EntityUID{types.NewEntityUID("NS::Action", "readOnly")})
485+
testutil.Equals(t, view.Entity.Parents, types.NewEntityUIDSet(types.NewEntityUID("NS::Action", "readOnly")))
486486
}
487487

488488
func TestResolveActionContextNull(t *testing.T) {

x/exp/schema/schema_test.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -556,15 +556,15 @@ var wantResolved = &resolved.Schema{
556556
},
557557
Actions: map[types.EntityUID]resolved.Action{
558558
types.NewEntityUID("Action", "audit"): {
559-
Name: "audit",
559+
Entity: types.Entity{UID: types.NewEntityUID("Action", "audit"), Parents: types.NewEntityUIDSet()},
560560
AppliesTo: &resolved.AppliesTo{
561561
Principals: []types.EntityType{"Admin"},
562562
Resources: []types.EntityType{"MyApp::Document", "System"},
563563
Context: resolved.RecordType{},
564564
},
565565
},
566566
types.NewEntityUID("MyApp::Action", "edit"): {
567-
Name: "edit",
567+
Entity: types.Entity{UID: types.NewEntityUID("MyApp::Action", "edit"), Parents: types.NewEntityUIDSet()},
568568
Annotations: resolved.Annotations{"doc": "View or edit document"},
569569
AppliesTo: &resolved.AppliesTo{
570570
Principals: []types.EntityType{"MyApp::User"},
@@ -576,15 +576,15 @@ var wantResolved = &resolved.Schema{
576576
},
577577
},
578578
types.NewEntityUID("MyApp::Action", "manage"): {
579-
Name: "manage",
579+
Entity: types.Entity{UID: types.NewEntityUID("MyApp::Action", "manage"), Parents: types.NewEntityUIDSet()},
580580
AppliesTo: &resolved.AppliesTo{
581581
Principals: []types.EntityType{"MyApp::User"},
582582
Resources: []types.EntityType{"MyApp::Document", "MyApp::Group"},
583583
Context: resolved.RecordType{},
584584
},
585585
},
586586
types.NewEntityUID("MyApp::Action", "view"): {
587-
Name: "view",
587+
Entity: types.Entity{UID: types.NewEntityUID("MyApp::Action", "view"), Parents: types.NewEntityUIDSet()},
588588
Annotations: resolved.Annotations{"doc": "View or edit document"},
589589
AppliesTo: &resolved.AppliesTo{
590590
Principals: []types.EntityType{"MyApp::User"},

0 commit comments

Comments
 (0)