From 6adda6dcf6a648bb022edbb82e6ae2f0eeb5c298 Mon Sep 17 00:00:00 2001 From: "Babak K. Shandiz" Date: Mon, 2 Oct 2023 14:20:39 +0100 Subject: [PATCH] Use existing `ToCloudRelation` for mapping accesses to relations Signed-off-by: Babak K. Shandiz --- internal/jimm/cloud.go | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/internal/jimm/cloud.go b/internal/jimm/cloud.go index 710773a49..e5aaa9708 100644 --- a/internal/jimm/cloud.go +++ b/internal/jimm/cloud.go @@ -557,7 +557,7 @@ func (j *JIMM) doCloudAdmin(ctx context.Context, u *openfga.User, ct names.Cloud func (j *JIMM) GrantCloudAccess(ctx context.Context, user *openfga.User, ct names.CloudTag, ut names.UserTag, access string) error { const op = errors.Op("jimm.GrantCloudAccess") - targetRelation, err := cloudAccessToRelation(access) + targetRelation, err := ToCloudRelation(access) if err != nil { return errors.E(op, errors.CodeBadRequest, "failed to recognize given access", err) } @@ -608,7 +608,7 @@ func (j *JIMM) GrantCloudAccess(ctx context.Context, user *openfga.User, ct name func (j *JIMM) RevokeCloudAccess(ctx context.Context, user *openfga.User, ct names.CloudTag, ut names.UserTag, access string) error { const op = errors.Op("jimm.RevokeCloudAccess") - targetRelation, err := cloudAccessToRelation(access) + targetRelation, err := ToCloudRelation(access) if err != nil { return errors.E(op, errors.CodeBadRequest, "failed to recognize given access", err) } @@ -662,15 +662,6 @@ func (j *JIMM) RevokeCloudAccess(ctx context.Context, user *openfga.User, ct nam return nil } -func cloudAccessToRelation(access string) (openfga.Relation, error) { - if access == "admin" { - return ofganames.AdministratorRelation, nil - } else if access == "add-model" { - return ofganames.CanAddModelRelation, nil - } - return ofganames.NoRelation, errors.E(fmt.Sprintf("unknown access: %q", access)) -} - // RemoveCloud removes the given cloud from JAAS If the cloud is not found // then an error with the code CodeNotFound is returned. If the // authenticated user does not have admin access to the cloud then an error